]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c409b9a) | patch
Add regression test for TOCTOU race in DNS UPDATE SSU handling
authorOndřej Surý <ondrej@isc.org>
Wed, 18 Mar 2026 03:09:50 +0000 (04:09 +0100)
committerOndřej Surý <ondrej@isc.org>
Wed, 25 Mar 2026 15:16:22 +0000 (16:16 +0100)
commitfeb5dc7f984da1ddd0185a7dd3c21bdeb791f516
treecfdb395c2e5ed7d1834955e7dfc71d9ed6fa3000tree | snapshot
parentc409b9a9393d5c8392664554d787da48c982cde5commit | diff
Add regression test for TOCTOU race in DNS UPDATE SSU handling

Race rndc reconfig (toggling between allow-update and update-policy)
against a stream of DNS UPDATEs for 5 seconds and verify that named
does not crash.

Before the fix, the race between send_update() and update_action()
reading the SSU table independently could trigger an assertion
failure (INSIST) when the zone's update policy changed between the
two reads.

(cherry picked from commit c503b6eee8e0b7ae9c12af1b6ab2630926f6648d)
REUSE.toml diff | blob | blame | history
bin/tests/system/ssutoctou/ns1/example.db.in [new file with mode: 0644] blob
bin/tests/system/ssutoctou/ns1/named.conf.j2 [new file with mode: 0644] blob
bin/tests/system/ssutoctou/setup.sh [new file with mode: 0755] blob
bin/tests/system/ssutoctou/tests_ssutoctou.py [new file with mode: 0644] blob
lib/ns/update.c diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git