37 lines
1.1 KiB
Diff
37 lines
1.1 KiB
Diff
|
From 813a1d0f943f7b4ecf43c449a08762a8d8557a45 Mon Sep 17 00:00:00 2001
|
||
|
|
From: UNKNOWN <>
|
||
|
|
Date: Tue, 27 Apr 2021 12:02:53 +0800
|
||
|
|
Subject: [PATCH v2 1/2] Fix CVE-2021-25214
|
||
|
|
|
||
|
|
Conflict:NA
|
||
|
|
Reference:https://downloads.isc.org/isc/bind9/private/40732ca6e4fcc9d0/patches/CVE-2021-25214.patch
|
||
|
|
|
||
|
|
|
||
|
|
diff --git a/bind/bind-9.11.14/lib/dns/xfrin.c b/bind/bind-9.11.14/lib/dns/xfrin.c
|
||
|
|
index 558f40c..bae6d41 100644
|
||
|
|
--- a/bind/bind-9.11.14/lib/dns/xfrin.c
|
||
|
|
+++ b/bind/bind-9.11.14/lib/dns/xfrin.c
|
||
|
|
@@ -477,6 +477,20 @@ xfr_rr(dns_xfrin_ctx_t *xfr, dns_name_t *name, isc_uint32_t ttl,
|
||
|
|
dns_rdatatype_ismeta(rdata->type))
|
||
|
|
FAIL(DNS_R_FORMERR);
|
||
|
|
|
||
|
|
+ /*
|
||
|
|
+ * Immediately reject the entire transfer if the RR that is currently
|
||
|
|
+ * being processed is an SOA record that is not placed at the zone
|
||
|
|
+ * apex.
|
||
|
|
+ */
|
||
|
|
+ if (rdata->type == dns_rdatatype_soa &&
|
||
|
|
+ !dns_name_equal(&xfr->name, name)) {
|
||
|
|
+ char namebuf[DNS_NAME_FORMATSIZE];
|
||
|
|
+ dns_name_format(name, namebuf, sizeof(namebuf));
|
||
|
|
+ xfrin_log(xfr, ISC_LOG_DEBUG(3), "SOA name mismatch: '%s'",
|
||
|
|
+ namebuf);
|
||
|
|
+ FAIL(DNS_R_NOTZONETOP);
|
||
|
|
+ }
|
||
|
|
+
|
||
|
|
redo:
|
||
|
|
switch (xfr->state) {
|
||
|
|
case XFRST_SOAQUERY:
|
||
|
|
--
|
||
|
|
1.8.3.1
|