diff options
| author | Tomas Hozza <thozza@redhat.com> | 2013-11-28 10:05:22 +0100 |
|---|---|---|
| committer | Tomas Hozza <thozza@redhat.com> | 2013-11-28 10:05:22 +0100 |
| commit | 0cd5a0ff483e4b7bd8b233961d34708334c0db51 (patch) | |
| tree | 701dbf7c3ff219573f5c6e3428b18b5c54056920 | |
| parent | 3267c0ac549035c0e7987b9a1dec92d9965b6dfa (diff) | |
Fixed memory leak in nsupdate if 'realm' was used multiple times
Resolves: #984687
Signed-off-by: Tomas Hozza <thozza@redhat.com>
| -rw-r--r-- | bind.spec | 8 | ||||
| -rw-r--r-- | bind99-ISC-Bugs-35073.patch | 31 |
2 files changed, 38 insertions, 1 deletions
@@ -27,7 +27,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: ISC Version: 9.9.4 -Release: 8%{?PATCHVER}%{?PREVER}%{?dist} +Release: 9%{?PATCHVER}%{?PREVER}%{?dist} Epoch: 32 Url: http://www.isc.org/products/BIND/ Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -86,6 +86,8 @@ Patch138:bind-9.9.3-include-update-h.patch Patch139:bind99-ISC-Bugs-34738.patch # upstream patch [ISC-Bugs #34870] Patch140:bind99-ISC-Bugs-34870-v3.patch +# upstream applied patch for [ISC-Bugs #35073] +Patch141:bind99-ISC-Bugs-35073.patch # SDB patches Patch11: bind-9.3.2b2-sdbsrc.patch @@ -286,6 +288,7 @@ popd %patch138 -p1 -b .update %patch139 -p1 -b .journal %patch140 -p1 -b .send_buffer +%patch141 -p1 -b .leak_35073 %if %{SDB} %patch101 -p1 -b .old-api @@ -804,6 +807,9 @@ rm -rf ${RPM_BUILD_ROOT} %endif %changelog +* Thu Nov 28 2013 Tomas Hozza <thozza@redhat.com> 32:9.9.4-9 +- Fixed memory leak in nsupdate if 'realm' was used multiple times (#984687) + * Tue Nov 12 2013 Tomas Hozza <thozza@redhat.com> 32:9.9.4-8 - Install configuration for rwtab and fix chroot setup script diff --git a/bind99-ISC-Bugs-35073.patch b/bind99-ISC-Bugs-35073.patch new file mode 100644 index 0000000..c8be3ed --- /dev/null +++ b/bind99-ISC-Bugs-35073.patch @@ -0,0 +1,31 @@ +diff --git a/bin/nsupdate/nsupdate.c b/bin/nsupdate/nsupdate.c
+index 486c102..dc12a85 100644
+--- a/bin/nsupdate/nsupdate.c
++++ b/bin/nsupdate/nsupdate.c
+@@ -1566,16 +1566,20 @@ evaluate_realm(char *cmdline) {
+ #ifdef GSSAPI
+ char *word;
+ char buf[1024];
++ int n;
+
+- word = nsu_strsep(&cmdline, " \t\r\n");
+- if (word == NULL || *word == 0) {
+- if (realm != NULL)
+- isc_mem_free(mctx, realm);
++ if (realm != NULL) {
++ isc_mem_free(mctx, realm);
+ realm = NULL;
+- return (STATUS_MORE);
+ }
+
+- snprintf(buf, sizeof(buf), "@%s", word);
++ word = nsu_strsep(&cmdline, " \t\r\n");
++ if (word == NULL || *word == 0)
++ return (STATUS_MORE);
++
++ n = snprintf(buf, sizeof(buf), "@%s", word);
++ if (n < 0 || (size_t)n >= sizeof(buf))
++ fatal("realm is too long");
+ realm = isc_mem_strdup(mctx, buf);
+ if (realm == NULL)
+ fatal("out of memory");
|