From: Ralph Dolmans <ralph@nlnetlabs.nl>
Date: Thu, 8 Aug 2019 14:07:16 +0000 (+0200)
Subject: - Extend RPZ/QNAME trigger test
X-Git-Tag: release-1.10.0rc1~28^2~28^2~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=401fc154431b18febea4774005581ab864f94033;p=thirdparty%2Funbound.git

- Extend RPZ/QNAME trigger test
- Fix potential memory leak
---

diff --git a/services/rpz.c b/services/rpz.c
index 543ab148b..3e016b7d4 100644
--- a/services/rpz.c
+++ b/services/rpz.c
@@ -552,14 +552,16 @@ rpz_insert_rr(struct rpz* r, size_t aznamelen, uint8_t* dname,
 	}
 	t = rpz_dname_to_trigger(policydname);
 	if(t == RPZ_QNAME_TRIGGER) {
-		rpz_insert_qname_trigger(r, policydname, policydnamelen,
+		if(!rpz_insert_qname_trigger(r, policydname, policydnamelen,
 			a, rr_type, rr_class, rr_ttl, rdatawl, rdatalen, rr,
-			rr_len);
+			rr_len))
+			free(policydname);
 	}
 	else if(t == RPZ_RESPONSE_IP_TRIGGER) {
-		rpz_insert_response_ip_trigger(r, policydname,
+		if(!rpz_insert_response_ip_trigger(r, policydname,
 			a, rr_type, rr_class, rr_ttl, rdatawl, rdatalen, rr,
-			rr_len);
+			rr_len))
+			free(policydname);
 	}
 	else {
 		free(policydname);
diff --git a/testdata/rpz_qname.rpl b/testdata/rpz_qname.rpl
index d4076d72e..600087ae0 100644
--- a/testdata/rpz_qname.rpl
+++ b/testdata/rpz_qname.rpl
@@ -16,6 +16,7 @@ rpz	3600	IN	SOA	ns1.rpz.example.com. hostmaster.rpz.example.com. (
 	3600	IN	NS	ns2.rpz.example.com.
 $ORIGIN rpz.example.com.
 a	CNAME 	.
+a	CNAME 	*. ; duplicate CNAME here on purpose
 *.a	TXT	"wildcard local data"
 b.a	CNAME 	*.
 c.a	CNAME	rpz-passthru.
@@ -214,4 +215,12 @@ d.	IN	TXT
 SECTION ANSWER
 d.	IN	TXT	"local data 2nd zone"
 ENTRY_END
+
+; deny zone
+STEP 90 QUERY
+ENTRY_BEGIN
+SECTION QUESTION
+drop. IN TXT
+ENTRY_END
+; no answer is checked at exit of testbound.
 SCENARIO_END