Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-6]: src/dist/bind/bin/named Pull up revision 1.4 (requested by ...
details: https://anonhg.NetBSD.org/src/rev/ee257bab55d5
branches: netbsd-1-6
changeset: 528130:ee257bab55d5
user: lukem <lukem%NetBSD.org@localhost>
date: Fri Jun 28 11:29:57 2002 +0000
description:
Pull up revision 1.4 (requested by itojun in ticket #387):
Update to BIND 8.3.3. Fixes buffer overrun in resolver code.
diffstat:
dist/bind/bin/named/db_glue.c | 75 ++++++++++++++----------------
dist/bind/bin/named/db_ixfr.c | 103 ++++++++++++++++++++++++++++++-----------
2 files changed, 110 insertions(+), 68 deletions(-)
diffs (truncated from 391 to 300 lines):
diff -r be45d9cab644 -r ee257bab55d5 dist/bind/bin/named/db_glue.c
--- a/dist/bind/bin/named/db_glue.c Fri Jun 28 11:29:48 2002 +0000
+++ b/dist/bind/bin/named/db_glue.c Fri Jun 28 11:29:57 2002 +0000
@@ -1,8 +1,8 @@
-/* $NetBSD: db_glue.c,v 1.3 2001/01/27 07:21:58 itojun Exp $ */
+/* $NetBSD: db_glue.c,v 1.3.2.1 2002/06/28 11:29:57 lukem Exp $ */
#if !defined(lint) && !defined(SABER)
static const char sccsid[] = "@(#)db_glue.c 4.4 (Berkeley) 6/1/90";
-static const char rcsid[] = "Id: db_glue.c,v 8.42 2000/12/23 08:14:35 vixie Exp";
+static const char rcsid[] = "Id: db_glue.c,v 8.47 2002/05/18 01:02:54 marka Exp";
#endif /* not lint */
/*
@@ -147,8 +147,8 @@
for (slp = servicelist; slp != NULL; slp = slp_next) {
slp_next = slp->next;
- freestr(slp->name);
- freestr(slp->proto);
+ slp->name = freestr(slp->name);
+ slp->proto = freestr(slp->proto);
memput(slp, sizeof *slp);
}
servicelist = NULL;
@@ -185,7 +185,7 @@
for (plp = protolist; plp != NULL; plp = plp_next) {
plp_next = plp->next;
- freestr(plp->name);
+ plp->name = freestr(plp->name);
memput(plp, sizeof *plp);
}
protolist = NULL;
@@ -356,31 +356,7 @@
} else
dp->d_next = NULL;
dp->d_flags &= ~DB_F_ACTIVE;
- DRCNTDEC(dp);
- if (dp->d_rcnt) {
-#ifdef DEBUG
- int32_t ii;
-#endif
-
- switch(dp->d_type) {
- case T_NS:
- ns_debug(ns_log_db, 3, "rm_datum: %s rcnt = %d",
- dp->d_data, dp->d_rcnt);
- break;
-#ifdef DEBUG
- case T_A:
- memcpy(&ii, dp->d_data, sizeof ii);
- ns_debug(ns_log_db, 3,
- "rm_datum: %08.8X rcnt = %d",
- ii, dp->d_rcnt);
- break;
-#endif
- default:
- ns_debug(ns_log_db, 3,
- "rm_datum: rcnt = %d", dp->d_rcnt);
- }
- } else
- db_freedata(dp);
+ db_detach(&dp);
return (ndp);
}
@@ -395,8 +371,8 @@
const char *msg;
/* verify */
- if ( (np->n_data && (msg = "data"))
- || (np->n_hash && (msg = "hash"))
+ if ( (np->n_data != NULL && (msg = "data") != NULL)
+ || (np->n_hash != NULL && (msg = "hash") != NULL)
) {
ns_panic(ns_log_db, 1, "rm_name(%p(%s)): non-nil %s pointer",
np, NAME(*np), msg);
@@ -465,9 +441,9 @@
return (hval);
}
-void
+static void
db_freedata(struct databuf *dp) {
- int bytes = DATASIZE(dp->d_size);
+ int bytes = BIND_DATASIZE(dp->d_size);
if (dp->d_rcnt != 0)
panic("db_freedata: d_rcnt != 0", NULL);
@@ -478,9 +454,28 @@
if (dp->d_next != NULL)
panic("db_free: d_next != NULL", NULL);
dp->d_flags |= DB_F_FREE;
+#ifdef CHECK_MAGIC
+ dp->d_magic = 0;
+#endif
memput(dp, bytes);
}
+void
+db_detach(struct databuf **dpp) {
+ struct databuf *dp;
+
+ INSIST(dpp != NULL && *dpp != NULL);
+ dp = *dpp;
+#ifdef CHECK_MAGIC
+ INSIST(dp->d_magic == DATABUF_MAGIC);
+#endif
+
+ DRCNTDEC(dp);
+ if (dp->d_rcnt == 0)
+ db_freedata(dp);
+ *dpp = NULL;
+}
+
struct lame_hash {
struct lame_hash *next;
char *zone;
@@ -552,9 +547,9 @@
this->zone = savestr(zone, 0);
if (this->server == NULL || this->zone == NULL) {
if (this->server != NULL)
- freestr(this->server);
+ this->server = freestr(this->server);
if (this->zone != NULL)
- freestr(this->zone);
+ this->zone = freestr(this->zone);
memput(this, sizeof *this);
return;
}
@@ -604,8 +599,8 @@
this = lame_hash[i];
while (this != NULL) {
if (this->when < tt.tv_sec) {
- freestr(this->zone);
- freestr(this->server);
+ this->zone = freestr(this->zone);
