From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Tue, 7 Sep 2021 10:18:04 +0000 (+0200)
Subject: dnsdist: Fix wrong reference counting in DoH cross-protocol handling
X-Git-Tag: dnsdist-1.7.0-alpha1~23^2~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=240f2b9da0aac7f055aa039a1a59d7f91e35e394;p=thirdparty%2Fpdns.git

dnsdist: Fix wrong reference counting in DoH cross-protocol handling
---

diff --git a/pdns/dnsdistdist/doh.cc b/pdns/dnsdistdist/doh.cc
index e90077db4e..6301727a37 100644
--- a/pdns/dnsdistdist/doh.cc
+++ b/pdns/dnsdistdist/doh.cc
@@ -492,6 +492,7 @@ public:
       return;
     }
 
+    du->ids = std::move(query);
     du->status_code = 502;
     sendDoHUnitToTheMainThread(du, "cross-protocol error response");
     du->release();
@@ -637,19 +638,20 @@ static int processDOHQuery(DOHUnit* du)
         proxyProtocolPayload = getProxyProtocolPayload(dq);
       }
 
-      auto cpq = std::make_unique<DoHCrossProtocolQuery>(du);
-      du->get();
-      cpq->query.d_proxyProtocolPayload = std::move(proxyProtocolPayload);
-      du->tcp = true;
       du->ids.origID = htons(queryId);
       du->ids.cs = &cs;
       setIDStateFromDNSQuestion(du->ids, dq, std::move(qname));
 
+      /* this moves du->ids, careful! */
+      du->get();
+      auto cpq = std::make_unique<DoHCrossProtocolQuery>(du);
+      cpq->query.d_proxyProtocolPayload = std::move(proxyProtocolPayload);
+      du->tcp = true;
       if (du->downstream->passCrossProtocolQuery(std::move(cpq))) {
         return 0;
       }
       else {
-        du->release();
+        /* do not release du here, it belongs to the DoHCrossProtocolQuery object */
         du->status_code = 502;
         return -1;
       }