From: Wouter Wijngaards Date: Wed, 27 May 2009 12:10:07 +0000 (+0000) Subject: Fixup crash if root prime has a timeout and parent qstate has been deleted. X-Git-Tag: release-1.3.0~2^2~6 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5e2189bb3573a0c2a5d1d7fa72b78e08339cd25a;p=thirdparty%2Funbound.git Fixup crash if root prime has a timeout and parent qstate has been deleted. git-svn-id: file:///svn/unbound/trunk@1626 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/doc/Changelog b/doc/Changelog index fe1e5a3a0..6e98ce5ee 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -6,6 +6,8 @@ Most easily triggered on XP (not Vista), maybe because of the network stack encouraging large messages backlogs. - change in debug statements. + - Fixed bug that could cause a crash if root prime failed when there + were message backlogs. 26 May 2009: Wouter - Thanks again to Brett Carr, found an assertion that was not true. diff --git a/iterator/iterator.c b/iterator/iterator.c index 2f6daafef..5e6dc5e17 100644 --- a/iterator/iterator.c +++ b/iterator/iterator.c @@ -551,12 +551,6 @@ prime_root(struct module_qstate* qstate, struct iter_qstate* iq, verbose(VERB_ALGO, "Cannot prime due to lack of hints"); return 0; } - /* copy dp; to avoid messing up available list for other thr/queries */ - dp = delegpt_copy(dp, qstate->region); - if(!dp) { - log_err("out of memory priming root, copydp"); - return 0; - } /* Priming requests start at the QUERYTARGETS state, skipping * the normal INIT state logic (which would cause an infloop). */ if(!generate_sub_request((uint8_t*)"\000", 1, LDNS_RR_TYPE_NS, @@ -568,8 +562,17 @@ prime_root(struct module_qstate* qstate, struct iter_qstate* iq, if(subq) { struct iter_qstate* subiq = (struct iter_qstate*)subq->minfo[id]; - /* Set the initial delegation point to the hint. */ - subiq->dp = dp; + /* Set the initial delegation point to the hint. + * copy dp, it is now part of the root prime query. + * dp was part of in the fixed hints structure. */ + subiq->dp = delegpt_copy(dp, subq->region); + if(!subiq->dp) { + log_err("out of memory priming root, copydp"); + fptr_ok(fptr_whitelist_modenv_kill_sub( + qstate->env->kill_sub)); + (*qstate->env->kill_sub)(subq); + return 0; + } /* there should not be any target queries. */ subiq->num_target_queries = 0; subiq->dnssec_expected = iter_indicates_dnssec( @@ -611,6 +614,8 @@ prime_stub(struct module_qstate* qstate, struct iter_qstate* iq, /* is it a noprime stub (always use) */ if(stub->noprime) { + /* copy the dp out of the fixed hints structure, so that + * it can be changed when servicing this query */ iq->dp = delegpt_copy(stub_dp, qstate->region); if(!iq->dp) { log_err("out of memory priming stub");