[v4_1_esv] Hnadle corrupt v6 lease files better.

Stop processing a v6 lease file when encountering an EOF
while trying to read an ia structure.

diff --git a/RELNOTES b/RELNOTES
index 887b422ab578656cd03a51d0cf409bc8eb6cea38..0e083c5fb8e2a6188b6845ab6ee32e9b8450754a 100644 (file)
--- a/RELNOTES
+++ b/RELNOTES
@@ -60,11 +60,6 @@ by Eric Young (eay@cryptsoft.com).
 
                        Changes since 4.1-ESV-R11
 
-- Delayed-ack now works properly with Failover. Prior to this, bind updates
-  post startup were being queued but never delivered. Among other things, this
-  was causing leases to not transition from expired or released to free.
-  [ISC-Bugs #31474]
-
 - The server now does a better check to see if it can allocate the memory
   for large blocks of v4 leases and should provide a slightly better error
   message.  Note well: the server pre-allocates v4 addresses, if you use
@@ -113,6 +108,15 @@ by Eric Young (eay@cryptsoft.com).
   of as a token.
   [ISC-Bugs #39529]
 
+- Delayed-ack now works properly with Failover. Prior to this, bind updates
+  post startup were being queued but never delivered. Among other things, this
+  was causing leases to not transition from expired or released to free.
+  [ISC-Bugs #31474]
+
+- Clean up parsing of v6 lease files a bit to avoid infinite loops if the
+  lease file is corrupt in certain ways.
+  [ISC-Bugs #39760]
+
                        Changes since 4.1-ESV-R11rc2
 
 - None

diff --git a/server/confpars.c b/server/confpars.c
index 2b392fe14bff844cda25b687ef62e16b6d3894fe..cc95c6f486c04b444588bea4931619f8abbb8aa6 100644 (file)
--- a/server/confpars.c
+++ b/server/confpars.c
@@ -4257,6 +4257,15 @@ parse_ia_na_declaration(struct parse *cfile) {
                        if (token == RBRACE) break;
 
                        switch(token) {
+                            case END_OF_FILE:
+                               /* We hit the end of file and don't know
+                                * what parts of the lease we may be missing
+                                * don't try to salvage the lease
+                                */
+                               parse_warn(cfile, "corrupt lease file; "
+                                          "unexpected end of file");
+                               return;
+
                                /* Lease binding state. */
                             case BINDING:
                                token = next_token(&val, NULL, cfile);
@@ -4638,6 +4647,15 @@ parse_ia_ta_declaration(struct parse *cfile) {
                        if (token == RBRACE) break;
 
                        switch(token) {
+                            case END_OF_FILE:
+                               /* We hit the end of file and don't know
+                                * what parts of the lease we may be missing
+                                * don't try to salvage the lease
+                                */
+                               parse_warn(cfile, "corrupt lease file; "
+                                          "unexpected end of file");
+                               return;
+
                                /* Lease binding state. */
                             case BINDING:
                                token = next_token(&val, NULL, cfile);
@@ -5020,6 +5038,15 @@ parse_ia_pd_declaration(struct parse *cfile) {
                        if (token == RBRACE) break;
 
                        switch(token) {
+                            case END_OF_FILE:
+                               /* We hit the end of file and don't know
+                                * what parts of the lease we may be missing
+                                * don't try to salvage the lease
+                                */
+                               parse_warn(cfile, "corrupt lease file; "
+                                          "unexpected end of file");
+                               return;
+
                                /* Prefix binding state. */
                             case BINDING:
                                token = next_token(&val, NULL, cfile);