From: Mark Andrews Date: Mon, 25 Aug 2025 00:32:36 +0000 (+1000) Subject: RPZ canonical warning displays zone entry incorrectly X-Git-Tag: v9.21.12~6^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=283da99f02d8b58c56efee988f39db3dc18426f1;p=thirdparty%2Fbind9.git RPZ canonical warning displays zone entry incorrectly Do not insert a NUL into ip_str too early as the full value is needed later. Only insert the NUL immediately before displaying just the prefix string. --- diff --git a/lib/dns/rpz.c b/lib/dns/rpz.c index a59cad006ae..a1b7fe13d21 100644 --- a/lib/dns/rpz.c +++ b/lib/dns/rpz.c @@ -866,7 +866,7 @@ name2ipkey(int log_level, dns_rpz_zone_t *rpz, dns_rpz_type_t rpz_type, dns_fixedname_t ip_name2f; dns_name_t ip_name; const char *prefix_str = NULL, *cp = NULL, *end = NULL; - char *cp2; + char *prefix_end, *cp2; int ip_labels; dns_rpz_prefix_t prefix; unsigned long prefix_num, l; @@ -904,12 +904,9 @@ name2ipkey(int log_level, dns_rpz_zone_t *rpz, dns_rpz_type_t rpz_type, ""); return ISC_R_FAILURE; } - /* - * Patch in trailing nul character to print just the length - * label (for various cases below). - */ - *cp2 = '\0'; + prefix_end = cp2; if (prefix_num < 1U || prefix_num > 128U) { + *prefix_end = '\0'; badname(log_level, src_name, "; invalid prefix length of ", prefix_str); return ISC_R_FAILURE; @@ -922,6 +919,7 @@ name2ipkey(int log_level, dns_rpz_zone_t *rpz, dns_rpz_type_t rpz_type, * from the form "prefix.z.y.x.w" */ if (prefix_num > 32U) { + *prefix_end = '\0'; badname(log_level, src_name, "; invalid IPv4 prefix length of ", prefix_str); return ISC_R_FAILURE; @@ -1000,6 +998,7 @@ name2ipkey(int log_level, dns_rpz_zone_t *rpz, dns_rpz_type_t rpz_type, i = prefix % DNS_RPZ_CIDR_WORD_BITS; aword = tgt_ip->w[prefix / DNS_RPZ_CIDR_WORD_BITS]; if ((aword & ~DNS_RPZ_WORD_MASK(i)) != 0) { + *prefix_end = '\0'; badname(log_level, src_name, "; too small prefix length of ", prefix_str); return ISC_R_FAILURE;