Commit 1b3d2118 authored by Mark Andrews's avatar Mark Andrews

4285. [security] Specific APL data could trigger a INSIST.

                        (CVE-2015-8704) [RT #41396]
parent 7321d8df
4285. [security] Specific APL data could trigger a INSIST.
(CVE-2015-8704) [RT #41396]
4284. [bug] Some GeoIP options were incorrectly documented
using abbreviated forms which were not accepted by
named. The code has been updated to allow both
......
......@@ -153,6 +153,12 @@
<command>named</command> to allow access to unintended clients.
</para>
</listitem>
<listitem>
<para>
Specfic APL data could trigger a INSIST. This flaw was discovered
by Brian Mitchell and is disclosed in CVE-2015-8704. [RT #41396].
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="relnotes_features"><info><title>New Features</title></info>
......
......@@ -116,7 +116,7 @@ totext_in_apl(ARGS_TOTEXT) {
isc_uint8_t len;
isc_boolean_t neg;
unsigned char buf[16];
char txt[sizeof(" !64000")];
char txt[sizeof(" !64000:")];
const char *sep = "";
int n;
......@@ -140,7 +140,7 @@ totext_in_apl(ARGS_TOTEXT) {
isc_region_consume(&sr, 1);
INSIST(len <= sr.length);
n = snprintf(txt, sizeof(txt), "%s%s%u:", sep,
neg ? "!": "", afi);
neg ? "!" : "", afi);
INSIST(n < (int)sizeof(txt));
RETERR(str_totext(txt, target));
switch (afi) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment