summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch')
-rw-r--r--meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch78
1 files changed, 78 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch b/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch
new file mode 100644
index 0000000..4a2c15f
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch
@@ -0,0 +1,78 @@
1From 76c3c9fe9f3f1353b47214b8f98b3d7f53e10bc7 Mon Sep 17 00:00:00 2001
2From: Mukund Sivaraman <muks@isc.org>
3Date: Mon, 22 Feb 2016 12:22:43 +0530
4Subject: [PATCH] Fix resolver assertion failure due to improper DNAME handling
5 (CVE-2016-1286) (#41753)
6
7(cherry picked from commit 5995fec51cc8bb7e53804e4936e60aa1537f3673)
8(cherry picked from commit 456e1eadd2a3a2fb9617e60d4db90ef4ba7c6ba3)
9
10CVE: CVE-2016-1286
11Upstream-Status: Backport
12
13[Skipped CHANGES and doc/arm/notes.xml changes.]
14
15Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
16---
17 CHANGES | 4 ++++
18 doc/arm/notes.xml | 7 +++++++
19 lib/dns/resolver.c | 33 ++++++++++++++++++---------------
20 3 files changed, 29 insertions(+), 15 deletions(-)
21
22diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
23index 735f7d2..0602070 100644
24--- a/lib/dns/resolver.c
25+++ b/lib/dns/resolver.c
26@@ -6701,21 +6701,26 @@ answer_response(fetchctx_t *fctx) {
27 isc_boolean_t found_dname = ISC_FALSE;
28 dns_name_t *dname_name;
29
30+ /*
31+ * Only pass DNAME or RRSIG(DNAME).
32+ */
33+ if (rdataset->type != dns_rdatatype_dname &&
34+ (rdataset->type != dns_rdatatype_rrsig ||
35+ rdataset->covers != dns_rdatatype_dname))
36+ continue;
37+
38+ /*
39+ * If we're not chaining, then the DNAME and
40+ * its signature should not be external.
41+ */
42+ if (!chaining && external) {
43+ log_formerr(fctx, "external DNAME");
44+ return (DNS_R_FORMERR);
45+ }
46+
47 found = ISC_FALSE;
48 aflag = 0;
49 if (rdataset->type == dns_rdatatype_dname) {
50- /*
51- * We're looking for something else,
52- * but we found a DNAME.
53- *
54- * If we're not chaining, then the
55- * DNAME should not be external.
56- */
57- if (!chaining && external) {
58- log_formerr(fctx,
59- "external DNAME");
60- return (DNS_R_FORMERR);
61- }
62 found = ISC_TRUE;
63 want_chaining = ISC_TRUE;
64 POST(want_chaining);
65@@ -6744,9 +6749,7 @@ answer_response(fetchctx_t *fctx) {
66 &fctx->domain)) {
67 return (DNS_R_SERVFAIL);
68 }
69- } else if (rdataset->type == dns_rdatatype_rrsig
70- && rdataset->covers ==
71- dns_rdatatype_dname) {
72+ } else {
73 /*
74 * We've found a signature that
75 * covers the DNAME.
76--
771.9.1
78