From 6106ed6841b253c78c6120be24c8722d6310a9b9 Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Tue, 31 Jan 2017 11:20:03 +1100
Subject: [PATCH] add a REQUIRE to catch the NULL pointer dereference that
 triggered CVE-2017-3135

CVE: CVE-2017-3135
Upstream-Status: Backport [backport from remotes/origin/v9_10]

(cherry picked from commit 1d8995d226d8bca96b8ba286316018be4b7835f2)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
 lib/dns/rdataset.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/dns/rdataset.c b/lib/dns/rdataset.c
index 1870394..79bcecb 100644
--- a/lib/dns/rdataset.c
+++ b/lib/dns/rdataset.c
@@ -338,6 +338,7 @@ towiresorted(dns_rdataset_t *rdataset, const dns_name_t *owner_name,
 	 */
 
 	REQUIRE(DNS_RDATASET_VALID(rdataset));
+	REQUIRE(rdataset->methods != NULL);
 	REQUIRE(countp != NULL);
 	REQUIRE((order == NULL) == (order_arg == NULL));
 	REQUIRE(cctx != NULL && cctx->mctx != NULL);
-- 
1.9.1