diff --git a/bind-96-realloc.patch b/bind-96-realloc.patch new file mode 100644 index 0000000..b2ecaa8 --- /dev/null +++ b/bind-96-realloc.patch @@ -0,0 +1,261 @@ +Index: lib/isc/mem.c +=================================================================== +RCS file: /var/snap/bind9/lib/isc/mem.c,v +retrieving revision 1.145 +retrieving revision 1.145.120.4 +diff -u -p -r1.145 -r1.145.120.4 +--- lib/isc/mem.c 2 Apr 2008 02:37:42 -0000 1.145 ++++ lib/isc/mem.c 16 Feb 2009 03:17:05 -0000 1.145.120.4 +@@ -1,5 +1,5 @@ + /* +- * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") ++ * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1997-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and/or distribute this software for any +@@ -15,7 +15,7 @@ + * PERFORMANCE OF THIS SOFTWARE. + */ + +-/* $Id: bind-96-realloc.patch,v 1.1 2009/03/04 09:27:48 atkac Exp $ */ ++/* $Id: bind-96-realloc.patch,v 1.1 2009/03/04 09:27:48 atkac Exp $ */ + + /*! \file */ + +@@ -52,7 +52,7 @@ LIBISC_EXTERNAL_DATA unsigned int isc_me + + #define DEF_MAX_SIZE 1100 + #define DEF_MEM_TARGET 4096 +-#define ALIGNMENT_SIZE 8 /*%< must be a power of 2 */ ++#define ALIGNMENT_SIZE 8U /*%< must be a power of 2 */ + #define NUM_BASIC_BLOCKS 64 /*%< must be > 1 */ + #define TABLE_INCREMENT 1024 + #define DEBUGLIST_COUNT 1024 +@@ -1191,7 +1191,7 @@ print_active(isc_mem_t *mctx, FILE *out) + const char *format; + isc_boolean_t found; + +- fprintf(out, isc_msgcat_get(isc_msgcat, ISC_MSGSET_MEM, ++ fprintf(out, "%s", isc_msgcat_get(isc_msgcat, ISC_MSGSET_MEM, + ISC_MSG_DUMPALLOC, + "Dump of all outstanding " + "memory allocations:\n")); +@@ -1217,7 +1217,7 @@ print_active(isc_mem_t *mctx, FILE *out) + } + } + if (!found) +- fprintf(out, isc_msgcat_get(isc_msgcat, ISC_MSGSET_MEM, ++ fprintf(out, "%s", isc_msgcat_get(isc_msgcat, ISC_MSGSET_MEM, + ISC_MSG_NONE, "\tNone.\n")); + } + } +@@ -1259,7 +1259,7 @@ isc_mem_stats(isc_mem_t *ctx, FILE *out) + */ + pool = ISC_LIST_HEAD(ctx->pools); + if (pool != NULL) { +- fprintf(out, isc_msgcat_get(isc_msgcat, ISC_MSGSET_MEM, ++ fprintf(out, "%s", isc_msgcat_get(isc_msgcat, ISC_MSGSET_MEM, + ISC_MSG_POOLSTATS, + "[Pool statistics]\n")); + fprintf(out, "%15s %10s %10s %10s %10s %10s %10s %10s %1s\n", +@@ -1365,6 +1365,40 @@ isc__mem_allocate(isc_mem_t *ctx, size_t + return (si); + } + ++void * ++isc__mem_reallocate(isc_mem_t *ctx, void *ptr, size_t size FLARG) { ++ void *new_ptr = NULL; ++ size_t oldsize, copysize; ++ ++ REQUIRE(VALID_CONTEXT(ctx)); ++ ++ /* ++ * This function emulates the realloc(3) standard library function: ++ * - if size > 0, allocate new memory; and if ptr is non NULL, copy ++ * as much of the old contents to the new buffer and free the old one. ++ * Note that when allocation fails the original pointer is intact; ++ * the caller must free it. ++ * - if size is 0 and ptr is non NULL, simply free the given ptr. ++ * - this function returns: ++ * pointer to the newly allocated memory, or ++ * NULL if allocation fails or doesn't happen. ++ */ ++ if (size > 0U) { ++ new_ptr = isc__mem_allocate(ctx, size FLARG_PASS); ++ if (new_ptr != NULL && ptr != NULL) { ++ oldsize = (((size_info *)ptr)[-1]).u.size; ++ INSIST(oldsize >= ALIGNMENT_SIZE); ++ oldsize -= ALIGNMENT_SIZE; ++ copysize = oldsize > size ? size : oldsize; ++ memcpy(new_ptr, ptr, copysize); ++ isc__mem_free(ctx, ptr FLARG_PASS); ++ } ++ } else if (ptr != NULL) ++ isc__mem_free(ctx, ptr FLARG_PASS); ++ ++ return (new_ptr); ++} ++ + void + isc__mem_free(isc_mem_t *ctx, void *ptr FLARG) { + size_info *si; +Index: lib/isc/include/isc/mem.h +=================================================================== +RCS file: /var/snap/bind9/lib/isc/include/isc/mem.h,v +retrieving revision 1.78 +retrieving revision 1.78.120.3 +diff -u -p -r1.78 -r1.78.120.3 +--- lib/isc/include/isc/mem.h 31 Mar 2008 05:00:30 -0000 1.78 ++++ lib/isc/include/isc/mem.h 11 Feb 2009 03:07:01 -0000 1.78.120.3 +@@ -1,5 +1,5 @@ + /* +- * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") ++ * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1997-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and/or distribute this software for any +@@ -15,7 +15,7 @@ + * PERFORMANCE OF THIS SOFTWARE. + */ + +-/* $Id: bind-96-realloc.patch,v 1.1 2009/03/04 09:27:48 atkac Exp $ */ ++/* $Id: bind-96-realloc.patch,v 1.1 2009/03/04 09:27:48 atkac Exp $ */ + + #ifndef ISC_MEM_H + #define ISC_MEM_H 1 +@@ -94,7 +94,7 @@ LIBISC_EXTERNAL_DATA extern unsigned int + /*!< + * The variable isc_mem_debugging holds a set of flags for + * turning certain memory debugging options on or off at +- * runtime. Its is intialized to the value ISC_MEM_DEGBUGGING, ++ * runtime. It is initialized to the value ISC_MEM_DEGBUGGING, + * which is 0 by default but may be overridden at compile time. + * The following flags can be specified: + * +@@ -106,7 +106,7 @@ LIBISC_EXTERNAL_DATA extern unsigned int + * Crash if a free doesn't match an allocation. + * + * \li #ISC_MEM_DEBUGUSAGE +- * If a hi_water mark is set, print the maximium inuse memory ++ * If a hi_water mark is set, print the maximum inuse memory + * every time it is raised once it exceeds the hi_water mark. + * + * \li #ISC_MEM_DEBUGSIZE +@@ -154,11 +154,12 @@ LIBISC_EXTERNAL_DATA extern unsigned int + + #define isc_mem_get(c, s) isc__mem_get((c), (s) _ISC_MEM_FILELINE) + #define isc_mem_allocate(c, s) isc__mem_allocate((c), (s) _ISC_MEM_FILELINE) ++#define isc_mem_reallocate(c, p, s) isc__mem_reallocate((c), (p), (s) _ISC_MEM_FILELINE) + #define isc_mem_strdup(c, p) isc__mem_strdup((c), (p) _ISC_MEM_FILELINE) + #define isc_mempool_get(c) isc__mempool_get((c) _ISC_MEM_FILELINE) + + /*% +- * isc_mem_putanddetach() is a convienence function for use where you ++ * isc_mem_putanddetach() is a convenience function for use where you + * have a structure with an attached memory context. + * + * Given: +@@ -341,12 +342,12 @@ isc_mem_setwater(isc_mem_t *mctx, isc_me + * + * When the memory usage of 'mctx' exceeds 'hiwater', + * '(water)(water_arg, #ISC_MEM_HIWATER)' will be called. 'water' needs to +- * call isc_mem_waterack() with #ISC_MEM_HIWATER to acknowlege the state ++ * call isc_mem_waterack() with #ISC_MEM_HIWATER to acknowledge the state + * change. 'water' may be called multiple times. + * + * When the usage drops below 'lowater', 'water' will again be called, this + * time with #ISC_MEM_LOWATER. 'water' need to calls isc_mem_waterack() with +- * #ISC_MEM_LOWATER to acknowlege the change. ++ * #ISC_MEM_LOWATER to acknowledge the change. + * + * static void + * water(void *arg, int mark) { +@@ -373,7 +374,7 @@ isc_mem_setwater(isc_mem_t *mctx, isc_me + void + isc_mem_waterack(isc_mem_t *ctx, int mark); + /*%< +- * Called to acknowledge changes in signalled by calls to 'water'. ++ * Called to acknowledge changes in signaled by calls to 'water'. + */ + + void +@@ -512,7 +513,7 @@ isc_mempool_associatelock(isc_mempool_t + * and it is also used to set or get internal state via the isc_mempool_get*() + * and isc_mempool_set*() set of functions. + * +- * Mutiple pools can each share a single lock. For instance, if "manager" ++ * Multiple pools can