]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
projects / thirdparty / bind9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 70a1bc1)
Don't free key in compute_tag in case of failure
authorMatthijs Mekking <github@pletterpet.nl>
Wed, 12 Dec 2018 13:06:10 +0000 (14:06 +0100)
committerEvan Hunt <each@isc.org>
Thu, 21 Feb 2019 03:45:09 +0000 (19:45 -0800)
If `dns_dnssec_keyfromrdata` failed we don't need to call
`dst_key_free` because no `dstkey` was created.  Doing so
nevertheless will result in an assertion failure.

This can happen if the key uses an unsupported algorithm.

(cherry picked from commit 7a1ca39b950b7d5230b605ac60f15a1cb94e3d69)

lib/dns/zone.c patch | blob | blame | history

diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index daca1992a795352aa3299804bc7afade43506382..0667beb9422fe098ba438bfadc570e7917de2e99 100644 (file)
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -3929,9 +3929,10 @@ compute_tag(dns_name_t *name, dns_rdata_dnskey_t *dnskey, isc_mem_t *mctx,
                             dns_rdatatype_dnskey, dnskey, &buffer);
 
        result = dns_dnssec_keyfromrdata(name, &rdata, mctx, &dstkey);
-       if (result == ISC_R_SUCCESS)
+       if (result == ISC_R_SUCCESS) {
                *tag = dst_key_id(dstkey);
-       dst_key_free(&dstkey);
+               dst_key_free(&dstkey);
+       }
 
        return (result);
 }
Mirror of https://gitlab.isc.org/isc-projects/bind9.git