[src/netbsd-6-1]: src/external/bsd/bind/dist/bin/named Pull up following revi...

[bouyer <bouyer%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/d78c94f20764
branches:  netbsd-6-1
changeset: 775910:d78c94f20764
user:      bouyer <bouyer%NetBSD.org@localhost>
date:      Wed Jan 15 10:06:40 2014 +0000

description:
Pull up following revision(s) (requested by spz in ticket #1016):
        external/bsd/bind/dist/bin/named/query.c: revision 1.13 via patch
a fix by ISC for CVE-2014-0591:
3693.  [security]      memcpy was incorrectly called with overlapping
                       ranges resulting in malformed names being generated
                       on some platforms.  This could cause INSIST failures
                       when serving NSEC3 signed zones.  [RT #35120]

diffstat:

 external/bsd/bind/dist/bin/named/query.c |  21 +++++++++++++--------
 1 files changed, 13 insertions(+), 8 deletions(-)

diffs (59 lines):

diff -r 0dc20bc4e5be -r d78c94f20764 external/bsd/bind/dist/bin/named/query.c
--- a/external/bsd/bind/dist/bin/named/query.c  Sun Jan 12 16:06:49 2014 +0000
+++ b/external/bsd/bind/dist/bin/named/query.c  Wed Jan 15 10:06:40 2014 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: query.c,v 1.7.2.3 2012/12/15 05:39:25 riz Exp $        */
+/*     $NetBSD: query.c,v 1.7.2.3.2.1 2014/01/15 10:06:40 bouyer Exp $ */
 
 /*
  * Copyright (C) 2004-2012  Internet Systems Consortium, Inc. ("ISC")
@@ -5145,8 +5145,7 @@
        dns_fixedname_t fixed;
        dns_hash_t hash;
        dns_name_t name;
-       int order;
-       unsigned int count;
+       unsigned int skip = 0, labels;
        dns_rdata_nsec3_t nsec3;
        dns_rdata_t rdata = DNS_RDATA_INIT;
        isc_boolean_t optout;
@@ -5161,6 +5160,7 @@
 
        dns_name_init(&name, NULL);
        dns_name_clone(qname, &name);
+       labels = dns_name_countlabels(&name);
        dns_clientinfomethods_init(&cm, ns_client_sourceip);
        dns_clientinfo_init(&ci, client);
 
@@ -5194,13 +5194,14 @@
                dns_rdata_reset(&rdata);
                optout = ISC_TF((nsec3.flags & DNS_NSEC3FLAG_OPTOUT) != 0);
                if (found != NULL && optout &&
-                   dns_name_fullcompare(&name, dns_db_origin(db), &order,
-                                        &count) == dns_namereln_subdomain) {
+                   dns_name_issubdomain(&name, dns_db_origin(db)))
+               {
                        dns_rdataset_disassociate(rdataset);
                        if (dns_rdataset_isassociated(sigrdataset))
                                dns_rdataset_disassociate(sigrdataset);
-                       count = dns_name_countlabels(&name) - 1;
-                       dns_name_getlabelsequence(&name, 1, count, &name);
+                       skip++;
+                       dns_name_getlabelsequence(qname, skip, labels - skip,
+                                                 &name);
                        ns_client_log(client, DNS_LOGCATEGORY_DNSSEC,
                                      NS_LOGMODULE_QUERY, ISC_LOG_DEBUG(3),
                                      "looking for closest provable encloser");
@@ -5218,7 +5219,11 @@
                ns_client_log(client, DNS_LOGCATEGORY_DNSSEC,
                              NS_LOGMODULE_QUERY, ISC_LOG_WARNING,
                              "expected covering NSEC3, got an exact match");
-       if (found != NULL)
+       if (found == qname) {
+               if (skip != 0U)
+                       dns_name_getlabelsequence(qname, skip, labels - skip,
+                                                 found);
+       } else if (found != NULL)
                dns_name_copy(&name, found, NULL);
        return;
 }