]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bccbb32) | patch
[v9_10_1_patch] limit recursion depth and iterative queries
authorEvan Hunt <each@isc.org>
Tue, 18 Nov 2014 07:27:54 +0000 (23:27 -0800)
committerEvan Hunt <each@isc.org>
Tue, 18 Nov 2014 07:27:54 +0000 (23:27 -0800)
commit0cb80bd1e3f0a3288318a06daeecb0df1a61894d
treeff486ee93d63612b14dbadc3736922ee835a68b2tree | snapshot
parentbccbb3277fde4f0b7da789b21df5b0f44ded3df6commit | diff
[v9_10_1_patch] limit recursion depth and iterative queries

4006. [security] A flaw in delegation handling could be exploited
to put named into an infinite loop.  This has
been addressed by placing limits on the number
of levels of recursion named will allow (default 7),
and the number of iterative queries that it will
send (default 50) before terminating a recursive
query (CVE-2014-8500).

The recursion depth limit is configured via the
"max-recursion-depth" option.  [RT #35780]

(cherry picked from commit 3230429e175dcaafe9c59967124d44c02ca0ccad)
(cherry picked from commit 29ea88667cc1ed7953c8d4eb758889650504ad84)
20 files changed:
CHANGES diff | blob | blame | history
bin/named/config.c diff | blob | blame | history
bin/named/include/named/query.h diff | blob | blame | history
bin/named/query.c diff | blob | blame | history
bin/named/server.c diff | blob | blame | history
bin/tests/system/many/clean.sh [new file with mode: 0644] blob
bin/tests/system/many/ns1/named.conf [new file with mode: 0644] blob
bin/tests/system/many/ns2/named.conf [new file with mode: 0644] blob
bin/tests/system/many/ns3/named.conf [new file with mode: 0644] blob
bin/tests/system/many/ns4/named.conf [new file with mode: 0644] blob
bin/tests/system/many/ns5/hints.db [new file with mode: 0644] blob
bin/tests/system/many/ns5/named.conf [new file with mode: 0644] blob
bin/tests/system/many/setup.sh [new file with mode: 0644] blob
bin/tests/system/many/tests.sh [new file with mode: 0644] blob
doc/arm/Bv9ARM-book.xml diff | blob | blame | history
lib/dns/adb.c diff | blob | blame | history
lib/dns/include/dns/adb.h diff | blob | blame | history
lib/dns/include/dns/resolver.h diff | blob | blame | history
lib/dns/resolver.c diff | blob | blame | history
lib/isccfg/namedconf.c diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git