- Fix CVE-2026-44390, Unbounded name compression in certain cases
causes degradation of service. Thanks to Qifan Zhang, Palo Alto
Networks, for the report.
+ - Fix CVE-2026-44608, Use after free and crash in RPZ code. Thanks
+ to Qifan Zhang, Palo Alto Networks, for the report.
23 April 2026: Wouter
- Merge #1441: Fix buffer overrun in
{
struct auth_zones* az;
struct auth_zone* a;
+ struct dns_msg* ret = NULL;
struct clientip_synthesized_rr* raddr = NULL;
struct rpz* r = NULL;
struct local_zone* z = NULL;
z = rpz_delegation_point_zone_lookup(is->dp, r->nsdname_zones,
is->qchase.qclass, &match);
if(z != NULL) {
- lock_rw_unlock(&a->lock);
break;
}
raddr = rpz_delegation_point_ipbased_trigger_lookup(r, is);
if(raddr != NULL) {
- lock_rw_unlock(&a->lock);
break;
}
lock_rw_unlock(&a->lock);
if(z) {
lock_rw_unlock(&z->lock);
}
- return rpz_apply_nsip_trigger(ms, &is->qchase, r, raddr, a);
+ ret = rpz_apply_nsip_trigger(ms, &is->qchase, r, raddr, a);
+ } else {
+ ret = rpz_apply_nsdname_trigger(ms, &is->qchase, r, z, &match, a);
}
- return rpz_apply_nsdname_trigger(ms, &is->qchase, r, z, &match, a);
+ lock_rw_unlock(&a->lock);
+ return ret;
}
struct dns_msg* rpz_callback_from_iterator_cname(struct module_qstate* ms,
projects / thirdparty / unbound.git / commitdiff
