[bind/f19] Fixed memory leak in nsupdate if 'realm' was used multiple times
Tomas Hozza
thozza at fedoraproject.org
Thu Nov 28 09:10:04 UTC 2013
commit fe00784c3bb989f979cde0ba063816bd3a32818a
Author: Tomas Hozza <thozza at redhat.com>
Date: Thu Nov 28 10:05:22 2013 +0100
Fixed memory leak in nsupdate if 'realm' was used multiple times
Resolves: #984687
Signed-off-by: Tomas Hozza <thozza at redhat.com>
bind.spec | 8 +++++++-
bind99-ISC-Bugs-35073.patch | 31 +++++++++++++++++++++++++++++++
2 files changed, 38 insertions(+), 1 deletions(-)
---
diff --git a/bind.spec b/bind.spec
index cd20228..de951c4 100644
--- a/bind.spec
+++ b/bind.spec
@@ -26,7 +26,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
Name: bind
License: ISC
Version: 9.9.3
-Release: 12.%{?PATCHVER}%{?dist}
+Release: 13.%{?PATCHVER}%{?dist}
Epoch: 32
Url: http://www.isc.org/products/BIND/
Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -86,6 +86,8 @@ Patch138:bind-9.9.3-include-update-h.patch
Patch139:bind99-ISC-Bugs-34738.patch
# upstream patch [ISC-Bugs #34870]
Patch140:bind99-ISC-Bugs-34870-v3.patch
+# upstream applied patch for [ISC-Bugs #35073]
+Patch141:bind99-ISC-Bugs-35073.patch
# SDB patches
Patch11: bind-9.3.2b2-sdbsrc.patch
@@ -287,6 +289,7 @@ popd
%patch138 -p1 -b .update
%patch139 -p1 -b .journal
%patch140 -p1 -b .send_buffer
+%patch141 -p1 -b .leak_35073
%if %{SDB}
%patch101 -p1 -b .old-api
@@ -796,6 +799,9 @@ rm -rf ${RPM_BUILD_ROOT}
%endif
%changelog
+* Thu Nov 28 2013 Tomas Hozza <thozza at redhat.com> 32:9.9.3-13.P2
+- Fixed memory leak in nsupdate if 'realm' was used multiple times (#984687)
+
* Thu Oct 31 2013 Tomas Hozza <thozza at redhat.com> 32:9.9.3-12.P2
- Correct the upstream patch for #794940
diff --git a/bind99-ISC-Bugs-35073.patch b/bind99-ISC-Bugs-35073.patch
new file mode 100644
index 0000000..c8be3ed
--- /dev/null
+++ b/bind99-ISC-Bugs-35073.patch
@@ -0,0 +1,31 @@
+diff --git a/bin/nsupdate/nsupdate.c b/bin/nsupdate/nsupdate.c
+index 486c102..dc12a85 100644
+--- a/bin/nsupdate/nsupdate.c
++++ b/bin/nsupdate/nsupdate.c
+@@ -1566,16 +1566,20 @@ evaluate_realm(char *cmdline) {
+ #ifdef GSSAPI
+ char *word;
+ char buf[1024];
++ int n;
+
+- word = nsu_strsep(&cmdline, " \t\r\n");
+- if (word == NULL || *word == 0) {
+- if (realm != NULL)
+- isc_mem_free(mctx, realm);
++ if (realm != NULL) {
++ isc_mem_free(mctx, realm);
+ realm = NULL;
+- return (STATUS_MORE);
+ }
+
+- snprintf(buf, sizeof(buf), "@%s", word);
++ word = nsu_strsep(&cmdline, " \t\r\n");
++ if (word == NULL || *word == 0)
++ return (STATUS_MORE);
++
++ n = snprintf(buf, sizeof(buf), "@%s", word);
++ if (n < 0 || (size_t)n >= sizeof(buf))
++ fatal("realm is too long");
+ realm = isc_mem_strdup(mctx, buf);
+ if (realm == NULL)
+ fatal("out of memory");
More information about the scm-commits
mailing list