upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-18 12:42:54 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- Fix Race Condition in autr_tp_create(),

Browse source 
reported by X41 D-Sec.
This commit is contained in:
W.C.A. Wijngaards 2019-11-20 11:01:56 +01:00
parent d79d75538b
commit 1fa40654d2
2 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
doc/Changelog
View file

@ -1,6 +1,8 @@
20 November 2019: Wouter
- Fix Out of Bounds Read in rrinternal_get_owner(),
reported by X41 D-Sec.
- Fix Race Condition in autr_tp_create(),
reported by X41 D-Sec.
19 November 2019: Wouter
- Fix CVE-2019-18934, shell execution in ipsecmod.

2
validator/autotrust.c
View file

@ -370,10 +370,10 @@ autr_tp_create(struct val_anchors* anchors, uint8_t* own, size_t own_len,
free(tp);
return NULL;
}
lock_basic_unlock(&anchors->lock);
lock_basic_init(&tp->lock);
lock_protect(&tp->lock, tp, sizeof(*tp));
lock_protect(&tp->lock, tp->autr, sizeof(*tp->autr));
lock_basic_unlock(&anchors->lock);
return tp;
}