SIG-bug fix for 8.2.2p5
Roy Arends
roy at nlnetlabs.nl
Mon Mar 20 09:19:55 UTC 2000
Hello,
Bind version 8.2.2p5 will crash when it's requested for a SIG RR. The
crash will only happen when the server was setup (as master/slave) for a
secure zone and the rrset-order was set to cyclic (which is the default).
This is due to a bug in src/bin/named/ns_resp.c
This bug is fixed in the 8.2.3-t1a version (and in the 8.2.2-p6 version,
which is still unreleased). However, 8.2.2p5 is the current version, and
for setting up DNSSEC, the SIG-bug fix is necessary.
Apply the patch below to fix the bug.
Regards,
Roy Arends
--
roy at nlnetlabs.nl NLnetLabs
tel +31208884551 Kruislaan 419
|\ || _ _|_ | _ |_ _ 1098 VA Amsterdam
| \||__| )(-|_ |__(_||_)_) The Netherlands
--------------------------------------------------
patch_ns_resp.c
--- ns_resp.c
+++ ns_resp.c
@@ -3106,7 +3106,10 @@
case cyclic_order:
/* first we do the non-SIG records */
- choice = ((u_int)rand()>>3) % non_sig_count;
+ if (non_sig_count > 0)
+ choice = ((u_int)rand()>>3) % non_sig_count;
+ else
+ choice = 0;
for (i = 0; i < non_sig_count ; i++) {
dp = found[(i + choice) % non_sig_count];
if (foundcname != 0 && dp->d_type == T_CNAME)
More information about the bind-users
mailing list