Fix a bug in catz_process_apl()

author Aram Sargsyan <aram@isc.org>

Mon, 4 May 2026 22:34:01 +0000 (22:34 +0000)

committer Aram Sargsyan <aram@isc.org>

Wed, 6 May 2026 20:34:27 +0000 (20:34 +0000)
author Aram Sargsyan <aram@isc.org>
Mon, 4 May 2026 22:34:01 +0000 (22:34 +0000)
committer Aram Sargsyan <aram@isc.org>
Wed, 6 May 2026 20:34:27 +0000 (20:34 +0000)
diff --git a/lib/dns/catz.c b/lib/dns/catz.c

index c6e65bbfc26620cc73af705406e8a7f797751f58..d73e124d20709d24d9a5b3dbc966575f2fb698eb 100644 (file)
--- a/lib/dns/catz.c
+++ b/lib/dns/catz.c
@@ -1571,6 +1571,17 @@ catz_process_primaries(dns_catz_zone_t *catz, dns_ipkeylist_t *ipkl,
  static isc_result_t
  catz_process_apl(dns_catz_zone_t *catz, isc_buffer_t **aclbp,
                  dns_rdataset_t *value) {
+       REQUIRE(DNS_RDATASET_VALID(value));
+       REQUIRE(dns_rdataset_isassociated(value));
+
+       if (value->type != dns_rdatatype_apl) {
+               return ISC_R_FAILURE;
+       }
+
+       REQUIRE(DNS_CATZ_ZONE_VALID(catz));
+       REQUIRE(aclbp != NULL);
+       REQUIRE(*aclbp == NULL);
+
         isc_result_t result = ISC_R_SUCCESS;
         dns_rdata_t rdata;
         dns_rdata_in_apl_t rdata_apl;
@@ -1579,16 +1590,6 @@ catz_process_apl(dns_catz_zone_t *catz, isc_buffer_t **aclbp,
         isc_buffer_t *aclb = NULL;
         unsigned char buf[256]; /* larger than INET6_ADDRSTRLEN */
  
-       REQUIRE(DNS_CATZ_ZONE_VALID(catz));
-       REQUIRE(aclbp != NULL);
-       REQUIRE(*aclbp == NULL);
-       REQUIRE(DNS_RDATASET_VALID(value));
-       REQUIRE(dns_rdataset_isassociated(value));
-
-       if (value->type != dns_rdatatype_apl) {
-               return ISC_R_FAILURE;
-       }
-
         if (dns_rdataset_count(value) > 1) {
                 isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
                               DNS_LOGMODULE_MASTER, ISC_LOG_WARNING,
author	Aram Sargsyan <aram@isc.org>
	Mon, 4 May 2026 22:34:01 +0000 (22:34 +0000)
committer	Aram Sargsyan <aram@isc.org>
	Wed, 6 May 2026 20:34:27 +0000 (20:34 +0000)