+ this->server = freestr(this->server);
if (last != NULL) {
last->next = this->next;
memput(this, sizeof *this);
@@ -637,8 +632,8 @@
while (this != NULL) {
last = this;
this = this->next;
- freestr(last->zone);
- freestr(last->server);
+ last->zone = freestr(last->zone);
+ last->server = freestr(last->server);
memput(last, sizeof *this);
}
}
diff -r be45d9cab644 -r ee257bab55d5 dist/bind/bin/named/db_ixfr.c
--- a/dist/bind/bin/named/db_ixfr.c Fri Jun 28 11:29:48 2002 +0000
+++ b/dist/bind/bin/named/db_ixfr.c Fri Jun 28 11:29:57 2002 +0000
@@ -1,7 +1,7 @@
-/* $NetBSD: db_ixfr.c,v 1.3 2001/05/17 22:59:39 itojun Exp $ */
+/* $NetBSD: db_ixfr.c,v 1.3.2.1 2002/06/28 11:30:07 lukem Exp $ */
#if !defined(lint) && !defined(SABER)
-static char rcsid[] = "Id: db_ixfr.c,v 8.23.2.2 2001/05/03 03:53:18 marka Exp";
+static char rcsid[] = "Id: db_ixfr.c,v 8.31 2002/01/02 04:47:10 marka Exp";
#endif
/*
@@ -54,6 +54,7 @@
#include <isc/eventlib.h>
#include <isc/logging.h>
#include <isc/memcluster.h>
+#include <isc/misc.h>
#include "port_after.h"
@@ -110,25 +111,29 @@
case DBIXFR_ERROR:
ns_warning(ns_log_db, "Logical error in %s: unlinking",
zp->z_ixfr_base);
+ if (fp != NULL) {
+ (void) my_fclose(fp);
+ fp = NULL;
+ }
unlink(zp->z_ixfr_base);
goto cleanup;
case DBIXFR_FOUND_RR:
- ns_debug(ns_log_default, 4, "ixfr_getdelta DBIXFR_FOUND_RR (%s)",
- zp->z_origin);
+ ns_debug(ns_log_default, 4,
+ "ixfr_getdelta DBIXFR_FOUND_RR (%s)",
+ zp->z_origin);
if (EMPTY(*dlhead)) {
/* skip updates prior to the one we want */
uprec = HEAD(dl->d_changes);
INSIST(uprec != NULL);
- if ((uprec->r_zone < from_serial) ||
- (uprec->r_zone > to_serial))
+ if (SEQ_LT(uprec->r_zone, from_serial) ||
+ SEQ_GT(uprec->r_zone, to_serial))
{
while ((uprec = HEAD(dl->d_changes)) != NULL) {
UNLINK(dl->d_changes, uprec, r_link);
if (uprec->r_dp != NULL)
- db_freedata(uprec->r_dp);
- uprec->r_dp = NULL;
+ db_detach(&uprec->r_dp);
res_freeupdrec(uprec);
}
memput(dl, sizeof *dl);
@@ -176,7 +181,7 @@
UNLINK(dl->d_changes, uprec, r_link);
if (uprec->r_dp != NULL)
- db_freedata(uprec->r_dp);
+ db_detach(&uprec->r_dp);
uprec->r_dp = NULL;
res_freeupdrec(uprec);
}
@@ -375,8 +380,9 @@
char data[MAXDATA], dnbuf[MAXDNAME], sclass[3];
char *dname, *cp, *cp1;
char buf[MAXDATA];
- u_int32_t serial, ttl;
- u_int32_t current_serial;
+ long unsigned lutmp;
+ u_int32_t serial = 0, ttl;
+ u_int32_t current_serial = 0;
int nonempty_lineno = -1, prev_pktdone = 0, cont = 0,
inside_next = 0;
int id;
@@ -386,7 +392,6 @@
enum transport transport;
struct map *mp;
int zonelist[MAXDNAME];
- struct databuf *dp;
struct in_addr ina;
int datasize;
ns_updrec * rrecp;
@@ -397,7 +402,19 @@
err = 0;
transport = primary_trans;
lineno = 1;
+ zonenum = 0;
+
+ /*
+ * Look for serial if "first" call othewise use new_serial to
+ * for current_serial.
+ */
+ if (*old_serial == *new_serial && *old_serial == 0)
+ current_serial = 0;
+ else
+ current_serial = *new_serial;
+
for (;;) {
+ dname = NULL;
if (!getword(buf, sizeof buf, fp, 0)) {
if (lineno == (nonempty_lineno + 1) && !(feof(fp))) {
/*
@@ -477,13 +494,15 @@
class = zp->z_class;
n = 0;
data[0] = '\0';
+ opcode = -1;
switch (section) {
case S_ZONE:
cp = fgets(buf, sizeof buf, fp);
if (!cp)
*buf = '\0';
n = sscanf(cp, "origin %s class %s serial %lu",
- origin, sclass, &serial);
+ origin, sclass, &lutmp);
+ serial = lutmp;
if (current_serial == 0)
current_serial = serial;
else if (current_serial != serial) {
@@ -503,8 +522,7 @@
dname = origin;
type = T_SOA;
- class = sym_ston(__p_class_syms, sclass,
- &success);
+ class = res_nametoclass(sclass, &success);
if (!success) {
err++;
break;
@@ -524,7 +542,6 @@
err++;
break;
}
- opcode = -1;
if (buf[0] == '{') {
n = strlen(buf);
for (i = 0; (u_int32_t) i < n; i++)
@@ -569,8 +586,7 @@
int success;
int maybe_class;
- maybe_class = sym_ston(__p_class_syms,
- buf, &success);
Home |
Main Index |
Thread Index |
Old Index