From: Wouter Wijngaards <wouter@nlnetlabs.nl>
Date: Thu, 13 Sep 2018 12:30:44 +0000 (+0000)
Subject: - Fix memory leak when message parse fails partway through copy.
X-Git-Tag: release-1.8.1rc1~14
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=898d4c8dd951cb94cf1ba4f5e4e5075339ed3e69;p=thirdparty%2Funbound.git

- Fix memory leak when message parse fails partway through copy.
- remove unused udpsize assignment in message encode.


git-svn-id: file:///svn/unbound/trunk@4904 be551aaa-1e26-0410-a405-d3ace91eadb9
---

diff --git a/doc/Changelog b/doc/Changelog
index 4626c87b8..eaa019a3e 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -18,6 +18,8 @@
 	- in authzone check that node exists before adding rrset.
 	- in unbound-anchor, use readwrite memory BIO.
 	- assertion in autotrust that packed rrset is formed correctly.
+	- Fix memory leak when message parse fails partway through copy.
+	- remove unused udpsize assignment in message encode.
 
 11 September 2018: Wouter
 	- Fixed unused return value warnings in contrib/fastrpz.patch for
diff --git a/util/data/msgencode.c b/util/data/msgencode.c
index aab7f5dfe..6bc3216ff 100644
--- a/util/data/msgencode.c
+++ b/util/data/msgencode.c
@@ -647,8 +647,6 @@ reply_info_encode(struct query_info* qinfo, struct reply_info* rep,
 	sldns_buffer_clear(buffer);
 	if(udpsize < sldns_buffer_limit(buffer))
 		sldns_buffer_set_limit(buffer, udpsize);
-	else if(sldns_buffer_limit(buffer) < udpsize)
-		udpsize = sldns_buffer_limit(buffer);
 	if(sldns_buffer_remaining(buffer) < LDNS_HEADER_SIZE)
 		return 0;
 
diff --git a/util/data/msgreply.c b/util/data/msgreply.c
index 540d7d4b3..45d42a87f 100644
--- a/util/data/msgreply.c
+++ b/util/data/msgreply.c
@@ -441,10 +441,14 @@ parse_create_msg(sldns_buffer* pkt, struct msg_parse* msg,
 		return 0;
 	if(!parse_create_repinfo(msg, rep, region))
 		return 0;
-	if(!reply_info_alloc_rrset_keys(*rep, alloc, region))
+	if(!reply_info_alloc_rrset_keys(*rep, alloc, region)) {
+		if(!region) reply_info_parsedelete(*rep, alloc);
 		return 0;
-	if(!parse_copy_decompress(pkt, msg, *rep, region))
+	}
+	if(!parse_copy_decompress(pkt, msg, *rep, region)) {
+		if(!region) reply_info_parsedelete(*rep, alloc);
 		return 0;
+	}
 	return 1;
 }