From owner-freebsd-ports-bugs@FreeBSD.ORG  Fri Mar  6 16:10:05 2009
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 1A6DB1065676
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Fri,  6 Mar 2009 16:10:05 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id EA7E18FC1F
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Fri,  6 Mar 2009 16:10:04 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n26GA4pi042652
	for <freebsd-ports-bugs@freefall.freebsd.org>;
	Fri, 6 Mar 2009 16:10:04 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n26GA409042651;
	Fri, 6 Mar 2009 16:10:04 GMT (envelope-from gnats)
Resent-Date: Fri, 6 Mar 2009 16:10:04 GMT
Resent-Message-Id: <200903061610.n26GA409042651@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-ports-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Renato Botelho <garga@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id F026D106566C
	for <FreeBSD-gnats-submit@freebsd.org>;
	Fri,  6 Mar 2009 16:09:08 +0000 (UTC)
	(envelope-from garga@FreeBSD.org)
Received: from capeta.freebsdbrasil.com.br (capeta.freebsdbrasil.com.br
	[201.48.151.3]) by mx1.freebsd.org (Postfix) with SMTP id 38A7A8FC1A
	for <FreeBSD-gnats-submit@freebsd.org>;
	Fri,  6 Mar 2009 16:09:07 +0000 (UTC)
	(envelope-from garga@FreeBSD.org)
Received: (qmail 23868 invoked from network); 6 Mar 2009 13:09:06 -0300
Received: from unknown (HELO botelhor.bluepex.com) (garga@189.19.84.134)
	by capeta.freebsdbrasil.com.br with SMTP; 6 Mar 2009 13:09:06 -0300
Received: (qmail 48765 invoked by uid 1001); 6 Mar 2009 13:09:26 -0300
Message-Id: <20090306160926.48764.qmail@botelhor.bluepex.com>
Date: 6 Mar 2009 13:09:26 -0300
From: Renato Botelho <garga@FreeBSD.org>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Cc: roam@FreeBSD.org
Subject: ports/132366: [PATCH] dns/djbdns: Fix a recent bug (AXFRed
	subdomains overwrite domains)
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Mar 2009 16:10:05 -0000


>Number:         132366
>Category:       ports
>Synopsis:       [PATCH] dns/djbdns: Fix a recent bug (AXFRed subdomains overwrite domains)
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Mar 06 16:10:04 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Renato Botelho
>Release:        FreeBSD 8.0-CURRENT i386
>Organization:
FreeBSD.org
>Environment:
System: FreeBSD botelhor.bplab.local 8.0-CURRENT FreeBSD 8.0-CURRENT #48 r189278: Mon Mar  2 11:46:45
>Description:
If the administrator of example.com publishes the example.com DNS data
through tinydns and axfrdns, and includes data for sub.example.com
transferred from an untrusted third party, then that third party can
control cache entries for example.com, not just sub.example.com. This is
the result of a bug in djbdns pointed out by Matthew Dempsky. (In short,
axfrdns compresses some outgoing DNS packets incorrectly.)

More detailed description at:

Since i'm here, pacify a bit portlint removing quotes from BROKEN messages

Added file(s):
- files/patch-response.c

Port maintainer (roam@FreeBSD.org) is cc'd.

Generated with FreeBSD Port Tools 0.77
>How-To-Repeat:
>Fix:

--- djbdns-1.05_13.patch begins here ---
Index: Makefile
===================================================================
RCS file: /home/pcvs/ports/dns/djbdns/Makefile,v
retrieving revision 1.33
diff -u -u -r1.33 Makefile
--- Makefile	24 May 2008 03:19:29 -0000	1.33
+++ Makefile	6 Mar 2009 16:06:35 -0000
@@ -7,7 +7,7 @@
 
 PORTNAME?=	djbdns
 PORTVERSION?=	${DJBDNS_VER}
-PORTREVISION?=	12
+PORTREVISION?=	13
 CATEGORIES?=	dns
 MASTER_SITES=	http://cr.yp.to/djbdns/ \
 		ftp://cr.yp.to/djbdns/
@@ -32,7 +32,7 @@
 
 .if defined(WITH_JUMBO)
 .if defined(WITH_IPV6) || defined(WITH_IGNOREIP) || defined(WITH_SRV)
-BROKEN=		"The jumbo patch currently conflicts with the IPv6 and ignoreip2 patches"
+BROKEN=		The jumbo patch currently conflicts with the IPv6 and ignoreip2 patches
 .endif
 
 PATCH_SITES+=	http://www.ro.kde.org/djbdns/mywork/jumbo/:jumbo
@@ -69,7 +69,7 @@
 
 .if defined(WITH_DUMPCACHE) && !defined(WITH_JUMBO)
 .if defined(WITH_IPV6)
-BROKEN=		"The IPv6 and dnscache-dumpcache patches are currently in conflict"
+BROKEN=		The IPv6 and dnscache-dumpcache patches are currently in conflict
 .endif
 PATCH_SITES+=	http://efge.free.fr/djbdns/:dumpcache
 PATCHFILES+=	patch-dnscache-dumpcache-v4.txt:dumpcache
Index: files/patch-response.c
===================================================================
RCS file: files/patch-response.c
diff -N files/patch-response.c
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ files/patch-response.c	6 Mar 2009 16:06:35 -0000
@@ -0,0 +1,11 @@
+--- response.c.orig	2009-03-06 13:02:27.000000000 -0300
++++ response.c	2009-03-06 13:03:03.000000000 -0300
+@@ -34,7 +34,7 @@
+         uint16_pack_big(buf,49152 + name_ptr[i]);
+         return response_addbytes(buf,2);
+       }
+-    if (dlen <= 128)
++    if ((dlen <= 128) && (response_len < 16384))
+       if (name_num < NAMES) {
+ 	byte_copy(name[name_num],dlen,d);
+ 	name_ptr[name_num] = response_len;
--- djbdns-1.05_13.patch ends here ---

>Release-Note:
>Audit-Trail:
>Unformatted: