summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAdam Tkac <atkac@fedoraproject.org>2008-12-03 12:21:13 +0000
committerAdam Tkac <atkac@fedoraproject.org>2008-12-03 12:21:13 +0000
commit49f5f89e437534bfcb1b624f3dc828a900ed1cb6 (patch)
treeb00cbf3a053b5a9881bf0d76ca4e820198c75a17
parent0fd6224c46ed801667c9c2ae9a075c488a6db3c0 (diff)
- fixed rare use-after-free problem in host utility (#452060)bind-9_5_0-35_1_P2_fc9
-rw-r--r--bind-95-rh452060.patch40
-rw-r--r--bind.spec9
2 files changed, 47 insertions, 2 deletions
diff --git a/bind-95-rh452060.patch b/bind-95-rh452060.patch
new file mode 100644
index 0000000..58808b0
--- /dev/null
+++ b/bind-95-rh452060.patch
@@ -0,0 +1,40 @@
+diff -up bind-9.5.0-P2/bin/dig/dighost.c.rh452060 bind-9.5.0-P2/bin/dig/dighost.c
+--- bind-9.5.0-P2/bin/dig/dighost.c.rh452060 2008-12-01 22:30:01.000000000 +0100
++++ bind-9.5.0-P2/bin/dig/dighost.c 2008-12-01 22:30:07.000000000 +0100
+@@ -1280,6 +1280,12 @@ clear_query(dig_query_t *query) {
+
+ debug("clear_query(%p)", query);
+
++ if (query->waiting_senddone) {
++ debug("send_done not yet called");
++ query->pending_free = ISC_TRUE;
++ return;
++ }
++
+ lookup = query->lookup;
+
+ if (lookup->current_query == query)
+@@ -1301,10 +1307,7 @@ clear_query(dig_query_t *query) {
+ isc_mempool_put(commctx, query->recvspace);
+ isc_buffer_invalidate(&query->recvbuf);
+ isc_buffer_invalidate(&query->lengthbuf);
+- if (query->waiting_senddone)
+- query->pending_free = ISC_TRUE;
+- else
+- isc_mem_free(mctx, query);
++ isc_mem_free(mctx, query);
+ }
+
+ /*%
+@@ -2175,9 +2178,9 @@ send_done(isc_task_t *_task, isc_event_t
+ isc_event_free(&event);
+
+ if (query->pending_free)
+- isc_mem_free(mctx, query);
++ clear_query(query);
+
+- check_if_done();
++ check_next_lookup(l);
+ UNLOCK_LOOKUP;
+ }
+
diff --git a/bind.spec b/bind.spec
index 1679efe..b2e8404 100644
--- a/bind.spec
+++ b/bind.spec
@@ -20,7 +20,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
Name: bind
License: ISC
Version: 9.5.0
-Release: 35.%{PATCHVER}%{?dist}
+Release: 35.1.%{PATCHVER}%{?dist}
Epoch: 32
Url: http://www.isc.org/products/BIND/
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -63,6 +63,7 @@ Patch91: bind-9.5-recv-race.patch
Patch92: bind-9.5-edns.patch
Patch94: bind95-rh457175.patch
Patch95: bind95-rh454783.patch
+Patch96: bind-95-rh452060.patch
# SDB patches
Patch11: bind-9.3.2b2-sdbsrc.patch
@@ -245,6 +246,7 @@ cp -fp contrib/dbus/{dbus_mgr.h,dbus_service.h} bin/named/include/named
%patch91 -p1 -b .recv-race
%patch92 -p1 -b .edns
%patch94 -p1 -b .rh457175
+%patch96 -p1 -b .rh452060
# Sparc and s390 arches need to use -fPIE
%ifarch sparcv9 sparc64 s390 s390x
@@ -406,7 +408,7 @@ for f in my.internal.zone.db slaves/my.slave.internal.zone.db slaves/my.ddns.int
echo '@ in soa localhost. root 1 3H 15M 1W 1D
ns localhost.' > sample/var/named/$f;
done
-/usr/bin/tail -n '+'`/bin/egrep -n '\\$Id: bind.spec,v 1.269 2008/08/06 09:59:26 atkac Exp $/+1/' | bc` bin/rndc/rndc.conf | sed '/Sample rndc configuration file./{p;i\
+/usr/bin/tail -n '+'`/bin/egrep -n '\\$Id: bind.spec,v 1.270 2008/12/03 12:21:13 atkac Exp $/+1/' | bc` bin/rndc/rndc.conf | sed '/Sample rndc configuration file./{p;i\
*\
* NOTE: you only need to create this file if it is to\
* differ from the following default contents:
@@ -657,6 +659,9 @@ rm -rf ${RPM_BUILD_ROOT}
%{_sbindir}/bind-chroot-admin
%changelog
+* Tue Dec 02 2008 Adam Tkac <atkac redhat com> 32:9.5.0-35.1.P2
+- fixed rare use-after-free problem in host utility (#452060)
+
* Wed Aug 06 2008 Adam Tkac <atkac redhat com> 32:9.5.0-35.P2
- 9.5.0-P2 release
- bind95-rh450995.patch was merged