Fix allocation for "none" ACL that caused assertion failure (#41745)

293a9e99 · Mukund Sivaraman · a125381c · 293a9e99 · 293a9e99 · 293a9e99
Commit 293a9e99 authored Feb 23, 2016 by Mukund Sivaraman
--- a/CHANGES
+++ b/CHANGES
+4320.	[bug]		Insufficient memory allocation when handling
+			"none" ACL could cause an assertion failure in
+			named when parsing ACL configuration. [RT #41745]
+
 4319.	[security]	Fix resolver assertion failure due to improper
 			DNAME handling when parsing fetch reply messages.
 			(CVE-2016-1286) [RT #41753]

--- a/bin/tests/system/checkconf/good-acl.conf
+++ b/bin/tests/system/checkconf/good-acl.conf
+acl a {
+	{ "none"; };
+	{ !19.0.0.0/0; };
+};
+
+options {
+	allow-query { a; };
+};
--- a/lib/isccfg/aclconf.c
+++ b/lib/isccfg/aclconf.c
@@ -273,10 +273,11 @@ count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx,
 		} else if (cfg_obj_isstring(ce)) {
 			const char *name = cfg_obj_asstring(ce);
 			if (strcasecmp(name, "localhost") == 0 ||
-			    strcasecmp(name, "localnets") == 0) {
+			    strcasecmp(name, "localnets") == 0 ||
+			    strcasecmp(name, "none") == 0)
+			{
 				n++;
-			} else if (strcasecmp(name, "any") != 0 &&
-				   strcasecmp(name, "none") != 0) {
+			} else if (strcasecmp(name, "any") != 0) {
 				dns_acl_t *inneracl = NULL;
 				/*
 				 * Convert any named acls we reference now if