4138. [bug] A uninitialized value in validator.c could result

                        in a assertion failure. (CVE-2015-4620) [RT #39795]

(cherry picked from commit a85c6b35affa7179434c41b277109dca2cbe01ec)
(cherry picked from commit f7d53a6f3bc1e3ada2468d4c44222f108e70c4e8)

diff --git a/CHANGES b/CHANGES
index 08e2570087af3262c58857aa29baf02950fa039a..f57c22059c6cac85d10f686f218c6f1e24262022 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+4138.  [bug]           A uninitialized value in validator.c could result
+                       in a assertion failure. (CVE-2015-4620) [RT #39795]
+
        --- 9.9.7 released ---
 
        --- 9.9.7rc2 released ---
@@ -8380,7 +8383,7 @@
                        on the responses. [RT #2454]
 
 1208.  [bug]           dns_master_load*() failed to log a error message if
-                       an error was detected when parsing the ownername of
+                       an error was detected when parsing the owner name of
                        a record.  [RT #2448]
 
 1207.  [bug]           libbind: getaddrinfo() could call freeaddrinfo() with

diff --git a/lib/dns/validator.c b/lib/dns/validator.c
index 565e7e1d62abd4b7ef7b21d9f5e2580ec53efc8a..1d0b709336db03cd2e73a410cae9cb3bb675a6c1 100644 (file)
--- a/lib/dns/validator.c
+++ b/lib/dns/validator.c
@@ -1420,7 +1420,6 @@ compute_keytag(dns_rdata_t *rdata, dns_rdata_dnskey_t *key) {
  */
 static isc_boolean_t
 isselfsigned(dns_validator_t *val) {
-       dns_fixedname_t fixed;
        dns_rdataset_t *rdataset, *sigrdataset;
        dns_rdata_t rdata = DNS_RDATA_INIT;
        dns_rdata_t sigrdata = DNS_RDATA_INIT;
@@ -1476,8 +1475,7 @@ isselfsigned(dns_validator_t *val) {
                        result = dns_dnssec_verify3(name, rdataset, dstkey,
                                                    ISC_TRUE,
                                                    val->view->maxbits,
-                                                   mctx, &sigrdata,
-                                                   dns_fixedname_name(&fixed));
+                                                   mctx, &sigrdata, NULL);
                        dst_key_free(&dstkey);
                        if (result != ISC_R_SUCCESS)
                                continue;