- Extend RPZ/QNAME trigger test

- Fix potential memory leak

diff --git a/services/rpz.c b/services/rpz.c
index 543ab148b9487a8ca87fbe0d70034c516ff3d8b9..3e016b7d4e09ef0ea4757d0adbb433ac26ec6611 100644 (file)
--- a/services/rpz.c
+++ b/services/rpz.c
@@ -552,14 +552,16 @@ rpz_insert_rr(struct rpz* r, size_t aznamelen, uint8_t* dname,
        }
        t = rpz_dname_to_trigger(policydname);
        if(t == RPZ_QNAME_TRIGGER) {
-               rpz_insert_qname_trigger(r, policydname, policydnamelen,
+               if(!rpz_insert_qname_trigger(r, policydname, policydnamelen,
                        a, rr_type, rr_class, rr_ttl, rdatawl, rdatalen, rr,
-                       rr_len);
+                       rr_len))
+                       free(policydname);
        }
        else if(t == RPZ_RESPONSE_IP_TRIGGER) {
-               rpz_insert_response_ip_trigger(r, policydname,
+               if(!rpz_insert_response_ip_trigger(r, policydname,
                        a, rr_type, rr_class, rr_ttl, rdatawl, rdatalen, rr,
-                       rr_len);
+                       rr_len))
+                       free(policydname);
        }
        else {
                free(policydname);

diff --git a/testdata/rpz_qname.rpl b/testdata/rpz_qname.rpl
index d4076d72ec6192493afba1950d4bcb88c49f84cb..600087ae04493d55544002a8a6c11b292592951c 100644 (file)
--- a/testdata/rpz_qname.rpl
+++ b/testdata/rpz_qname.rpl
@@ -16,6 +16,7 @@ rpz   3600    IN      SOA     ns1.rpz.example.com. hostmaster.rpz.example.com. (
        3600    IN      NS      ns2.rpz.example.com.
 $ORIGIN rpz.example.com.
 a      CNAME   .
+a      CNAME   *. ; duplicate CNAME here on purpose
 *.a    TXT     "wildcard local data"
 b.a    CNAME   *.
 c.a    CNAME   rpz-passthru.
@@ -214,4 +215,12 @@ d. IN      TXT
 SECTION ANSWER
 d.     IN      TXT     "local data 2nd zone"
 ENTRY_END
+
+; deny zone
+STEP 90 QUERY
+ENTRY_BEGIN
+SECTION QUESTION
+drop. IN TXT
+ENTRY_END
+; no answer is checked at exit of testbound.
 SCENARIO_END