2428. [bug] dns_iptable_merge() mishandled merges of negative

author Mark Andrews <marka@isc.org>

Wed, 27 Aug 2008 04:44:18 +0000 (04:44 +0000)

committer Mark Andrews <marka@isc.org>

Wed, 27 Aug 2008 04:44:18 +0000 (04:44 +0000)
author Mark Andrews <marka@isc.org>
Wed, 27 Aug 2008 04:44:18 +0000 (04:44 +0000)
committer Mark Andrews <marka@isc.org>
Wed, 27 Aug 2008 04:44:18 +0000 (04:44 +0000)
diff --git a/CHANGES b/CHANGES

index 36ee0d9b868f7c7f7ffcf729db78ce9f511e347d..ece09ed6e1751d08c3cebe55e4e145f293e259ac 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+2428.  [bug]           dns_iptable_merge() mishandled merges of negative
+                       tables. [RT #18409]
+
  2427.  [func]          Treat DNSKEY queries as if "minimal-response yes;"
                         was set. [RT #18528]
  
diff --git a/lib/dns/iptable.c b/lib/dns/iptable.c

index 4823bccc2366e59049b9af9335ab7b7f6220417f..80587689ffcf6727b3374da6f8bef2b6635d3e97 100644 (file)
--- a/lib/dns/iptable.c
+++ b/lib/dns/iptable.c
@@ -14,7 +14,7 @@
   * PERFORMANCE OF THIS SOFTWARE.
   */
  
-/* $Id: iptable.c,v 1.9 2008/01/21 20:38:54 each Exp $ */
+/* $Id: iptable.c,v 1.10 2008/08/27 04:44:18 marka Exp $ */
  
  #include <isc/mem.h>
  #include <isc/radix.h>
@@ -62,7 +62,7 @@ dns_iptable_addprefix(dns_iptable_t *tab, isc_netaddr_t *addr,
  {
         isc_result_t result;
         isc_prefix_t pfx;
-       isc_radix_node_t *node;
+       isc_radix_node_t *node = NULL;
         int family;
  
         INSIST(DNS_IPTABLE_VALID(tab));
@@ -100,6 +100,7 @@ dns_iptable_merge(dns_iptable_t *tab, dns_iptable_t *source, isc_boolean_t pos)
         int max_node = 0;
  
         RADIX_WALK (source->radix->head, node) {
+               new_node = NULL;
                 result = isc_radix_insert (tab->radix, &new_node, node, NULL);
  
                 if (result != ISC_R_SUCCESS)
@@ -117,14 +118,10 @@ dns_iptable_merge(dns_iptable_t *tab, dns_iptable_t *source, isc_boolean_t pos)
                         if (node->data[0] &&
                             *(isc_boolean_t *) node->data[0] == ISC_TRUE)
                                 new_node->data[0] = &dns_iptable_neg;
-                       else
-                               new_node->data[0] = node->data[0];
  
                         if (node->data[1] &&
                             *(isc_boolean_t *) node->data[1] == ISC_TRUE)
                                 new_node->data[1] = &dns_iptable_neg;
-                       else
-                               new_node->data[1] = node->data[0];
                 }
  
                 if (node->node_num[0] > max_node)
author	Mark Andrews <marka@isc.org>
	Wed, 27 Aug 2008 04:44:18 +0000 (04:44 +0000)
committer	Mark Andrews <marka@isc.org>
	Wed, 27 Aug 2008 04:44:18 +0000 (04:44 +0000)
CHANGES		patch \| blob \| blame \| history
lib/dns/iptable.c		patch \| blob \| blame \| history