From: Evan Hunt <each@isc.org>
Date: Wed, 29 Jul 2009 23:53:22 +0000 (+0000)
Subject: 2642.	[bug]		nsupdate could dump core on solaris when reading
X-Git-Tag: v9.6.1-P1^2~1^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a6c4d1405ef2cb0154f993cde412439d04d038cb;p=thirdparty%2Fbind9.git

2642.	[bug]		nsupdate could dump core on solaris when reading
			improperly formatted key files.  [RT #20015]
---

diff --git a/CHANGES b/CHANGES
index 65ae7de6826..ad184b88269 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+2642.	[bug]		nsupdate could dump core on solaris when reading
+			improperly formatted key files.  [RT #20015]
+
 2640.	[security]	A specially crafted update packet will cause named
 			to exit. [RT #20000]
 
diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c
index 144c685e108..957ac98a488 100644
--- a/lib/dns/dst_api.c
+++ b/lib/dns/dst_api.c
@@ -31,7 +31,7 @@
 
 /*
  * Principal Author: Brian Wellington
- * $Id: dst_api.c,v 1.16.12.3 2009/03/02 02:00:34 marka Exp $
+ * $Id: dst_api.c,v 1.16.12.4 2009/07/29 23:53:22 each Exp $
  */
 
 /*! \file */
@@ -1017,6 +1017,9 @@ dst_key_read_public(const char *filename, int type,
 	/* Read the next word: either TTL, class, or 'KEY' */
 	NEXTTOKEN(lex, opt, &token);
 
+	if (token.type != isc_tokentype_string)
+		BADTOKEN();
+
 	/* If it's a TTL, read the next one */
 	result = dns_ttl_fromtext(&token.value.as_textregion, &ttl);
 	if (result == ISC_R_SUCCESS)