]>
Commit | Line | Data |
---|---|---|
697b4f04 MT |
1 | From 4d25cf89d51c635af0a23c0ca3425c7aadbc0b55 Mon Sep 17 00:00:00 2001 |
2 | From: Simon Kelley <simon@thekelleys.org.uk> | |
3 | Date: Sat, 6 Jun 2015 23:13:57 +0100 | |
4 | Subject: [PATCH 103/113] Handle corner cases in NSEC coverage checks. | |
5 | ||
6 | --- | |
7 | src/dnssec.c | 10 +++++----- | |
8 | 1 file changed, 5 insertions(+), 5 deletions(-) | |
9 | ||
10 | diff --git a/src/dnssec.c b/src/dnssec.c | |
11 | index e91d7c2cf040..93217b05a846 100644 | |
12 | --- a/src/dnssec.c | |
13 | +++ b/src/dnssec.c | |
14 | @@ -1493,13 +1493,13 @@ static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsi | |
15 | { | |
16 | /* Normal case, name falls between NSEC name and next domain name, | |
17 | wrap around case, name falls between NSEC name (rc == -1) and end */ | |
18 | - if (hostname_cmp(workspace2, name) == 1 || hostname_cmp(workspace1, workspace2) == 1) | |
19 | + if (hostname_cmp(workspace2, name) >= 0 || hostname_cmp(workspace1, workspace2) >= 0) | |
20 | return STAT_SECURE; | |
21 | } | |
22 | else | |
23 | { | |
24 | /* wrap around case, name falls between start and next domain name */ | |
25 | - if (hostname_cmp(workspace1, workspace2) == 1 && hostname_cmp(workspace2, name) == 1) | |
26 | + if (hostname_cmp(workspace1, workspace2) >= 0 && hostname_cmp(workspace2, name) >=0 ) | |
27 | return STAT_SECURE; | |
28 | } | |
29 | } | |
30 | @@ -1632,17 +1632,17 @@ static int check_nsec3_coverage(struct dns_header *header, size_t plen, int dige | |
31 | ||
32 | return 1; | |
33 | } | |
34 | - else if (rc <= 0) | |
35 | + else if (rc < 0) | |
36 | { | |
37 | /* Normal case, hash falls between NSEC3 name-hash and next domain name-hash, | |
38 | wrap around case, name-hash falls between NSEC3 name-hash and end */ | |
39 | - if (memcmp(p, digest, digest_len) > 0 || memcmp(workspace2, p, digest_len) > 0) | |
40 | + if (memcmp(p, digest, digest_len) >= 0 || memcmp(workspace2, p, digest_len) >= 0) | |
41 | return 1; | |
42 | } | |
43 | else | |
44 | { | |
45 | /* wrap around case, name falls between start and next domain name */ | |
46 | - if (memcmp(workspace2, p, digest_len) > 0 && memcmp(p, digest, digest_len) > 0) | |
47 | + if (memcmp(workspace2, p, digest_len) >= 0 && memcmp(p, digest, digest_len) >= 0) | |
48 | return 1; | |
49 | } | |
50 | } | |
51 | -- | |
52 | 2.1.0 | |
53 |