3218. [security] Cache lookup could return RRSIG data associated with

author Mark Andrews <marka@isc.org>

Wed, 16 Nov 2011 09:45:25 +0000 (09:45 +0000)

committer Mark Andrews <marka@isc.org>

Wed, 16 Nov 2011 09:45:25 +0000 (09:45 +0000)
author Mark Andrews <marka@isc.org>
Wed, 16 Nov 2011 09:45:25 +0000 (09:45 +0000)
committer Mark Andrews <marka@isc.org>
Wed, 16 Nov 2011 09:45:25 +0000 (09:45 +0000)
diff --git a/CHANGES b/CHANGES

index 3a2a96affaaeb51dee5b6199682705a58ae2ff76..a90200a8e11350e203575127d4e27531c35c637d 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+3218.  [security]      Cache lookup could return RRSIG data associated with
+                       nonexistent records, leading to an assertion
+                       failure. [RT #26590]
+
  3216.   [bug]           resolver.c:validated() was not thread-safe. [RT #26478]
  
         --- 9.6-ESV-R6b1 released ---
diff --git a/bin/named/query.c b/bin/named/query.c

index d0d9498b5f232289c89a39cdd98e86cf5c6a1f97..5c63c9dd4f405c7e9cba6896f0dabbc92663642e 100644 (file)
--- a/bin/named/query.c
+++ b/bin/named/query.c
@@ -15,7 +15,7 @@
   * PERFORMANCE OF THIS SOFTWARE.
   */
  
-/* $Id: query.c,v 1.313.20.31 2011/10/20 21:47:47 marka Exp $ */
+/* $Id: query.c,v 1.313.20.32 2011/11/16 09:45:24 marka Exp $ */
  
  /*! \file */
  
@@ -1281,11 +1281,9 @@ query_addadditional(void *arg, dns_name_t *name, dns_rdatatype_t qtype) {
                         goto addname;
                 if (result == DNS_R_NCACHENXRRSET) {
                         dns_rdataset_disassociate(rdataset);
-                       /*
-                        * Negative cache entries don't have sigrdatasets.
-                        */
-                       INSIST(sigrdataset == NULL ||
-                              ! dns_rdataset_isassociated(sigrdataset));
+                       if (sigrdataset != NULL &&
+                           dns_rdataset_isassociated(sigrdataset))
+                               dns_rdataset_disassociate(sigrdataset);
                 }
                 if (result == ISC_R_SUCCESS) {
                         mname = NULL;
@@ -1326,8 +1324,9 @@ query_addadditional(void *arg, dns_name_t *name, dns_rdatatype_t qtype) {
                         goto addname;
                 if (result == DNS_R_NCACHENXRRSET) {
                         dns_rdataset_disassociate(rdataset);
-                       INSIST(sigrdataset == NULL ||
-                              ! dns_rdataset_isassociated(sigrdataset));
+                       if (sigrdataset != NULL &&
+                           dns_rdataset_isassociated(sigrdataset))
+                               dns_rdataset_disassociate(sigrdataset);
                 }
                 if (result == ISC_R_SUCCESS) {
                         mname = NULL;
@@ -1777,10 +1776,8 @@ query_addadditional2(void *arg, dns_name_t *name, dns_rdatatype_t qtype) {
                 goto setcache;
         if (result == DNS_R_NCACHENXRRSET) {
                 dns_rdataset_disassociate(rdataset);
-               /*
-                * Negative cache entries don't have sigrdatasets.
-                */
-               INSIST(! dns_rdataset_isassociated(sigrdataset));
+               if (dns_rdataset_isassociated(sigrdataset))
+                       dns_rdataset_disassociate(sigrdataset);
         }
         if (result == ISC_R_SUCCESS) {
                 /* Remember the result as a cache */
diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c

index d45f6a3951f593db0d1ecfea6af4757beed7a9b4..e11cf8c3e90646e3f88ae25fc2b40a7c6df3aa57 100644 (file)
--- a/lib/dns/rbtdb.c
+++ b/lib/dns/rbtdb.c
@@ -15,7 +15,7 @@
   * PERFORMANCE OF THIS SOFTWARE.
   */
  
-/* $Id: rbtdb.c,v 1.270.12.36 2011/11/08 21:51:15 marka Exp $ */
+/* $Id: rbtdb.c,v 1.270.12.37 2011/11/16 09:45:25 marka Exp $ */
  
  /*! \file */
  
@@ -4664,7 +4664,7 @@ cache_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
                               rdataset);
                 if (need_headerupdate(found, search.now))
                         update = found;
-               if (foundsig != NULL) {
+               if (!NEGATIVE(found) && foundsig != NULL) {
                         bind_rdataset(search.rbtdb, node, foundsig, search.now,
                                       sigrdataset);
                         if (need_headerupdate(foundsig, search.now))
@@ -5297,7 +5297,7 @@ cache_findrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
         }
         if (found != NULL) {
                 bind_rdataset(rbtdb, rbtnode, found, now, rdataset);
-               if (foundsig != NULL)
+               if (!NEGATIVE(found) && foundsig != NULL)
                         bind_rdataset(rbtdb, rbtnode, foundsig, now,
                                       sigrdataset);
         }
author	Mark Andrews <marka@isc.org>
	Wed, 16 Nov 2011 09:45:25 +0000 (09:45 +0000)
committer	Mark Andrews <marka@isc.org>
	Wed, 16 Nov 2011 09:45:25 +0000 (09:45 +0000)
CHANGES		patch \| blob \| blame \| history
bin/named/query.c		patch \| blob \| blame \| history
lib/dns/rbtdb.c		patch \| blob \| blame \| history