ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Fix TSIG dump keyfile name buffer size issues

Browse Source
This commit is contained in:
Mukund Sivaraman
2018-03-28 22:11:22 +05:30
committed by Ondřej Surý
parent 7467735258
commit 44b84cb5a6
1 changed files with 22 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
lib/dns/view.c
View File

@@ -352,28 +352,28 @@ destroy(dns_view_t *view) {
if (view->dynamickeys != NULL) {
isc_result_t result;
char template[20];
char keyfile[20];
char template[PATH_MAX];
char keyfile[PATH_MAX];
FILE *fp = NULL;
int n;
n = snprintf(keyfile, sizeof(keyfile), "%s.tsigkeys",
view->name);
if (n > 0 && (size_t)n < sizeof(keyfile)) {
result = isc_file_mktemplate(keyfile, template,
sizeof(template));
if (result == ISC_R_SUCCESS)
(void)isc_file_openuniqueprivate(template, &fp);
result = isc_file_mktemplate(NULL, template, sizeof(template));
if (result == ISC_R_SUCCESS) {
(void)isc_file_openuniqueprivate(template, &fp);
}
if (fp == NULL)
if (fp == NULL) {
dns_tsigkeyring_detach(&view->dynamickeys);
else {
result = dns_tsigkeyring_dumpanddetach(
&view->dynamickeys, fp);
} else {
result = dns_tsigkeyring_dumpanddetach
(&view->dynamickeys, fp);
if (result == ISC_R_SUCCESS) {
if (fclose(fp) == 0)
result = isc_file_rename(template,
keyfile);
if (fclose(fp) == 0) {
result = isc_file_sanitize
(NULL, view->name, "tsigkeys",
keyfile, sizeof(keyfile));
if (result == ISC_R_SUCCESS)
result = isc_file_rename
(template, keyfile);
}
if (result != ISC_R_SUCCESS)
(void)remove(template);
} else {
@@ -907,15 +907,15 @@ dns_view_getdynamickeyring(dns_view_t *view, dns_tsig_keyring_t **ringp) {
void
dns_view_restorekeyring(dns_view_t *view) {
FILE *fp;
char keyfile[20];
int n;
char keyfile[PATH_MAX];
isc_result_t result;
REQUIRE(DNS_VIEW_VALID(view));
if (view->dynamickeys != NULL) {
n = snprintf(keyfile, sizeof(keyfile), "%s.tsigkeys",
view->name);
if (n > 0 && (size_t)n < sizeof(keyfile)) {
result = isc_file_sanitize(NULL, view->name, "tsigkeys",
keyfile, sizeof(keyfile));
if (result == ISC_R_SUCCESS) {
fp = fopen(keyfile, "r");
if (fp != NULL) {
dns_keyring_restore(view->dynamickeys, fp);