bind 9.6.0-P1's nsupdate dumps core on NetBSD/i386 4.x
Mark Andrews
Mark_Andrews at isc.org
Fri Mar 6 04:36:27 UTC 2009
In message <p05200f72c5d61071b990@[130.102.20.138]>, Ray Phillips writes:
> > You need to call gdb correctly.
> >
> > gdb /usr/local/bin/nsupdate nsupdate.core
>
> Thanks Mark.
>
> Sorry, I (obviously) don't have much of a clue about using gdb.
Looks like you have hit this bug.
2547. [bug] openssl_link.c:mem_realloc() could reference an
out-of-range area of the source buffer. New public
function isc_mem_reallocate() was introduced to address
this bug. [RT #19313]
Mark
Index: bind9/CHANGES
diff -u bind9/CHANGES:1.2991 bind9/CHANGES:1.2992
--- bind9/CHANGES:1.2991 Fri Feb 6 12:33:17 2009
+++ bind9/CHANGES Wed Feb 11 03:04:18 2009
@@ -1,3 +1,8 @@
+2547. [bug] openssl_link.c:mem_realloc() could reference an
+ out-of-range area of the source buffer. New public
+ function isc_mem_reallocate() was introduced to address
+ this bug. [RT #19313]
+
2546. [func] Add --enable-openssl-hash configure flag to use
OpenSSL (in place of internal routine) for hash
functions (MD5, SHA[12] and HMAC). [RT #18815]
Index: bind9/lib/dns/openssl_link.c
diff -u bind9/lib/dns/openssl_link.c:1.24 bind9/lib/dns/openssl_link.c:1.25
--- bind9/lib/dns/openssl_link.c:1.24 Sat Jan 17 23:47:42 2009
+++ bind9/lib/dns/openssl_link.c Wed Feb 11 03:04:18 2009
@@ -148,18 +148,8 @@
static void *
mem_realloc(void *ptr, size_t size) {
- void *p;
-
INSIST(dst__memory_pool != NULL);
- p = NULL;
- if (size > 0U) {
- p = mem_alloc(size);
- if (p != NULL && ptr != NULL)
- memcpy(p, ptr, size);
- }
- if (ptr != NULL)
- mem_free(ptr);
- return (p);
+ return (isc_mem_reallocate(dst__memory_pool, ptr, size));
}
isc_result_t
Index: bind9/lib/isc/mem.c
diff -u bind9/lib/isc/mem.c:1.147 bind9/lib/isc/mem.c:1.148
--- bind9/lib/isc/mem.c:1.147 Thu Jan 22 23:47:54 2009
+++ bind9/lib/isc/mem.c Wed Feb 11 03:04:18 2009
@@ -1365,6 +1365,40 @@
return (si);
}
+void *
+isc__mem_reallocate(isc_mem_t *ctx, void *ptr, size_t size FLARG) {
+ void *new_ptr = NULL;
+ size_t oldsize, copysize;
+
+ REQUIRE(VALID_CONTEXT(ctx));
+
+ /*
+ * This function emulates the realloc(3) standard library function:
+ * - if size > 0, allocate new memory; and if ptr is non NULL, copy
+ * as much of the old contents to the new buffer and free the old one.
+ * Note that when allocation fails the original pointer is intact;
+ * the caller must free it.
+ * - if size is 0 and ptr is non NULL, simply free the given ptr.
+ * - this function returns:
+ * pointer to the newly allocated memory, or
+ * NULL if allocation fails or doesn't happen.
+ */
+ if (size > 0U) {
+ new_ptr = isc__mem_allocate(ctx, size FLARG_PASS);
+ if (new_ptr != NULL && ptr != NULL) {
+ oldsize = (((size_info *)ptr)[-1]).u.size;
+ INSIST(oldsize >= ALIGNMENT_SIZE);
+ oldsize -= ALIGNMENT_SIZE;
+ copysize = oldsize > size ? size : oldsize;
+ memcpy(new_ptr, ptr, copysize);
+ isc__mem_free(ctx, ptr FLARG_PASS);
+ }
+ } else if (ptr != NULL)
+ isc__mem_free(ctx, ptr FLARG_PASS);
+
+ return (new_ptr);
+}
+
void
isc__mem_free(isc_mem_t *ctx, void *ptr FLARG) {
size_info *si;
Index: bind9/lib/isc/include/isc/mem.h
diff -u bind9/lib/isc/include/isc/mem.h:1.80 bind9/lib/isc/include/isc/mem.h:1.81
--- bind9/lib/isc/include/isc/mem.h:1.80 Sat Jan 17 23:47:43 2009
+++ bind9/lib/isc/include/isc/mem.h Wed Feb 11 03:04:18 2009
@@ -154,6 +154,7 @@
#define isc_mem_get(c, s) isc__mem_get((c), (s) _ISC_MEM_FILELINE)
#define isc_mem_allocate(c, s) isc__mem_allocate((c), (s) _ISC_MEM_FILELINE)
+#define isc_mem_reallocate(c, p, s) isc__mem_reallocate((c), (p), (s) _ISC_MEM_FILELINE)
#define isc_mem_strdup(c, p) isc__mem_strdup((c), (p) _ISC_MEM_FILELINE)
#define isc_mempool_get(c) isc__mempool_get((c) _ISC_MEM_FILELINE)
@@ -612,6 +613,8 @@
isc__mem_put(isc_mem_t *, void *, size_t _ISC_MEM_FLARG);
void *
isc__mem_allocate(isc_mem_t *, size_t _ISC_MEM_FLARG);
+void *
+isc__mem_reallocate(isc_mem_t *, void *, size_t _ISC_MEM_FLARG);
void
isc__mem_free(isc_mem_t *, void * _ISC_MEM_FLARG);
char *
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list