From: Mark Andrews <marka@isc.org>
Date: Mon, 10 Dec 2018 02:33:54 +0000 (+1100)
Subject: check that multiple KEY-TAG trust-anchor-telemetry options don't leak memory
X-Git-Tag: v9.12.4rc1~4^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=22018e332a1fc796bc2baa14e7fb4e5a11539788;p=thirdparty%2Fbind9.git

check that multiple KEY-TAG trust-anchor-telemetry options don't leak memory

(cherry picked from commit 4b1dc4a5445e9561f2208f9388cf9f9e2cfcbe51)
---

diff --git a/bin/tests/system/dnssec/tests.sh b/bin/tests/system/dnssec/tests.sh
index 7697c5d1674..9aad10a4e4f 100644
--- a/bin/tests/system/dnssec/tests.sh
+++ b/bin/tests/system/dnssec/tests.sh
@@ -3343,18 +3343,18 @@ $DIG $DIGOPTS +noauth +noadd +nodnssec +adflag @10.53.0.4 dnskey-unsupported.exa
 grep "status: NOERROR," dig.out.ns3.test$n > /dev/null || ret=1
 grep "status: NOERROR," dig.out.ns4.test$n > /dev/null || ret=1
 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
-n=$((n+1))
+n=`expr $n + 1`
 test "$ret" -eq 0 || echo_i "failed"
-status=$((status+ret))
+status=`expr $status + $ret`
 
 echo_i "checking that unsupported DNSKEY algorithm is in DNSKEY RRset ($n)"
 ret=0
 $DIG $DIGOPTS +noauth +noadd +nodnssec +adflag @10.53.0.3 dnskey-unsupported-2.example DNSKEY > dig.out.test$n
 grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1
 grep "dnskey-unsupported-2\.example\..*IN.*DNSKEY.*257 3 255" dig.out.test$n > /dev/null || ret=1
-n=$((n+1))
+n=`expr $n + 1`
 test "$ret" -eq 0 || echo_i "failed"
-status=$((status+ret))
+status=`expr $status + $ret`
 
 echo_i "check that a lone non matching CDNSKEY record is rejected ($n)"
 ret=0
@@ -3537,12 +3537,23 @@ status=`expr $status + $ret`
 
 echo_i "check that KEY-TAG trust-anchor-telemetry queries are logged ($n)"
 ret=0
-$DIG $DIGOPTS . dnskey +ednsopt=KEY-TAG:ffff @10.53.0.1 > dig.out.ns4.test$n || ret=1
+$DIG $DIGOPTS . dnskey +ednsopt=KEY-TAG:ffff @10.53.0.1 > dig.out.ns1.test$n || ret=1
 grep "trust-anchor-telemetry './IN' from .* 65535" ns1/named.run > /dev/null || ret=1
 n=`expr $n + 1`
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
 
+echo_i "check that multiple KEY-TAG trust-anchor-telemetry options don't leak memory ($n)"
+ret=0
+$DIG $DIGOPTS . dnskey +ednsopt=KEY-TAG:fffe +ednsopt=KEY-TAG:fffd @10.53.0.1 > dig.out.ns1.test$n || ret=1
+grep "trust-anchor-telemetry './IN' from .* 65534" ns1/named.run > /dev/null || ret=1
+grep "trust-anchor-telemetry './IN' from .* 65533" ns1/named.run > /dev/null && ret=1
+$PERL $SYSTEMTESTTOP/stop.pl dnssec ns1 || ret=1
+$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} dnssec ns1 || ret=1
+n=`expr $n + 1`
+test "$ret" -eq 0 || echo_i "failed"
+status=`expr $status + $ret`
+
 echo_i "check that the view is logged in messages from the validator when using views ($n)"
 ret=0
 grep "view rec: *validat" ns4/named.run > /dev/null || ret=1