- Fix assertion failure when unbound generates an empty error reply

author Wouter Wijngaards <wouter@nlnetlabs.nl>

Wed, 25 May 2011 06:04:14 +0000 (06:04 +0000)

committer Wouter Wijngaards <wouter@nlnetlabs.nl>

Wed, 25 May 2011 06:04:14 +0000 (06:04 +0000)
author Wouter Wijngaards <wouter@nlnetlabs.nl>
Wed, 25 May 2011 06:04:14 +0000 (06:04 +0000)
committer Wouter Wijngaards <wouter@nlnetlabs.nl>
Wed, 25 May 2011 06:04:14 +0000 (06:04 +0000)
diff --git a/daemon/worker.c b/daemon/worker.c

index 6d667f377e0b555d96849c7a14c1baef7f66064c..dff320fd020495ef4bfd78a37c97709edff74f74 100644 (file)
--- a/daemon/worker.c
+++ b/daemon/worker.c
@@ -777,6 +777,7 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
                 qinfo.qtype == LDNS_RR_TYPE_IXFR) {
                 verbose(VERB_ALGO, "worker request: refused zone transfer.");
                 log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
+               ldns_buffer_rewind(c->buffer);
                 LDNS_QR_SET(ldns_buffer_begin(c->buffer));
                 LDNS_RCODE_SET(ldns_buffer_begin(c->buffer), 
                         LDNS_RCODE_REFUSED);
diff --git a/doc/Changelog b/doc/Changelog

index 372ee23d5f45466223dc20e3feaa881a52144e7b..3d7866638b2062f5e9932f6f245e52b7d7cf2a8c 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,8 @@
+25 March 2011: Wouter
+       - Fix assertion failure when unbound generates an empty error reply
+         in response to a query, CVE-2011-1922 VU#531342.
+       - release 1.4.10.
+
  24 March 2011: Wouter
         - iana portlist updated.
         - release 1.4.9.
author	Wouter Wijngaards <wouter@nlnetlabs.nl>
	Wed, 25 May 2011 06:04:14 +0000 (06:04 +0000)
committer	Wouter Wijngaards <wouter@nlnetlabs.nl>
	Wed, 25 May 2011 06:04:14 +0000 (06:04 +0000)
daemon/worker.c		patch \| blob \| blame \| history
doc/Changelog		patch \| blob \| blame \| history