daemon/tls: fix a double-free for some cases of policy.TLS_FORWARD

The double-free may have happened in some cases when the upstream
resolver was stopped while answering a forwarded query. I was reliably
reproducing it by running resperf on two kresd instances with one forwarded
to the other, and killing the upstream one.

diff --git a/NEWS b/NEWS
index de2f5b277d34427b4e86572a537a0a75c5916e9c..b0a3b467ae2f59591335a4ff2097cd661d232593 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,7 @@ Improvements
 Bugfixes
 --------
 - daemon/http: improved URI checks to fix some proxies (#746, !1311)
+- daemon/tls: fixed a double-free for some cases of policy.TLS_FORWARD (!1314)
 
 
 Knot Resolver 5.5.1 (2022-06-14)

diff --git a/daemon/tls.c b/daemon/tls.c
index 44a28b5490a26a470cfa263ca854206858ebfa42..8d69d85675f9107b91fdec3e436f0892ef4d2dfa 100644 (file)
--- a/daemon/tls.c
+++ b/daemon/tls.c
@@ -389,6 +389,8 @@ void tls_client_close(struct tls_client_ctx *ctx)
        /* Store the current session data for potential resumption of this session */
        if (ctx->params) {
                gnutls_free(ctx->params->session_data.data);
+               ctx->params->session_data.data = NULL;
+               ctx->params->session_data.size = 0;
                gnutls_session_get_data2(ctx->c.tls_session, &ctx->params->session_data);
        }