]> git.ipfire.org Git - thirdparty/unbound.git/commitdiff
projects / thirdparty / unbound.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 226298b)
- Fix Unchecked NULL Pointer in dns64_inform_super()
authorW.C.A. Wijngaards <wouter@nlnetlabs.nl>
Tue, 19 Nov 2019 14:48:18 +0000 (15:48 +0100)
committerW.C.A. Wijngaards <wouter@nlnetlabs.nl>
Tue, 19 Nov 2019 14:48:18 +0000 (15:48 +0100)
  and ipsecmod_new(), reported by X41 D-Sec.

dns64/dns64.c patch | blob | blame | history
doc/Changelog patch | blob | blame | history
ipsecmod/ipsecmod.c patch | blob | blame | history

diff --git a/dns64/dns64.c b/dns64/dns64.c
index 1e38b8f0d1331d7ec815585c440a04f22f59398c..736c30e407718b9da489a5366d9e444648715174 100644 (file)
--- a/dns64/dns64.c
+++ b/dns64/dns64.c
@@ -941,6 +941,12 @@ dns64_inform_super(struct module_qstate* qstate, int id,
        if(!super_dq) {
                super_dq = (struct dns64_qstate*)regional_alloc(super->region,
                        sizeof(*super_dq));
+               if(!super_dq) {
+                       log_err("out of memory");
+                       super->return_rcode = LDNS_RCODE_SERVFAIL;
+                       super->return_msg = NULL;
+                       return;
+               }
                super->minfo[id] = super_dq;
                memset(super_dq, 0, sizeof(*super_dq));
                super_dq->started_no_cache_store = super->no_cache_store;
diff --git a/doc/Changelog b/doc/Changelog
index a1f3a4445b06ba2ccc739d25aa0cbf0616e9e48a..823d837a142f4a819ea05436319400dda16d6e9a 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -5,6 +5,8 @@
        - Fixes to please lint checks.
        - Fix Integer Overflow in Regional Allocator,
          reported by X41 D-Sec.
+       - Fix Unchecked NULL Pointer in dns64_inform_super()
+         and ipsecmod_new(), reported by X41 D-Sec.
 
 18 November 2019: Wouter
        - In unbound-host use separate variable for get_option to please
diff --git a/ipsecmod/ipsecmod.c b/ipsecmod/ipsecmod.c
index 9e916d6043acb2c564dfa1e615a7c37e3905e536..2e286e73d5a28e4380ec3b25ce8aaa3953d9487f 100644 (file)
--- a/ipsecmod/ipsecmod.c
+++ b/ipsecmod/ipsecmod.c
@@ -103,11 +103,11 @@ ipsecmod_new(struct module_qstate* qstate, int id)
 {
        struct ipsecmod_qstate* iq = (struct ipsecmod_qstate*)regional_alloc(
                qstate->region, sizeof(struct ipsecmod_qstate));
-       memset(iq, 0, sizeof(*iq));
        qstate->minfo[id] = iq;
        if(!iq)
                return 0;
        /* Initialise it. */
+       memset(iq, 0, sizeof(*iq));
        iq->enabled = qstate->env->cfg->ipsecmod_enabled;
        iq->is_whitelisted = ipsecmod_domain_is_whitelisted(
                (struct ipsecmod_env*)qstate->env->modinfo[id], qstate->qinfo.qname,
Mirror of https://github.com/NLnetLabs/unbound.git