SIG-bug fix for 8.2.2p5

[Roy Arends]

Hello,

Bind version 8.2.2p5 will crash when it's requested for a SIG RR. The
crash will only happen when the server was setup (as master/slave) for a
secure zone and the rrset-order was set to cyclic (which is the default).

This is due to a bug in src/bin/named/ns_resp.c 

This bug is fixed in the 8.2.3-t1a version (and in the 8.2.2-p6 version, 
which is still unreleased). However, 8.2.2p5 is the current version, and 
for setting up DNSSEC, the SIG-bug fix is necessary. 

Apply the patch below to fix the bug.

Regards,

Roy Arends

-- 
roy at nlnetlabs.nl                NLnetLabs
tel +31208884551                Kruislaan 419
|\ ||   _  _|_  |   _ |_  _     1098 VA  Amsterdam
| \||__| )(-|_  |__(_||_)_)     The Netherlands
--------------------------------------------------
patch_ns_resp.c

--- ns_resp.c
+++ ns_resp.c
@@ -3106,7 +3106,10 @@
 
 		case cyclic_order:
 			/* first we do the non-SIG records */
-			choice = ((u_int)rand()>>3) % non_sig_count;
+			if (non_sig_count > 0)
+				choice = ((u_int)rand()>>3) % non_sig_count;
+			else
+				choice = 0;
 			for (i = 0; i < non_sig_count ; i++) {
 				dp = found[(i + choice) % non_sig_count];
 				if (foundcname != 0 && dp->d_type == T_CNAME)