From: Mark Andrews <marka@isc.org>
Date: Tue, 14 Jan 2014 05:06:45 +0000 (+1100)
Subject: 3704.   [protocol]      Accept integer timestamps in RRSIG records. [RT #35185]
X-Git-Tag: v9.6-ESV-R11rc2~13
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4cf64648daeeb98d787716dbbe90c04ff3441967;p=thirdparty%2Fbind9.git

3704.   [protocol]      Accept integer timestamps in RRSIG records. [RT #35185]
---

diff --git a/CHANGES b/CHANGES
index d466baae137..f4aed8e5c1e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,5 @@
+3704.	[protocol]	Accept integer timestamps in RRSIG records. [RT #35185]
+
 	--- 9.6-ESV-R11rc1 released ---
 
 3698.	[cleanup]	Replaced all uses of memcpy() with memmove().
diff --git a/lib/dns/rdata/generic/rrsig_46.c b/lib/dns/rdata/generic/rrsig_46.c
index 5b761d85fee..b450fed77f7 100644
--- a/lib/dns/rdata/generic/rrsig_46.c
+++ b/lib/dns/rdata/generic/rrsig_46.c
@@ -90,7 +90,19 @@ fromtext_rrsig(ARGS_FROMTEXT) {
 	 */
 	RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
 				      ISC_FALSE));
-	RETTOK(dns_time32_fromtext(DNS_AS_STR(token), &time_expire));
+	if (strlen(DNS_AS_STR(token)) <= 10U &&
+	    *DNS_AS_STR(token) != '-' && *DNS_AS_STR(token) != '+') {
+		char *end;
+		unsigned long l;
+
+		l = strtoul(DNS_AS_STR(token), &end, 10);
+		if (l == ULONG_MAX || *end != 0)
+			RETTOK(DNS_R_SYNTAX);
+		if ((isc_uint64_t)l > (isc_uint64_t)0xffffffff)
+			RETTOK(ISC_R_RANGE);
+		time_expire = l;
+	} else
+                RETTOK(dns_time32_fromtext(DNS_AS_STR(token), &time_expire));
 	RETERR(uint32_tobuffer(time_expire, target));
 
 	/*
@@ -98,7 +110,19 @@ fromtext_rrsig(ARGS_FROMTEXT) {
 	 */
 	RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
 				      ISC_FALSE));
-	RETTOK(dns_time32_fromtext(DNS_AS_STR(token), &time_signed));
+	if (strlen(DNS_AS_STR(token)) <= 10U &&
+	    *DNS_AS_STR(token) != '-' && *DNS_AS_STR(token) != '+') {
+		char *end;
+		unsigned long l;
+
+		l = strtoul(DNS_AS_STR(token), &end, 10);
+		if (l == ULONG_MAX || *end != 0)
+			RETTOK(DNS_R_SYNTAX);
+		if ((isc_uint64_t)l > (isc_uint64_t)0xffffffff)
+			RETTOK(ISC_R_RANGE);
+		time_signed = l;
+	} else
+		RETTOK(dns_time32_fromtext(DNS_AS_STR(token), &time_signed));
 	RETERR(uint32_tobuffer(time_signed, target));
 
 	/*