From 79ada299ec9a99216e0e6f0e980600cad05f716e Mon Sep 17 00:00:00 2001 From: Tomas Hozza Date: Thu, 16 Jan 2014 19:57:06 +0100 Subject: [PATCH] Fix segfault on adding insecure forward zone when using only iterator (#1054192) Signed-off-by: Tomas Hozza --- ...ult_caused_by_i_with_module_iterator.patch | 122 ++++++++++++++++++ unbound.spec | 8 +- 2 files changed, 129 insertions(+), 1 deletion(-) create mode 100644 unbound-1.4.21-Fix_segfault_caused_by_i_with_module_iterator.patch diff --git a/unbound-1.4.21-Fix_segfault_caused_by_i_with_module_iterator.patch b/unbound-1.4.21-Fix_segfault_caused_by_i_with_module_iterator.patch new file mode 100644 index 0000000..d5bdaa8 --- /dev/null +++ b/unbound-1.4.21-Fix_segfault_caused_by_i_with_module_iterator.patch @@ -0,0 +1,122 @@ +From 5bc8036ec65ce616aa68138bfe6656e895316203 Mon Sep 17 00:00:00 2001 +From: wouter +Date: Thu, 16 Jan 2014 13:04:34 +0000 +Subject: [PATCH] - fix #544: Fixed +i causes segfault when running with module + conf "iterator". + +git-svn-id: http://unbound.nlnetlabs.nl/svn/trunk@3038 be551aaa-1e26-0410-a405-d3ace91eadb9 +Signed-off-by: Tomas Hozza +--- + daemon/remote.c | 33 ++++++++++++++++++++------------- + validator/val_anchor.c | 2 ++ + 2 files changed, 22 insertions(+), 13 deletions(-) + +diff --git a/daemon/remote.c b/daemon/remote.c +index 6150502..a5bb75e 100644 +--- a/daemon/remote.c ++++ b/daemon/remote.c +@@ -1571,7 +1571,7 @@ do_forward_add(SSL* ssl, struct worker* worker, char* args) + struct delegpt* dp = NULL; + if(!parse_fs_args(ssl, args, &nm, &dp, &insecure, NULL)) + return; +- if(insecure) { ++ if(insecure && worker->env.anchors) { + if(!anchors_add_insecure(worker->env.anchors, LDNS_RR_CLASS_IN, + nm)) { + (void)ssl_printf(ssl, "error out of memory\n"); +@@ -1598,7 +1598,7 @@ do_forward_remove(SSL* ssl, struct worker* worker, char* args) + uint8_t* nm = NULL; + if(!parse_fs_args(ssl, args, &nm, NULL, &insecure, NULL)) + return; +- if(insecure) ++ if(insecure && worker->env.anchors) + anchors_delete_insecure(worker->env.anchors, LDNS_RR_CLASS_IN, + nm); + forwards_delete_zone(fwd, LDNS_RR_CLASS_IN, nm); +@@ -1616,7 +1616,7 @@ do_stub_add(SSL* ssl, struct worker* worker, char* args) + struct delegpt* dp = NULL; + if(!parse_fs_args(ssl, args, &nm, &dp, &insecure, &prime)) + return; +- if(insecure) { ++ if(insecure && worker->env.anchors) { + if(!anchors_add_insecure(worker->env.anchors, LDNS_RR_CLASS_IN, + nm)) { + (void)ssl_printf(ssl, "error out of memory\n"); +@@ -1626,8 +1626,9 @@ do_stub_add(SSL* ssl, struct worker* worker, char* args) + } + } + if(!forwards_add_stub_hole(fwd, LDNS_RR_CLASS_IN, nm)) { +- if(insecure) anchors_delete_insecure(worker->env.anchors, +- LDNS_RR_CLASS_IN, nm); ++ if(insecure && worker->env.anchors) ++ anchors_delete_insecure(worker->env.anchors, ++ LDNS_RR_CLASS_IN, nm); + (void)ssl_printf(ssl, "error out of memory\n"); + delegpt_free_mlc(dp); + free(nm); +@@ -1636,8 +1637,9 @@ do_stub_add(SSL* ssl, struct worker* worker, char* args) + if(!hints_add_stub(worker->env.hints, LDNS_RR_CLASS_IN, dp, !prime)) { + (void)ssl_printf(ssl, "error out of