An attacker controlling a malicious DNS server returns a DNAME record,
and the we stores a pointer to resp->foundname, frees the response
structure, then uses the dangling pointer in dns_name_fullcompare()
possibly causing invalid match. Only the `delv`is affected. This has
been fixed.
Closes #5728
Merge branch '5728-heap-uaf-in-bind9-dns_client_resolve-via-dname-response' into 'main'
See merge request isc-projects/bind9!11570
projects / thirdparty / bind9.git / commitdiff
