BIND merge requestshttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests2022-08-25T09:32:52Zhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/4604Draft: Resolve "CID 316504: Untrusted loop bound (TAINTED_SCALAR)"2022-08-25T09:32:52ZMark AndrewsDraft: Resolve "CID 316504: Untrusted loop bound (TAINTED_SCALAR)"Closes #2417
Closes #2418
Closes #2419
Closes #2422
Closes #2424
Closes #2425
Closes #2426Closes #2417
Closes #2418
Closes #2419
Closes #2422
Closes #2424
Closes #2425
Closes #2426Not plannedhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/5051Draft: Enable GCC Analyzer2022-05-04T16:44:34ZOndřej SurýDraft: Enable GCC AnalyzerThe GCC 10 introduced GCC Analyzer[1] and this MR enables it in addition to Clang Static Analyzer we already have.
1. https://gcc.gnu.org/onlinedocs/gcc-10.1.0/gcc/Static-Analyzer-Options.htmlThe GCC 10 introduced GCC Analyzer[1] and this MR enables it in addition to Clang Static Analyzer we already have.
1. https://gcc.gnu.org/onlinedocs/gcc-10.1.0/gcc/Static-Analyzer-Options.htmlNot plannedOndřej SurýOndřej Surýhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/6438Handle the return code when we can't resume processing2023-07-17T17:43:24ZOndřej SurýHandle the return code when we can't resume processingInitiate the socket shutdown when isc__nm_process_sock_buffer() returns
an error in the isc__nm_resume_processing() callback.
Closes #3409Initiate the socket shutdown when isc__nm_process_sock_buffer() returns
an error in the isc__nm_resume_processing() callback.
Closes #3409Not plannedOndřej SurýOndřej Surýhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/8020Refactor isc_mem_get et al. for safer allocation size calculations2023-09-04T09:21:22ZTony FinchRefactor isc_mem_get et al. for safer allocation size calculationsIf there is an integer overflow when calculating an allocation size the new memory on the heap can be too small leading to a heap buffer overflow.
To make it easier to use checked arithmetic for allocation sizes, change `isc_mem_get()` ...If there is an integer overflow when calculating an allocation size the new memory on the heap can be too small leading to a heap buffer overflow.
To make it easier to use checked arithmetic for allocation sizes, change `isc_mem_get()` to allocate an array by default. Like `calloc()`, it now takes two size arguments: an element count, and an element size. (Unlike `calloc()`, however, `ISC_MEM_ZERO` must be requested explicitly.)
There is also a new extended variant, `isc_mem_getfx()` for allocating a `struct` with a flexible array member. It uses a checked multiply-add to calculate the size.
Most of this change is done by Coccinelle. However, Coccinelle's parser has trouble with some of BIND's macros, so the refactoring is done in three stages: suppress the problematic macros; apply the `spatch`; then revert the suppression.
The `spatch` is generated by a perl script, because it is very repetitive handling all the variants of `isc_mem_get()`, `isc_mem_put()`, etc., with and without flags.Not plannedTony FinchTony Finchhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/8303Draft: Resolve "Check the size of the structure passed to dns_rdata_*struct m...2024-01-03T13:35:11ZMark AndrewsDraft: Resolve "Check the size of the structure passed to dns_rdata_*struct methods"Closes #4318Closes #4318Not plannedhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/8744Draft: Resolve "CID 486476: Memory - corruptions (OVERRUN) in lib/dns/resconf.c"2024-03-07T00:54:18ZMark AndrewsDraft: Resolve "CID 486476: Memory - corruptions (OVERRUN) in lib/dns/resconf.c"Closes #4581Closes #4581May 2024 (9.18.27, 9.18.27-S1, 9.19.24)