mirror of
https://github.com/isc-projects/bind9.git
synced 2026-05-27 03:46:03 -04:00
51774decd2
strtottl() parsed the operator's TTL string with strtol() and assigned the long directly to dns_ttl_t (uint32_t) with no sign or ERANGE check. The only validation was the "no digits parsed" branch, so a fully-consumed "-1" became UINT32_MAX (~136 years) and was silently written into DNSKEY/key files by dnssec-keygen -L, dnssec-signzone -t, dnssec-settime -L, etc. Any signing pipeline interpolating the TTL from a variable could mint a key with a multi-decade TTL and never see an error. Switch to strtoul(), reject a leading '-' explicitly (strtoul silently negates), check errno == ERANGE, and reject values exceeding UINT32_MAX before handing the result to time_units(). The pre-existing multiplication wrap inside time_units() is tracked separately. Assisted-by: Claude:claude-opus-4-7 |
||
|---|---|---|
| .. | ||
| signer | ||
| algroll.dnskey | ||
| dsset-algroll. | ||
| revkey.dnskey | ||
| tests.sh | ||
| tests_sh_dnssectools.py | ||