diff options
| author | Seonah Moon <seonah1.moon@samsung.com> | 2023-02-20 13:50:53 +0900 |
|---|---|---|
| committer | seonah moon <seonah1.moon@samsung.com> | 2023-02-20 07:34:33 +0000 |
| commit | 99c991f31d46e6beac2a48e99cbd4c3064f27d75 (patch) | |
| tree | f2dba96870939e33fe94b8a5792cc3bd47dd755d | |
| parent | a52ed4e3333985705d78ddd1b0f860704d86ebc7 (diff) | |
| download | bind-99c991f31d46e6beac2a48e99cbd4c3064f27d75.tar.gz bind-99c991f31d46e6beac2a48e99cbd4c3064f27d75.tar.bz2 bind-99c991f31d46e6beac2a48e99cbd4c3064f27d75.zip | |
[CVE-2020-8621] Ensure QNAME minimization is permanently disabled when forwarding [TEST] [v9.16]
See merge request isc-projects/bind9!4042
https://kb.isc.org/v1/docs/cve-2020-8621
Change-Id: I754eb4efae881f57f5dea2bfada27d4208e0c4b7
| -rw-r--r-- | CHANGES | 4 | ||||
| -rw-r--r-- | lib/dns/resolver.c | 9 |
2 files changed, 13 insertions, 0 deletions
@@ -1,3 +1,7 @@ +5479. [security] named could crash in certain query resolution scenarios + where QNAME minimization and forwarding were both + enabled. (CVE-2020-8621) [GL #1997] + --- 9.14.12 released --- 5395. [security] Further limit the number of queries that can be diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 07276adb..374d35be 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -3909,6 +3909,15 @@ fctx_nextaddress(fetchctx_t *fctx) { addrinfo->flags |= FCTX_ADDRINFO_MARK; fctx->find = NULL; fctx->forwarding = true; + + /* + * QNAME minimization is disabled when + * forwarding, and has to remain disabled if + * we switch back to normal recursion; otherwise + * forwarding could leave us in an inconsistent + * state. + */ + fctx->minimized = false; return (addrinfo); } } |