From: Evan Hunt <each@isc.org>
Date: Wed, 29 Jul 2009 23:55:00 +0000 (+0000)
Subject: 2642.	[bug]		nsupdate could dump core on solaris when reading
X-Git-Tag: v9.5.2b1~17
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a7271c81d6f1fca8c57c13b4e3fc476e1989ec7a;p=thirdparty%2Fbind9.git

2642.	[bug]		nsupdate could dump core on solaris when reading
			improperly formatted key files.  [RT #20015]
---

diff --git a/CHANGES b/CHANGES
index bf9226bd100..d8326837848 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+2642.	[bug]		nsupdate could dump core on solaris when reading
+			improperly formatted key files.  [RT #20015]
+
 2640.	[security]	A specially crafted update packet will cause named
 			to exit. [RT #20000]
 
diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c
index 9b743f17da5..31bac793613 100644
--- a/lib/dns/dst_api.c
+++ b/lib/dns/dst_api.c
@@ -31,7 +31,7 @@
 
 /*
  * Principal Author: Brian Wellington
- * $Id: dst_api.c,v 1.11.92.6 2009/03/02 02:34:12 marka Exp $
+ * $Id: dst_api.c,v 1.11.92.7 2009/07/29 23:55:00 each Exp $
  */
 
 /*! \file */
@@ -967,6 +967,9 @@ dst_key_read_public(const char *filename, int type,
 	/* Read the next word: either TTL, class, or 'KEY' */
 	NEXTTOKEN(lex, opt, &token);
 
+	if (token.type != isc_tokentype_string)
+		BADTOKEN();
+
 	/* If it's a TTL, read the next one */
 	result = dns_ttl_fromtext(&token.value.as_textregion, &ttl);
 	if (result == ISC_R_SUCCESS)