Projects
openEuler:22.03:LTS:LoongArch
bind
_service:tar_scm_kernel_repo:backport-0043-Chec...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm_kernel_repo:backport-0043-Check-for-overflow-in-GENERATE-computations.patch of Package bind
From 16ac79a8f720a917b0f787178905a8df56d4d557 Mon Sep 17 00:00:00 2001 From: Mark Andrews <marka@isc.org> Date: Fri, 1 Jul 2022 11:40:37 +1000 Subject: [PATCH] Check for overflow in $GENERATE computations $GENERATE uses 'int' for its computations and some constructions can overflow values that can be represented by an 'int' resulting in undefined behaviour. Detect these conditions and return a range error. (cherry picked from commit 5327b9708fd0e5d0d6c95183cca9eafb4a1cfe05) Conflict: NA Reference: https://gitlab.isc.org/isc-projects/bind9/-/commit/16ac79a8f720a917b0f787178905a8df56d4d557 --- .../checkzone/zones/bad-generate-range.db | 18 ++++++++++++++++++ lib/dns/master.c | 7 +++++++ 2 files changed, 25 insertions(+) create mode 100644 bin/tests/system/checkzone/zones/bad-generate-range.db diff --git a/bin/tests/system/checkzone/zones/bad-generate-range.db b/bin/tests/system/checkzone/zones/bad-generate-range.db new file mode 100644 index 0000000000..62a9e15684 --- /dev/null +++ b/bin/tests/system/checkzone/zones/bad-generate-range.db @@ -0,0 +1,18 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 600 +@ SOA ns hostmaster 2011012708 3600 1200 604800 1200 + NS ns +ns A 192.0.2.1 + +; 2147483647 + 1 overflows what can be represented in an 'int' +$GENERATE 1-1 host$ TXT foo${2147483647} diff --git a/lib/dns/master.c b/lib/dns/master.c index e1ba723104..e938b15a0e 100644 --- a/lib/dns/master.c +++ b/lib/dns/master.c @@ -735,6 +735,13 @@ genname(char *name, int it, char *buffer, size_t length) { continue; } } + /* + * 'it' is >= 0 so we don't need to check for + * underflow. + */ + if ((it > 0 && delta > INT_MAX - it)) { + return (ISC_R_RANGE); + } if (nibblemode) { n = nibbles(numbuf, sizeof(numbuf), width, mode[0], it + delta); -- 2.23.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.