Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-6]: src/dist/bind/bin/named Pull up revision 1.4 (requested by ...
details: https://anonhg.NetBSD.org/src/rev/cedcfe6a02f5
branches: netbsd-1-6
changeset: 528154:cedcfe6a02f5
user: lukem <lukem%NetBSD.org@localhost>
date: Fri Jun 28 11:35:44 2002 +0000
description:
Pull up revision 1.4 (requested by itojun in ticket #387):
Update to BIND 8.3.3. Fixes buffer overrun in resolver code.
diffstat:
dist/bind/bin/named/ns_xfr.c | 54 ++++++++++++++++++++++++-------------------
1 files changed, 30 insertions(+), 24 deletions(-)
diffs (149 lines):
diff -r 72215df56f91 -r cedcfe6a02f5 dist/bind/bin/named/ns_xfr.c
--- a/dist/bind/bin/named/ns_xfr.c Fri Jun 28 11:35:33 2002 +0000
+++ b/dist/bind/bin/named/ns_xfr.c Fri Jun 28 11:35:44 2002 +0000
@@ -1,7 +1,7 @@
-/* $NetBSD: ns_xfr.c,v 1.3 2001/05/17 22:59:40 itojun Exp $ */
+/* $NetBSD: ns_xfr.c,v 1.3.2.1 2002/06/28 11:35:44 lukem Exp $ */
#if !defined(lint) && !defined(SABER)
-static const char rcsid[] = "Id: ns_xfr.c,v 8.64 2001/02/15 00:18:46 marka Exp";
+static const char rcsid[] = "Id: ns_xfr.c,v 8.69 2002/06/05 03:53:49 marka Exp";
#endif /* not lint */
/*
@@ -84,15 +84,21 @@
ns_deltalist *changes;
switch (type) {
+ case ns_t_ixfr:
+ ns_info(ns_log_xfer_out,
+ "zone transfer (%s) of \"%s\" (%s) to %s serial %u -> %u",
+ p_type(type), zones[zone].z_origin, p_class(class),
+ sin_ntoa(qsp->s_from), serial_ixfr,
+ zones[zone].z_serial);
+ break;
case ns_t_axfr: /*FALLTHROUGH*/
- case ns_t_ixfr:
#ifdef BIND_ZXFR
case ns_t_zxfr:
#endif
ns_info(ns_log_xfer_out,
- "zone transfer (%s) of \"%s\" (%s) to %s",
+ "zone transfer (%s) of \"%s\" (%s) to %s serial %u",
p_type(type), zones[zone].z_origin, p_class(class),
- sin_ntoa(qsp->s_from));
+ sin_ntoa(qsp->s_from), zones[zone].z_serial);
break;
default:
ns_warning(ns_log_xfer_out,
@@ -109,7 +115,7 @@
* write() data from us.
*/
(void) setsockopt(qsp->s_rfd, SOL_SOCKET, SO_SNDBUF,
- (char *)&sndbuf, sizeof sndbuf);
+ (const char *)&sndbuf, sizeof sndbuf);
#endif
#ifdef SO_SNDLOWAT
/*
@@ -117,7 +123,7 @@
* an XFER_BUFSIZE block of data.
*/
(void) setsockopt(qsp->s_rfd, SOL_SOCKET, SO_SNDLOWAT,
- (char *)&sndlowat, sizeof sndlowat);
+ (const char *)&sndlowat, sizeof sndlowat);
#endif
if (sq_openw(qsp, 64*1024) == -1) {
ns_error(ns_log_xfer_out, "ns_xfr: out of memory");
@@ -182,13 +188,15 @@
qsp->xfr.transfer_format = si->transfer_format;
else
qsp->xfr.transfer_format = server_options->transfer_format;
- if (in_tsig == NULL)
+ if (in_tsig == NULL) {
qsp->xfr.tsig_state = NULL;
- else {
+ qsp->xfr.tsig_size = 0;
+ } else {
qsp->xfr.tsig_state = memget(sizeof(ns_tcp_tsig_state));
ns_sign_tcp_init(in_tsig->key, in_tsig->sig, in_tsig->siglen,
qsp->xfr.tsig_state);
qsp->xfr.tsig_skip = 0;
+ qsp->xfr.tsig_size = in_tsig->tsig_size;
}
if (type == ns_t_ixfr) {
@@ -265,8 +273,7 @@
while ((rp = HEAD(dp->d_changes)) != NULL) {
UNLINK(dp->d_changes, rp, r_link);
if (rp->r_dp != NULL)
- db_freedata(rp->r_dp);
- rp->r_dp = NULL;
+ db_detach(&rp->r_dp);
res_freeupdrec(rp);
}
memput(dp, sizeof *dp);
@@ -276,6 +283,10 @@
}
while (qsp->xfr.lev)
qsp->xfr.lev = sx_freelev(qsp->xfr.lev);
+ if (qsp->xfr.tsig_state != NULL) {
+ memput(qsp->xfr.tsig_state, sizeof(ns_tcp_tsig_state));
+ qsp->xfr.tsig_state = NULL;
+ }
zones[qsp->xfr.zone].z_numxfrs--;
qsp->flags &= ~(STREAM_AXFR | STREAM_AXFRIXFR);
}
@@ -392,14 +403,15 @@
}
}
- n = make_rr(dname, dp, qsp->xfr.cp, qsp->xfr.eom - qsp->xfr.cp,
- 0, qsp->xfr.ptrs, edp, 0);
+ n = make_rr(dname, dp, qsp->xfr.cp, qsp->xfr.eom - qsp->xfr.cp -
+ qsp->xfr.tsig_size, 0, qsp->xfr.ptrs, edp, 0);
if (n < 0) {
if (sx_flush(qsp) < 0)
return (-1);
if (qsp->xfr.cp == NULL)
sx_newmsg(qsp);
- n = make_rr(dname, dp, qsp->xfr.cp, qsp->xfr.eom - qsp->xfr.cp,
+ n = make_rr(dname, dp, qsp->xfr.cp, qsp->xfr.eom -
+ qsp->xfr.cp - qsp->xfr.tsig_size,
0, qsp->xfr.ptrs, edp, 0);
INSIST(n >= 0);
}
@@ -418,7 +430,7 @@
* side effects:
* if progress was made, header and pointers will be advanced.
*/
-int
+static int
sx_soarr(struct qstream *qsp) {
struct databuf *dp;
int added_soa = 0;
@@ -842,11 +854,8 @@
sx_freelev(struct qs_x_lev *lev) {
struct qs_x_lev *next = lev->next;
- if (lev->dp) {
- DRCNTDEC(lev->dp);
- if (lev->dp->d_rcnt == 0)
- db_freedata(lev->dp);
- }
+ if (lev->dp)
+ db_detach(&lev->dp);
memput(lev, sizeof *lev);
return (next);
}
@@ -855,10 +864,7 @@
db_next(struct databuf *dp) {
struct databuf *next = dp->d_next;
- DRCNTDEC(dp);
- if (dp->d_rcnt == 0)
- db_freedata(dp);
-
+ db_detach(&dp);
if (next)
DRCNTINC(next);
Home |
Main Index |
Thread Index |
Old Index