From: Evan Hunt <each@isc.org>
Date: Mon, 2 Jul 2012 17:03:46 +0000 (-0700)
Subject: fix bad-cache assert
X-Git-Tag: v9.7.6-P2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ac5ff07ba2e8b8d043f2da99d87c917f1dd58856;p=thirdparty%2Fbind9.git

fix bad-cache assert

3346.	[security]	Bad-cache data could be used before it was
			initialized, causing an assert. [RT #30025]
---

diff --git a/CHANGES b/CHANGES
index 037acaf8b59..e5b006c0917 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+3346.	[security]	Bad-cache data could be used before it was
+			initialized, causing an assert. [RT #30025]
+
 3342.	[bug]		Change #3314 broke saving of stub zones to disk
 			resulting in excessive cpu usage in some cases.
 			[RT #29952]
diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
index 52a336684ec..30040544bbc 100644
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -8502,6 +8502,7 @@ dns_resolver_addbadcache(dns_resolver_t *resolver, dns_name_t *name,
 			goto cleanup;
 		bad->type = type;
 		bad->hashval = hashval;
+		bad->expire = *expire;
 		isc_buffer_init(&buffer, bad + 1, name->length);
 		dns_name_init(&bad->name, NULL);
 		dns_name_copy(name, &bad->name, &buffer);
@@ -8513,8 +8514,8 @@ dns_resolver_addbadcache(dns_resolver_t *resolver, dns_name_t *name,
 		if (resolver->badcount < resolver->badhash * 2 &&
 		    resolver->badhash > DNS_BADCACHE_SIZE)
 			resizehash(resolver, &now, ISC_FALSE);
-	}
-	bad->expire = *expire;
+	} else
+		bad->expire = *expire;
  cleanup:
 	UNLOCK(&resolver->lock);
 }