Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-1-6]: src/dist/bind/lib/nameser Pull up revision 1.3 (requested b...

details:   https://anonhg.NetBSD.org/src/rev/0a682374d65c
branches:  netbsd-1-6
changeset: 528234:0a682374d65c
user:      lukem <lukem%NetBSD.org@localhost>
date:      Fri Jun 28 11:57:09 2002 +0000

description:
Pull up revision 1.3 (requested by itojun in ticket #387):
Update to BIND 8.3.3.  Fixes buffer overrun in resolver code.

diffstat:

 dist/bind/lib/nameser/ns_sign.c   |  36 ++++++++++++++++++++++++++++--------
 dist/bind/lib/nameser/ns_verify.c |   9 +++++----
 2 files changed, 33 insertions(+), 12 deletions(-)

diffs (136 lines):

diff -r 3a5e4a72cc2c -r 0a682374d65c dist/bind/lib/nameser/ns_sign.c
--- a/dist/bind/lib/nameser/ns_sign.c   Fri Jun 28 11:56:42 2002 +0000
+++ b/dist/bind/lib/nameser/ns_sign.c   Fri Jun 28 11:57:09 2002 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ns_sign.c,v 1.2 2001/01/27 07:22:05 itojun Exp $       */
+/*     $NetBSD: ns_sign.c,v 1.2.2.1 2002/06/28 11:57:09 lukem Exp $    */
 
 /*
  * Copyright (c) 1999 by Internet Software Consortium, Inc.
@@ -18,7 +18,7 @@
  */
 
 #ifndef lint
-static const char rcsid[] = "Id: ns_sign.c,v 8.9 2000/12/23 08:14:57 vixie Exp";
+static const char rcsid[] = "Id: ns_sign.c,v 8.11 2002/04/30 03:43:55 marka Exp";
 #endif
 
 /* Import. */
@@ -78,6 +78,16 @@
        const u_char *querysig, int querysiglen, u_char *sig, int *siglen,
        time_t in_timesigned)
 {
+       return(ns_sign2(msg, msglen, msgsize, error, k,
+                       querysig, querysiglen, sig, siglen,
+                       in_timesigned, NULL, NULL));
+}
+
+int
+ns_sign2(u_char *msg, int *msglen, int msgsize, int error, void *k,
+        const u_char *querysig, int querysiglen, u_char *sig, int *siglen,
+        time_t in_timesigned, u_char **dnptrs, u_char **lastdnptr)
+{
        HEADER *hp = (HEADER *)msg;
        DST_KEY *key = (DST_KEY *)k;
        u_char *cp = msg + *msglen, *eob = msg + msgsize;
@@ -92,7 +102,7 @@
 
        /* Name. */
        if (key != NULL && error != ns_r_badsig && error != ns_r_badkey)
-               n = dn_comp(key->dk_key_name, cp, eob - cp, NULL, NULL);
+               n = dn_comp(key->dk_key_name, cp, eob - cp, dnptrs, lastdnptr);
        else
                n = dn_comp("", cp, eob - cp, NULL, NULL);
        if (n < 0)
@@ -235,7 +245,7 @@
        state->key = k;
        if (state->key->dk_alg != KEY_HMAC_MD5)
                return (-ns_r_badkey);
-       if (querysiglen > sizeof(state->sig))
+       if (querysiglen > (int)sizeof(state->sig))
                return (-1);
        memcpy(state->sig, querysig, querysiglen);
        state->siglen = querysiglen;
@@ -246,6 +256,15 @@
 ns_sign_tcp(u_char *msg, int *msglen, int msgsize, int error,
            ns_tcp_tsig_state *state, int done)
 {
+       return (ns_sign_tcp2(msg, msglen, msgsize, error, state,
+                            done, NULL, NULL));
+}
+
+int
+ns_sign_tcp2(u_char *msg, int *msglen, int msgsize, int error,
+            ns_tcp_tsig_state *state, int done,
+            u_char **dnptrs, u_char **lastdnptr)
+{
        u_char *cp, *eob, *lenp;
        u_char buf[MAXDNAME], *cp2;
        HEADER *hp = (HEADER *)msg;
@@ -257,9 +276,10 @@
 
        state->counter++;
        if (state->counter == 0)
-               return (ns_sign(msg, msglen, msgsize, error, state->key,
-                               state->sig, state->siglen,
-                               state->sig, &state->siglen, 0));
+               return (ns_sign2(msg, msglen, msgsize, error, state->key,
+                                state->sig, state->siglen,
+                                state->sig, &state->siglen, 0,
+                                dnptrs, lastdnptr));
 
        if (state->siglen > 0) {
                u_int16_t siglen_n = htons(state->siglen);
@@ -282,7 +302,7 @@
        eob = msg + msgsize;
 
        /* Name. */
-       n = dn_comp(state->key->dk_key_name, cp, eob - cp, NULL, NULL);
+       n = dn_comp(state->key->dk_key_name, cp, eob - cp, dnptrs, lastdnptr);
        if (n < 0)
                return (NS_TSIG_ERROR_NO_SPACE);
        cp += n;
diff -r 3a5e4a72cc2c -r 0a682374d65c dist/bind/lib/nameser/ns_verify.c
--- a/dist/bind/lib/nameser/ns_verify.c Fri Jun 28 11:56:42 2002 +0000
+++ b/dist/bind/lib/nameser/ns_verify.c Fri Jun 28 11:57:09 2002 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ns_verify.c,v 1.2 2001/01/27 07:22:05 itojun Exp $     */
+/*     $NetBSD: ns_verify.c,v 1.2.2.1 2002/06/28 11:57:18 lukem Exp $  */
 
 /*
  * Copyright (c) 1999 by Internet Software Consortium, Inc.
@@ -18,7 +18,7 @@
  */
 
 #ifndef lint
-static const char rcsid[] = "Id: ns_verify.c,v 8.13 2000/03/29 15:55:00 bwelling Exp";
+static const char rcsid[] = "Id: ns_verify.c,v 8.14 2001/05/29 05:49:40 marka Exp";
 #endif
 
 /* Import. */
@@ -39,6 +39,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <time.h>
 #include <unistd.h>
 
 #include <isc/dst.h>
@@ -330,7 +331,7 @@
        state->key = k;
        if (state->key->dk_alg != KEY_HMAC_MD5)
                return (-ns_r_badkey);
-       if (querysiglen > sizeof(state->sig))
+       if (querysiglen > (int)sizeof(state->sig))
                return (-1);
        memcpy(state->sig, querysig, querysiglen);
        state->siglen = querysiglen;
@@ -343,7 +344,7 @@
 {
        HEADER *hp = (HEADER *)msg;
        u_char *recstart, *rdatastart, *sigstart;
-       int sigfieldlen, otherfieldlen;
+       unsigned int sigfieldlen, otherfieldlen;
        u_char *cp, *eom = msg + *msglen, *cp2;
        char name[MAXDNAME], alg[MAXDNAME];
        u_char buf[MAXDNAME];
Home | Main Index | Thread Index | Old Index