upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
bind9/bin
History
Ondřej Surý 4c33f83a45
Fix update-policy per-type max quota bypass via counter desynchronization 
The prescan and main update loops in DNS UPDATE processing both used the
same counter to index the maxbytype[] quota array.  The prescan loop
always incremented the counter, but the main loop had 14 continue paths
that skipped the increment.  This allowed an authenticated DDNS client to
craft an UPDATE message with padding records (e.g. CNAME+A pairs that
trigger CNAME-conflict skips) to shift the counter and read wrong quota
entries, bypassing per-type record limits entirely.

Fix by incrementing the counter unconditionally at the start of each
iteration in the main loop.

(cherry picked from commit bac40394d5)
2026-03-30 11:11:46 +02:00
..
check standardize CHECK and RETERR macros 2025-12-03 19:17:20 -08:00
confgen Remove redundant parentheses from the return statement 2024-11-19 14:26:52 +01:00
delv Use const pointer with strchr of const pointer 2026-01-20 06:00:50 +00:00
dig Add examples to the dig man page 2026-02-22 16:21:13 +00:00
dnssec Fix dnssec-signzone usage output 2026-03-23 10:44:57 +00:00
named Merge tag 'v9.20.21' into bind-9.20 2026-03-25 14:24:13 +00:00
nsupdate Rename isc_net_getudpportrange() to isc_net_getportrange() 2026-02-20 17:02:45 +01:00
plugins standardize CHECK and RETERR macros 2025-12-03 19:17:20 -08:00
rndc List 'rndc dnssec' arguments in alphabetic order 2026-02-18 14:20:53 +00:00
tests Fix update-policy per-type max quota bypass via counter desynchronization 2026-03-30 11:11:46 +02:00
tools Rename isc_net_getudpportrange() to isc_net_getportrange() 2026-02-20 17:02:45 +01:00
Makefile.am Remove native PKCS#11 support 2021-09-09 15:35:39 +02:00