Report information
The Basics
Id:
44514
Status:
resolved
Priority:
Medium/Medium
Queue:
bind9-public
People
BugTracker
Version Fixed:
(no value)
Version Found:
(no value)
Versions Affected:
(no value)
Versions Planned:
(no value)
Priority:
(no value)
Severity:
(no value)
CVSS Score:
(no value)
CVE ID:
(no value)
Component:
(no value)
Area:
test
Attachments
0001-Remove-dead-code-introduced-by-P5-patches.patch
Dates
Created:Tue, 24 Jan 2017 11:20:16 -0500
Updated:Wed, 25 Oct 2017 19:08:19 -0400
Closed:Wed, 25 Oct 2017 19:08:19 -0400

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History
  Tue, 24 Jan 2017 11:20:16 -0500 Petr Menšík <pemensik@redhat.com> - Ticket created
Subject: Dead code introduced by -P5 and -P2 patches
Date: Tue, 24 Jan 2017 17:20:09 +0100
To: bind-bugs@isc.org
From: "Petr Menšík" <pemensik@redhat.com>

Hi! I think last CVE fixes created non-reachable code in Bind. Our Coverity scan complains about it and I have to waive it. I think Coverity is correct and some parts are not reachable anymore, because that conditions cannot ever be true. I suggest to remove unused variable cname as I did in my patch. -- Petr Menšík Software Engineer Red Hat, http://www.redhat.com/ email: pemensik@redhat.com  PGP: 65C6C973
0001-Remove-dead-code-introduced-by-P5-patches.patch

Message body is not shown because sender requested not to inline it.

  Tue, 24 Jan 2017 16:34:22 -0500 Mark Andrews <marka@isc.org> - Correspondence added
Subject: Re: [ISC-Bugs #44514] Dead code introduced by -P5 and -P2 patches
Date: Wed, 25 Jan 2017 08:34:14 +1100
To: bind9-bugs@isc.org
From: "Mark Andrews" <marka@isc.org>

We are aware of the issue. This is the proposed fix. This will be part of the next Coverity run (roughly weekly). Mark diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 397048e..d02a5e7 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -6834,10 +6834,10 @@ answer_response(fetchctx_t *fctx) { dns_name_t *name, *dname = NULL, *qname, tname, *ns_name; dns_name_t *cname = NULL; dns_rdataset_t *rdataset, *ns_rdataset; - isc_boolean_t done, external, chaining, aa, found, want_chaining; + isc_boolean_t done, external, aa, found, want_chaining; isc_boolean_t have_answer, found_cname, found_dname, found_type; isc_boolean_t wanted_chaining; - unsigned int aflag; + unsigned int aflag, chaining; dns_rdatatype_t type; dns_fixedname_t fdname, fqname; dns_view_t *view; @@ -6855,9 +6855,9 @@ answer_response(fetchctx_t *fctx) { found_cname = ISC_FALSE; found_dname = ISC_FALSE; found_type = ISC_FALSE; - chaining = ISC_FALSE; have_answer = ISC_FALSE; want_chaining = ISC_FALSE; + chaining = 0; POST(want_chaining); if ((message->flags & DNS_MESSAGEFLAG_AA) != 0) aa = ISC_TRUE; @@ -7004,7 +7004,7 @@ answer_response(fetchctx_t *fctx) { rdataset->attributes |= DNS_RDATASETATTR_CACHE; rdataset->trust = dns_trust_answer; - if (!chaining) { + if (chaining == 0) { /* * This data is "the" answer * to our question only if @@ -7081,8 +7081,8 @@ answer_response(fetchctx_t *fctx) { * cause us to ignore the signatures of * CNAMEs. */ - if (wanted_chaining) - chaining = ISC_TRUE; + if (wanted_chaining && chaining < 2U) + chaining++; } else { dns_rdataset_t *dnameset = NULL; @@ -7113,7 +7113,7 @@ answer_response(fetchctx_t *fctx) { * If we're not chaining, then the DNAME and * its signature should not be external. */ - if (!chaining && external) { + if (chaining == 0 && external) { char qbuf[DNS_NAME_FORMATSIZE]; char obuf[DNS_NAME_FORMATSIZE]; @@ -7197,7 +7197,14 @@ answer_response(fetchctx_t *fctx) { name->attributes |= DNS_NAMEATTR_CACHE; rdataset->attributes |= DNS_RDATASETATTR_CACHE; rdataset->trust = dns_trust_answer; - if (!chaining) { + /* + * If we are not chaining or the first CNAME + * is a synthesised CNAME before the DNAME. + */ + if ((chaining == 0) || + (chaining == 1U && + namereln == dns_namereln_commonancestor)) + { /* * This data is "the" answer to * our question only if we're @@ -7245,8 +7252,12 @@ answer_response(fetchctx_t *fctx) { dnameset->attributes |= DNS_RDATASETATTR_CHAINING; } - if (wanted_chaining) - chaining = ISC_TRUE; + /* + * Ensure that we can't ever get chaining == 1 + * above if we have processed a DNAME. + */ + if (wanted_chaining && chaining < 2U) + chaining += 2; } result = dns_message_nextname(message, DNS_SECTION_ANSWER); } @@ -7271,7 +7282,7 @@ answer_response(fetchctx_t *fctx) { /* * Did chaining end before we got the final answer? */ - if (chaining) { + if (chaining != 0) { /* * Yes. This may be a negative reply, so hand off * authority section processing to the noanswer code. @@ -7320,7 +7331,7 @@ answer_response(fetchctx_t *fctx) { DNS_NAMEATTR_CACHE; rdataset->attributes |= DNS_RDATASETATTR_CACHE; - if (aa && !chaining) + if (aa && chaining == 0) rdataset->trust = dns_trust_authauthority; else -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
Tue, 24 Jan 2017 16:34:23 -0500 The RT System itself - Status changed from 'new' to 'open'
Thu, 02 Feb 2017 22:32:34 -0500 Mark Andrews <marka@isc.org> - Taken
Wed, 28 Jun 2017 15:24:11 -0400 Vicky Risk <vicky@isc.org> - Queue changed from #6 to bind9-public
Wed, 28 Jun 2017 15:24:11 -0400 Vicky Risk <vicky@isc.org> - Area test added
Wed, 25 Oct 2017 19:08:19 -0400 Evan Hunt <Evan_Hunt@isc.org> - Status changed from 'open' to 'resolved'