net-dns/bind: backport FORTIFY_SOURCE=3 named-checkconf crash fix

Closes: https://bugs.gentoo.org/847295
Signed-off-by: Sam James <sam@gentoo.org>

1 files changed, 35 insertions, 0 deletions

diff --git a/net-dns/bind/files/bind-9.16.29-fortify-source-3.patch b/net-dns/bind/files/bind-9.16.29-fortify-source-3.patch
new file mode 100644
index 000000000000..d084d6e62ce8
--- /dev/null
+++ b/net-dns/bind/files/bind-9.16.29-fortify-source-3.patch
@@ -0,0 +1,35 @@
+https://gitlab.isc.org/isc-projects/bind9/-/commit/b6670787d25743ddf39dfe8e615828efc928f50d
+https://gitlab.isc.org/isc-projects/bind9/-/issues/3351
+https://bugs.gentoo.org/847295
+
+From: Evan Hunt <each@isc.org>
+Date: Fri, 13 May 2022 19:59:58 -0700
+Subject: [PATCH] prevent a possible buffer overflow in configuration check
+
+corrected code that could have allowed a buffer overfow while
+parsing named.conf.
+
+(cherry picked from commit 921043b54161c7a3e6dc4036b038ca4dbc5fe472)
+--- a/lib/bind9/check.c
++++ b/lib/bind9/check.c
+@@ -2500,8 +2500,8 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions,
+ 		} else if (dns_name_isula(zname)) {
+ 			ula = true;
+ 		}
+-		tmp += strlen(tmp);
+ 		len -= strlen(tmp);
++		tmp += strlen(tmp);
+ 		(void)snprintf(tmp, len, "%u/%s", zclass,
+ 			       (ztype == CFG_ZONE_INVIEW) ? target
+ 			       : (viewname != NULL)	  ? viewname
+@@ -3247,8 +3247,8 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions,
+ 		char *tmp = keydirbuf;
+ 		size_t len = sizeof(keydirbuf);
+ 		dns_name_format(zname, keydirbuf, sizeof(keydirbuf));
+-		tmp += strlen(tmp);
+ 		len -= strlen(tmp);
++		tmp += strlen(tmp);
+ 		(void)snprintf(tmp, len, "/%s", (dir == NULL) ? "(null)" : dir);
+ 		tresult = keydirexist(zconfig, (const char *)keydirbuf,
+ 				      kaspname, keydirs, logctx, mctx);
+GitLab