Commit 8e8dfc59 authored by Mark Andrews's avatar Mark Andrews

4582. [security] 'rndc ""' could trigger a assertion failure in named.

                        (CVE-2017-3138) [RT #44924]
parent 0fbf291d
4582. [security] 'rndc ""' could trigger a assertion failure in named.
(CVE-2017-3138) [RT #44924]
4581. [port] Linux: Add getpid and getrandom to the list of system
calls named uses for seccomp. [RT #44883]
......
......@@ -566,5 +566,13 @@ EOF
status=`expr $status + $ret`
fi
n=`expr $n + 1`
echo "I:check 'rndc \"\"' is handled ($n)"
ret=0
$RNDCCMD "" > rndc.out.test$n 2>&1 && ret=1
grep "rndc: '' failed: failure" rndc.out.test$n > /dev/null
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:exit status: $status"
[ $status -eq 0 ] || exit 1
......@@ -145,8 +145,6 @@ isc_lex_create(isc_mem_t *mctx, size_t max_token, isc_lex_t **lexp);
* Requires:
*\li '*lexp' is a valid lexer.
*
*\li max_token > 0.
*
* Ensures:
*\li On success, *lexp is attached to the newly created lexer.
*
......
......@@ -86,9 +86,10 @@ isc_lex_create(isc_mem_t *mctx, size_t max_token, isc_lex_t **lexp) {
/*
* Create a lexer.
*/
REQUIRE(lexp != NULL && *lexp == NULL);
REQUIRE(max_token > 0U);
if (max_token == 0U)
max_token = 1;
lex = isc_mem_get(mctx, sizeof(*lex));
if (lex == NULL)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment