rpms/bind/F-9 bind-95-rh452060.patch, NONE, 1.1 bind.spec, 1.269, 1.270

Adam Tkac atkac at fedoraproject.org
Wed Dec 3 12:21:44 UTC 2008 

Author: atkac

Update of /cvs/pkgs/rpms/bind/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28990

Modified Files:
	bind.spec 
Added Files:
	bind-95-rh452060.patch 
Log Message:
- fixed rare use-after-free problem in host utility (#452060)


bind-95-rh452060.patch:

--- NEW FILE bind-95-rh452060.patch ---
diff -up bind-9.5.0-P2/bin/dig/dighost.c.rh452060 bind-9.5.0-P2/bin/dig/dighost.c
--- bind-9.5.0-P2/bin/dig/dighost.c.rh452060	2008-12-01 22:30:01.000000000 +0100
+++ bind-9.5.0-P2/bin/dig/dighost.c	2008-12-01 22:30:07.000000000 +0100
@@ -1280,6 +1280,12 @@ clear_query(dig_query_t *query) {
 
 	debug("clear_query(%p)", query);
 
+	if (query->waiting_senddone) {
+		debug("send_done not yet called");
+		query->pending_free = ISC_TRUE;
+		return;
+	}
+
 	lookup = query->lookup;
 
 	if (lookup->current_query == query)
@@ -1301,10 +1307,7 @@ clear_query(dig_query_t *query) {
 	isc_mempool_put(commctx, query->recvspace);
 	isc_buffer_invalidate(&query->recvbuf);
 	isc_buffer_invalidate(&query->lengthbuf);
-	if (query->waiting_senddone)
-		query->pending_free = ISC_TRUE;
-	else
-		isc_mem_free(mctx, query);
+	isc_mem_free(mctx, query);
 }
 
 /*%
@@ -2175,9 +2178,9 @@ send_done(isc_task_t *_task, isc_event_t
 	isc_event_free(&event);
 
 	if (query->pending_free)
-		isc_mem_free(mctx, query);
+		clear_query(query);
 
-	check_if_done();
+	check_next_lookup(l);
 	UNLOCK_LOOKUP;
 }
 


Index: bind.spec
===================================================================
RCS file: /cvs/pkgs/rpms/bind/F-9/bind.spec,v
retrieving revision 1.269
retrieving revision 1.270
diff -u -r1.269 -r1.270
--- bind.spec	6 Aug 2008 09:59:26 -0000	1.269
+++ bind.spec	3 Dec 2008 12:21:13 -0000	1.270
@@ -20,7 +20,7 @@
 Name: 		bind
 License: 	ISC
 Version: 	9.5.0
-Release: 	35.%{PATCHVER}%{?dist}
+Release: 	35.1.%{PATCHVER}%{?dist}
 Epoch:   	32
 Url: 		http://www.isc.org/products/BIND/
 Buildroot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -63,6 +63,7 @@
 Patch92:	bind-9.5-edns.patch
 Patch94:	bind95-rh457175.patch
 Patch95:	bind95-rh454783.patch
+Patch96:	bind-95-rh452060.patch
 
 # SDB patches
 Patch11: 	bind-9.3.2b2-sdbsrc.patch
@@ -245,6 +246,7 @@
 %patch91 -p1 -b .recv-race
 %patch92 -p1 -b .edns
 %patch94 -p1 -b .rh457175
+%patch96 -p1 -b .rh452060
 
 # Sparc and s390 arches need to use -fPIE                                                           
 %ifarch sparcv9 sparc64 s390 s390x
@@ -657,6 +659,9 @@
 %{_sbindir}/bind-chroot-admin
 
 %changelog
+* Tue Dec 02 2008 Adam Tkac <atkac redhat com> 32:9.5.0-35.1.P2
+- fixed rare use-after-free problem in host utility (#452060)
+
 * Wed Aug 06 2008 Adam Tkac <atkac redhat com> 32:9.5.0-35.P2
 - 9.5.0-P2 release
   - bind95-rh450995.patch was merged

More information about the fedora-extras-commits mailing list