memory\n"); + forwards_delete_stub_hole(fwd, LDNS_RR_CLASS_IN, nm); +- if(insecure) anchors_delete_insecure(worker->env.anchors, +- LDNS_RR_CLASS_IN, nm); ++ if(insecure && worker->env.anchors) ++ anchors_delete_insecure(worker->env.anchors, ++ LDNS_RR_CLASS_IN, nm); + free(nm); + return; + } +@@ -1654,7 +1656,7 @@ do_stub_remove(SSL* ssl, struct worker* worker, char* args) + uint8_t* nm = NULL; + if(!parse_fs_args(ssl, args, &nm, NULL, &insecure, NULL)) + return; +- if(insecure) ++ if(insecure && worker->env.anchors) + anchors_delete_insecure(worker->env.anchors, LDNS_RR_CLASS_IN, + nm); + forwards_delete_stub_hole(fwd, LDNS_RR_CLASS_IN, nm); +@@ -1672,10 +1674,13 @@ do_insecure_add(SSL* ssl, struct worker* worker, char* arg) + uint8_t* nm = NULL; + if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs)) + return; +- if(!anchors_add_insecure(worker->env.anchors, LDNS_RR_CLASS_IN, nm)) { +- (void)ssl_printf(ssl, "error out of memory\n"); +- free(nm); +- return; ++ if(worker->env.anchors) { ++ if(!anchors_add_insecure(worker->env.anchors, ++ LDNS_RR_CLASS_IN, nm)) { ++ (void)ssl_printf(ssl, "error out of memory\n"); ++ free(nm); ++ return; ++ } + } + free(nm); + send_ok(ssl); +@@ -1690,7 +1695,9 @@ do_insecure_remove(SSL* ssl, struct worker* worker, char* arg) + uint8_t* nm = NULL; + if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs)) + return; +- anchors_delete_insecure(worker->env.anchors, LDNS_RR_CLASS_IN, nm); ++ if(worker->env.anchors) ++ anchors_delete_insecure(worker->env.anchors, ++ LDNS_RR_CLASS_IN, nm); + free(nm); + send_ok(ssl); + } +diff --git a/validator/val_anchor.c b/validator/val_anchor.c +index e710f2f..b300718 100644 +--- a/validator/val_anchor.c ++++ b/validator/val_anchor.c +@@ -1197,6 +1197,8 @@ anchors_get_mem(struct val_anchors* anchors) + { + struct trust_anchor *ta; + size_t s = sizeof(*anchors); ++ if(!anchors) ++ return 0; + RBTREE_FOR(ta, struct trust_anchor*, anchors->tree) { + s += sizeof(*ta) + ta->namelen; + /* keys and so on */ +-- +1.8.4.2 + diff --git a/unbound.spec b/unbound.spec index f326906..4da623a 100644 --- a/unbound.spec +++ b/unbound.spec @@ -11,7 +11,7 @@ Summary: Validating, recursive, and caching DNS(SEC) resolver Name: unbound Version: 1.4.21 -Release: 2%{?dist} +Release: 3%{?dist} License: BSD Url: http://www.nlnetlabs.nl/unbound/ Source: http://www.unbound.net/downloads/%{name}-%{version}.tar.gz @@ -33,6 +33,8 @@ Source14: unbound.sysconfig Source15: unbound.cron Source16: unbound-munin.README +Patch0: unbound-1.4.21-Fix_segfault_caused_by_i_with_module_iterator.patch + Group: System Environment/Daemons BuildRequires: flex, openssl-devel , ldns-devel >= 1.6.13 BuildRequires: libevent-devel expat-devel @@ -105,6 +107,7 @@ Python modules and extensions for unbound %prep %setup -q +%patch0 -p1 -b .segfault_iterator %build export LDFLAGS="-Wl,-z,relro,-z,now -pie -specs=/usr/lib/rpm/redhat/redhat-hardened-ld" @@ -280,6 +283,9 @@ exit 0 /bin/systemctl try-restart unbound-keygen.service >/dev/null 2>&1 || : %changelog +* Thu Jan 16 2014 Tomas Hozza - 1.4.21-3 +- Fix segfault on adding insecure forward zone when using only iterator (#1054192) + * Mon Oct 21 2013 Tomas Hozza - 1.4.21-2 - run test suite during the build