rpms
/
bind
7
0
Fork 1
Code Issues Pull Requests Releases Activity
bind/SOURCES/bind-9.11-CVE-2018-5744.patch

32 lines
945 B
Diff
Raw Blame History

From a4e1db793d4971d87631276ea57808074ed2c1c7 Mon Sep 17 00:00:00 2001
From: Petr Mensik <pemensik@redhat.com>
Date: Thu, 21 Feb 2019 17:23:53 +0100
Subject: [PATCH 1/3] Fix CVE-2018-5744
5110. [security] Named leaked memory if there were multiple Key Tag
EDNS options present. (CVE-2018-5744) [GL #772]
---
bin/named/client.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/bin/named/client.c b/bin/named/client.c
index b9ebc93..b7d8a98 100644
--- a/bin/named/client.c
+++ b/bin/named/client.c
@@ -2112,6 +2112,12 @@ process_keytag(ns_client_t *client, isc_buffer_t *buf, size_t optlen) {
return (DNS_R_OPTERR);
}
+ /* Silently drop additional keytag options. */
+ if (client->keytag != NULL) {
+ isc_buffer_forward(buf, (unsigned int)optlen);
+ return (ISC_R_SUCCESS);
+ }
+
client->keytag = isc_mem_get(client->mctx, optlen);
if (client->keytag != NULL) {
client->keytag_len = (isc_uint16_t)optlen;
--
2.20.1
Reference in New Issue View Git Blame Copy Permalink