rpms/bind/F-10 bind-95-rh452060.patch, NONE, 1.1 bind.spec, 1.286, 1.287

Wed Dec 3 12:21:16 UTC 2008

Author: atkac

Update of /cvs/pkgs/rpms/bind/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28827

Modified Files:
	bind.spec 
Added Files:
	bind-95-rh452060.patch 
Log Message:
- fixed rare use-after-free problem in host utility (#452060)


bind-95-rh452060.patch:

--- NEW FILE bind-95-rh452060.patch ---
diff -up bind-9.5.0-P2/bin/dig/dighost.c.rh452060 bind-9.5.0-P2/bin/dig/dighost.c
--- bind-9.5.0-P2/bin/dig/dighost.c.rh452060	2008-12-01 22:30:01.000000000 +0100
+++ bind-9.5.0-P2/bin/dig/dighost.c	2008-12-01 22:30:07.000000000 +0100
@@ -1280,6 +1280,12 @@ clear_query(dig_query_t *query) {
 
 	debug("clear_query(%p)", query);
 
+	if (query->waiting_senddone) {
+		debug("send_done not yet called");
+		query->pending_free = ISC_TRUE;
+		return;
+	}
+
 	lookup = query->lookup;
 
 	if (lookup->current_query == query)
@@ -1301,10 +1307,7 @@ clear_query(dig_query_t *query) {
 	isc_mempool_put(commctx, query->recvspace);
 	isc_buffer_invalidate(&query->recvbuf);
 	isc_buffer_invalidate(&query->lengthbuf);
-	if (query->waiting_senddone)
-		query->pending_free = ISC_TRUE;
-	else
-		isc_mem_free(mctx, query);
+	isc_mem_free(mctx, query);
 }
 
 /*%
@@ -2175,9 +2178,9 @@ send_done(isc_task_t *_task, isc_event_t
 	isc_event_free(&event);
 
 	if (query->pending_free)
-		isc_mem_free(mctx, query);
+		clear_query(query);
 
-	check_if_done();
+	check_next_lookup(l);
 	UNLOCK_LOOKUP;
 }
 


Index: bind.spec
===================================================================
RCS file: /cvs/pkgs/rpms/bind/F-10/bind.spec,v
retrieving revision 1.286
retrieving revision 1.287
diff -u -r1.286 -r1.287
--- bind.spec	1 Dec 2008 15:56:22 -0000	1.286
+++ bind.spec	3 Dec 2008 12:20:45 -0000	1.287
@@ -2,7 +2,7 @@
 # Red Hat BIND package .spec file
 #
 
-%define PREVER b3
+%define PREVER rc1
 %define VERSION %{version}%{PREVER}
 
 %{?!SDB:       %define SDB       1}
@@ -19,7 +19,7 @@
 Name:     bind
 License:  ISC
 Version:  9.5.1
-Release:  0.9.1.%{PREVER}%{?dist}
+Release:  0.9.2.%{PREVER}%{?dist}
 Epoch:    32
 Url:      http://www.isc.org/products/BIND/
 Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -58,6 +58,7 @@
 Patch87: bind-9.5-parallel-build.patch
 Patch95: bind-95-sdlz-include.patch
 Patch96: bind-95-rh469440.patch
+Patch97: bind-95-rh452060.patch
 
 # SDB patches
 Patch11: bind-9.3.2b2-sdbsrc.patch
@@ -239,6 +240,7 @@
 %patch94 -p1 -b .rh461409
 %patch95 -p1 -b .includes
 %patch96 -p1 -b .rh469440
+%patch97 -p1 -b .rh452060
 
 # Sparc and s390 arches need to use -fPIE
 %ifarch sparcv9 sparc64 s390 s390x
@@ -636,6 +638,9 @@
 %{_sbindir}/bind-chroot-admin
 
 %changelog
+* Tue Dec 02 2008 Adam Tkac <atkac redhat com> 32:9.5.1-0.9.2.b3
+- fixed rare use-after-free problem in host utility (#452060)
+
 * Mon Dec 01 2008 Adam Tkac <atkac redhat com> 32:9.5.1-0.9.1.b3
 - improved sample config file (#473586)
 