each share a single lock. For instance, if "manager" + * type object contained pools for various sizes of events, and each of + * these pools used a common lock. Note that this lock must NEVER be used + * by other than mempool routines once it is given to a pool, since that can +@@ -612,6 +613,8 @@ void + isc__mem_put(isc_mem_t *, void *, size_t _ISC_MEM_FLARG); + void * + isc__mem_allocate(isc_mem_t *, size_t _ISC_MEM_FLARG); ++void * ++isc__mem_reallocate(isc_mem_t *, void *, size_t _ISC_MEM_FLARG); + void + isc__mem_free(isc_mem_t *, void * _ISC_MEM_FLARG); + char * +Index: lib/dns/openssl_link.c +=================================================================== +RCS file: /var/snap/bind9/lib/dns/openssl_link.c,v +retrieving revision 1.22 +retrieving revision 1.22.112.3 +diff -u -p -r1.22 -r1.22.112.3 +--- lib/dns/openssl_link.c 5 Apr 2008 23:47:11 -0000 1.22 ++++ lib/dns/openssl_link.c 11 Feb 2009 03:07:01 -0000 1.22.112.3 +@@ -1,5 +1,5 @@ + /* +- * Portions Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") ++ * Portions Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 1999-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and/or distribute this software for any +@@ -31,7 +31,7 @@ + + /* + * Principal Author: Brian Wellington +- * $Id: bind-96-realloc.patch,v 1.1 2009/03/04 09:27:48 atkac Exp $ ++ * $Id: bind-96-realloc.patch,v 1.1 2009/03/04 09:27:48 atkac Exp $ + */ + #ifdef OPENSSL + +@@ -148,18 +148,8 @@ mem_free(void *ptr) { + + static void * + mem_realloc(void *ptr, size_t size) { +- void *p; +- + INSIST(dst__memory_pool != NULL); +- p = NULL; +- if (size > 0U) { +- p = mem_alloc(size); +- if (p != NULL && ptr != NULL) +- memcpy(p, ptr, size); +- } +- if (ptr != NULL) +- mem_free(ptr); +- return (p); ++ return (isc_mem_reallocate(dst__memory_pool, ptr, size)); + } + + isc_result_t +@@ -252,7 +242,7 @@ dst__openssl_init() { + for (e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e)) { + + /* +- * Something wierd here. If we call ENGINE_finish() ++ * Something weird here. If we call ENGINE_finish() + * ENGINE_get_default_RAND() will fail. + */ + if (ENGINE_init(e)) { +@@ -386,7 +376,7 @@ dst__openssl_setdefault(const char *name + * + * 'engine_id' is the openssl engine name. + * +- * pre_cmds and post_cmds a sequence if command arguement pairs ++ * pre_cmds and post_cmds a sequence if command argument pairs + * pre_num and post_num are a count of those pairs. + * + * "SO_PATH", PKCS11_SO_PATH ("/usr/local/lib/engines/engine_pkcs11.so") diff --git a/bind.spec b/bind.spec index f3bae5d..90753ae 100644 --- a/bind.spec +++ b/bind.spec @@ -21,7 +21,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: ISC Version: 9.6.0 -Release: 6.%{PATCHVER}%{?dist} +Release: 7.%{PATCHVER}%{?dist} Epoch: 32 Url: http://www.isc.org/products/BIND/ Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -66,6 +66,7 @@ Patch100:bind-96-libtool2-libbind.patch Patch99: bind-96-libtool2.patch Patch101:bind-96-old-api.patch Patch102:bind-95-rh452060.patch +Patch103:bind-96-realloc.patch # SDB patches Patch11: bind-9.3.2b2-sdbsrc.patch @@ -246,6 +247,7 @@ mkdir lib/bind/m4 %endif %patch102 -p1 -b .rh452060 +%patch103 -p0 -b .realloc # Sparc and s390 arches need to use -fPIE %ifarch sparcv9 sparc64 s390 s390x @@ -604,6 +606,9 @@ rm -rf ${RPM_BUILD_ROOT} %ghost %{chroot_prefix}/etc/localtime %changelog +* Wed Mar 04 2009 Adam Tkac - 32:9.6.0-7.P1 +- fixed some read buffer overflows (upstream) + * Mon Feb 23 2009 Fedora Release Engineering - 32:9.6.0-6.P1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild