From: Willem Toorop Date: Mon, 24 Sep 2012 20:38:11 +0000 (+0000) Subject: Code review changes: X-Git-Tag: release-1.6.14rc1~13 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=48add3b45e1697f812c41ed8195cc7121a03e597;p=thirdparty%2Fldns.git Code review changes: free wire when returning from dump_hex in drill/work.c return properly from do_secure_trace in drill/securetrace.c on ldns_resolver_push_nameserver_rr_list error free keys after use in print_ds_of_keys in drill/drill_util.c free util variables when returning from ldns_verify_denial in drill/dnssec.c Free ldns_pkt p when returning from get_rr in drill/dnssec.c Resource leak in get_dnssec_rr in drill/dnssec.c Resource leak in drill_pkt_print_footer in drill/dnssec.c free new_nss after printing in drill_pkt_print in drill/dnssec.c Resource leak in drill_pkt_print in drill/dnssec.c Free res and p when returning from do_trace in drill/chasetrace.c Multiple resource leaks in ldns_dnssec_zone_new_frm_fp_l in dnssec_zone.c free chopped_dname before return in ldns_dnssec_verify_denial in dnssec_verify.c Proper cleanup of tmp_rrset in ldns_dnssec_derive_trust_tree_normal_rrset_time in dnssec_verify.c free signatures in ldns_dnssec_build_data_chain in dnssec_verify.c free b64sig when RSA_sign fails in ldns_sign_public_rsasha1 in dnssec_sign.c free currentsig and signatures when premature returning from ldns_sign_public in dnssec_sign.c shallow free nsec3_list when returning from ldns_dnssec_zone_create_nsec3s_mkmap in dnssec_sign.c multiple resource leaks in ldns_pkt_verify_time in dnssec.c Free hashed_owner when prematurily returning from ldns_create_nsec3 in dnssec.c and Fix root label detection in dname.c (before last non-root labels ending in 0-character were not possible -- and they are really) Lessen memory-management in ldns_dname_reverse to 1 malloc --- diff --git a/dname.c b/dname.c index 80b0f3e0..00b441d9 100644 --- a/dname.c +++ b/dname.c @@ -30,6 +30,20 @@ #include #endif +static bool +ldns_dname_has_root_label(const ldns_rdf* dname) +{ + size_t src_pos; + size_t len = 0; + + for (src_pos = 0; src_pos < ldns_rdf_size(dname); src_pos += len + 1) { + len = ldns_rdf_data(dname)[src_pos]; + } + assert(src_pos == ldns_rdf_size(dname)); + + return src_pos > 0 && len == 0; +} + ldns_rdf * ldns_dname_cat_clone(const ldns_rdf *rd1, const ldns_rdf *rd2) { @@ -47,7 +61,7 @@ ldns_dname_cat_clone(const ldns_rdf *rd1, const ldns_rdf *rd2) * rd, by reducing the size with 1 */ left_size = ldns_rdf_size(rd1); - if (left_size > 0 &&ldns_rdf_data(rd1)[left_size - 1] == 0) { + if (ldns_dname_has_root_label(rd1)) { left_size--; } @@ -84,7 +98,7 @@ ldns_dname_cat(ldns_rdf *rd1, ldns_rdf *rd2) * rd, by reducing the size with 1 */ left_size = ldns_rdf_size(rd1); - if (left_size > 0 &&ldns_rdf_data(rd1)[left_size - 1] == 0) { + if (ldns_dname_has_root_label(rd1)) { left_size--; } @@ -102,36 +116,39 @@ ldns_dname_cat(ldns_rdf *rd1, ldns_rdf *rd2) return LDNS_STATUS_OK; } -ldns_rdf * -ldns_dname_reverse(const ldns_rdf *d) +ldns_rdf* +ldns_dname_reverse(const ldns_rdf *dname) { - ldns_rdf *new; - ldns_rdf *tmp; - ldns_rdf *d_tmp; - ldns_status status; - - d_tmp = ldns_rdf_clone(d); - - new = ldns_dname_new_frm_str("."); - if(!new) - return NULL; - - while(ldns_dname_label_count(d_tmp) > 0) { - tmp = ldns_dname_label(d_tmp, 0); - status = ldns_dname_cat(tmp, new); - if(status != LDNS_STATUS_OK) { - ldns_rdf_deep_free(new); - ldns_rdf_deep_free(d_tmp); - return NULL; - } - ldns_rdf_deep_free(new); - new = tmp; - tmp = ldns_dname_left_chop(d_tmp); - ldns_rdf_deep_free(d_tmp); - d_tmp = tmp; + size_t rd_size; + uint8_t* buf; + ldns_rdf* new; + size_t src_pos; + size_t len ; + + assert(ldns_rdf_get_type(dname) == LDNS_RDF_TYPE_DNAME); + + rd_size = ldns_rdf_size(dname); + buf = LDNS_XMALLOC(uint8_t, rd_size); + if (! buf) { + return NULL; + } + new = ldns_rdf_new(LDNS_RDF_TYPE_DNAME, rd_size, buf); + if (! new) { + LDNS_FREE(buf); + return NULL; + } + + /* If dname ends in a root label, the reverse should too. + */ + if (ldns_dname_has_root_label(dname)) { + buf[rd_size - 1] = 0; + rd_size -= 1; + } + for (src_pos = 0; src_pos < rd_size; src_pos += len + 1) { + len = ldns_rdf_data(dname)[src_pos]; + memcpy(&buf[rd_size - src_pos - len - 1], + &ldns_rdf_data(dname)[src_pos], len + 1); } - ldns_rdf_deep_free(d_tmp); - return new; } diff --git a/dnssec.c b/dnssec.c index c6e93211..5469fb18 100644 --- a/dnssec.c +++ b/dnssec.c @@ -1154,12 +1154,15 @@ ldns_create_nsec3(ldns_rdf *cur_owner, salt_length, salt); status = ldns_dname_cat(hashed_owner, cur_zone); - if(status != LDNS_STATUS_OK) + if(status != LDNS_STATUS_OK) { + ldns_rdf_deep_free(hashed_owner); return NULL; - + } nsec = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3); - if(!nsec) + if(!nsec) { + ldns_rdf_deep_free(hashed_owner); return NULL; + } ldns_rr_set_type(nsec, LDNS_RR_TYPE_NSEC3); ldns_rr_set_owner(nsec, hashed_owner); @@ -1443,8 +1446,9 @@ ldns_pkt_verify_time(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o, sigs = s; } else { /* otherwise get them from the packet */ - sigs = ldns_pkt_rr_list_by_name_and_type(p, o, LDNS_RR_TYPE_RRSIG, - LDNS_SECTION_ANY_NOQUESTION); + sigs = ldns_pkt_rr_list_by_name_and_type(p, o, + LDNS_RR_TYPE_RRSIG, + LDNS_SECTION_ANY_NOQUESTION); if (!sigs) { /* no sigs */ return LDNS_STATUS_ERR; @@ -1457,24 +1461,26 @@ ldns_pkt_verify_time(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o, */ t_netorder = htons(t); /* rdf are in network order! */ /* a type identifier is a 16-bit number, so the size is 2 bytes */ - rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, - 2, - &t_netorder); - sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0); + rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, 2, &t_netorder); - rrset = ldns_pkt_rr_list_by_name_and_type(p, - o, - t, - LDNS_SECTION_ANY_NOQUESTION); - - if (!rrset) { + sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0); + ldns_rdf_deep_free(rdf_t); + if (! sigs_covered) { + if (! s) { + ldns_rr_list_deep_free(sigs); + } return LDNS_STATUS_ERR; } + ldns_rr_list_deep_free(sigs_covered); - if (!sigs_covered) { + rrset = ldns_pkt_rr_list_by_name_and_type(p, o, t, + LDNS_SECTION_ANY_NOQUESTION); + if (!rrset) { + if (! s) { + ldns_rr_list_deep_free(sigs); + } return LDNS_STATUS_ERR; } - return ldns_verify_time(rrset, sigs, k, check_time, good_keys); } diff --git a/dnssec_sign.c b/dnssec_sign.c index 603d3f13..f2f9d9dd 100644 --- a/dnssec_sign.c +++ b/dnssec_sign.c @@ -260,6 +260,8 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys) ldns_buffer_free(sign_buf); /* ERROR */ ldns_rr_list_deep_free(rrset_clone); + ldns_rr_free(current_sig); + ldns_rr_list_deep_free(signatures); return NULL; } @@ -268,6 +270,8 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys) != LDNS_STATUS_OK) { ldns_buffer_free(sign_buf); ldns_rr_list_deep_free(rrset_clone); + ldns_rr_free(current_sig); + ldns_rr_list_deep_free(signatures); return NULL; } @@ -276,6 +280,8 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys) if (!b64rdf) { /* signing went wrong */ ldns_rr_list_deep_free(rrset_clone); + ldns_rr_free(current_sig); + ldns_rr_list_deep_free(signatures); return NULL; } @@ -481,10 +487,7 @@ ldns_sign_public_rsasha1(ldns_buffer *to_sign, RSA *key) (unsigned char*)ldns_buffer_begin(b64sig), &siglen, key); if (result != 1) { - return NULL; - } - - if (result != 1) { + ldns_buffer_free(b64sig); return NULL; } @@ -859,16 +862,14 @@ ldns_dnssec_zone_create_nsec3s_mkmap(ldns_dnssec_zone *zone, ldns_rbtree_next(current_name_node)); } if (result != LDNS_STATUS_OK) { + ldns_rr_list_free(nsec3_list); return result; } ldns_rr_list_sort_nsec3(nsec3_list); result = ldns_dnssec_chain_nsec3_list(nsec3_list); - if (result != LDNS_STATUS_OK) { - return result; - } - ldns_rr_list_free(nsec3_list); + return result; } diff --git a/dnssec_verify.c b/dnssec_verify.c index 7788ddfe..a8844300 100644 --- a/dnssec_verify.c +++ b/dnssec_verify.c @@ -404,15 +404,16 @@ ldns_dnssec_build_data_chain(ldns_resolver *res, if (signatures && ldns_rr_list_rr_count(signatures) > 0) { key_name = ldns_rr_rdf(ldns_rr_list_rr(signatures, 0), 7); } - if (!key_name) { + if (signatures) { + ldns_rr_list_deep_free(signatures); + } return ldns_dnssec_build_data_chain_nokeyname(res, qflags, orig_rr, rrset, new_chain); } - if (type != LDNS_RR_TYPE_DNSKEY) { ldns_dnssec_build_data_chain_dnskey(res, qflags, @@ -421,7 +422,7 @@ ldns_dnssec_build_data_chain(ldns_resolver *res, new_chain, key_name, c - ); + ); } else { ldns_dnssec_build_data_chain_other(res, qflags, @@ -429,13 +430,11 @@ ldns_dnssec_build_data_chain(ldns_resolver *res, key_name, c, dss - - ); + ); } if (signatures) { ldns_rr_list_deep_free(signatures); } - return new_chain; } @@ -828,10 +827,7 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time( /* might contain different names! sort and split */ ldns_rr_list_sort(cur_rrset); - if (tmp_rrset && tmp_rrset != cur_rrset) { - ldns_rr_list_deep_free(tmp_rrset); - tmp_rrset = NULL; - } + assert(tmp_rrset == cur_rrset); tmp_rrset = ldns_rr_list_pop_rrset(cur_rrset); /* with nsecs, this might be the wrong one */ @@ -851,6 +847,12 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time( cur_sig_rr, cur_parent_rr, check_time); + if (tmp_rrset && tmp_rrset != cur_rrset + ) { + ldns_rr_list_deep_free( + tmp_rrset); + tmp_rrset = NULL; + } /* avoid dupes */ for (i = 0; i < new_tree->parent_count; i++) { if (cur_parent_rr == new_tree->parents[i]->rr) { @@ -872,9 +874,6 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time( } } done: - if (tmp_rrset && tmp_rrset != cur_rrset) { - ldns_rr_list_deep_free(tmp_rrset); - } ldns_rr_list_deep_free(cur_rrset); } @@ -1523,12 +1522,11 @@ ldns_dnssec_verify_denial(ldns_rr *rr, rr_name = ldns_rr_owner(rr); chopped_dname = ldns_dname_left_chop(rr_name); result = ldns_dname_cat(wildcard_name, chopped_dname); + ldns_rdf_deep_free(chopped_dname); if (result != LDNS_STATUS_OK) { return result; } - ldns_rdf_deep_free(chopped_dname); - for (i = 0; i < ldns_rr_list_rr_count(nsecs); i++) { cur_nsec = ldns_rr_list_rr(nsecs, i); if (ldns_dname_compare(rr_name, ldns_rr_owner(cur_nsec)) == 0) { diff --git a/dnssec_zone.c b/dnssec_zone.c index 213261a4..464a1943 100644 --- a/dnssec_zone.c +++ b/dnssec_zone.c @@ -708,6 +708,7 @@ ldns_dnssec_zone_new_frm_fp_l(ldns_dnssec_zone** z, FILE* fp, ldns_rdf* origin, case LDNS_STATUS_SYNTAX_EMPTY: /* empty line was seen */ case LDNS_STATUS_SYNTAX_TTL: /* the ttl was set*/ case LDNS_STATUS_SYNTAX_ORIGIN: /* the origin was set*/ + status = LDNS_STATUS_OK; break; case LDNS_STATUS_SYNTAX_INCLUDE:/* $include not implemented */ @@ -721,38 +722,42 @@ ldns_dnssec_zone_new_frm_fp_l(ldns_dnssec_zone** z, FILE* fp, ldns_rdf* origin, if (ldns_rr_list_rr_count(todo_nsec3s) > 0) { (void) ldns_dnssec_zone_add_empty_nonterminals(newzone); - for (i = 0; i < ldns_rr_list_rr_count(todo_nsec3s); i++) { + for (i = 0; status == LDNS_STATUS_OK && + i < ldns_rr_list_rr_count(todo_nsec3s); i++) { cur_rr = ldns_rr_list_rr(todo_nsec3s, i); status = ldns_dnssec_zone_add_rr(newzone, cur_rr); } - for (i = 0; i < ldns_rr_list_rr_count(todo_nsec3_rrsigs); i++){ + for (i = 0; status == LDNS_STATUS_OK && + i < ldns_rr_list_rr_count(todo_nsec3_rrsigs); + i++){ cur_rr = ldns_rr_list_rr(todo_nsec3_rrsigs, i); status = ldns_dnssec_zone_add_rr(newzone, cur_rr); } } else if (ldns_rr_list_rr_count(todo_nsec3_rrsigs) > 0) { - for (i = 0; i < ldns_rr_list_rr_count(todo_nsec3_rrsigs); i++){ + for (i = 0; status == LDNS_STATUS_OK && + i < ldns_rr_list_rr_count(todo_nsec3_rrsigs); + i++){ cur_rr = ldns_rr_list_rr(todo_nsec3_rrsigs, i); status = ldns_dnssec_zone_add_rr(newzone, cur_rr); } } - ldns_rr_list_free(todo_nsec3_rrsigs); - ldns_rr_list_free(todo_nsec3s); - if (z) { *z = newzone; + newzone = NULL; } else { ldns_dnssec_zone_free(newzone); } - return LDNS_STATUS_OK; - error: #ifdef FASTER_DNSSEC_ZONE_NEW_FRM_FP if (zone) { ldns_zone_free(zone); } #endif + ldns_rr_list_free(todo_nsec3_rrsigs); + ldns_rr_list_free(todo_nsec3s); + if (my_origin) { ldns_rdf_deep_free(my_origin); } diff --git a/drill/chasetrace.c b/drill/chasetrace.c index 4bc779aa..0a37ff30 100644 --- a/drill/chasetrace.c +++ b/drill/chasetrace.c @@ -45,7 +45,15 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, p = ldns_pkt_new(); res = ldns_resolver_new(); - if (!p || !res) { + if (!p) { + if (res) { + ldns_resolver_free(res); + } + error("Memory allocation failed"); + return NULL; + } + if (!res) { + ldns_pkt_free(p); error("Memory allocation failed"); return NULL; } @@ -73,6 +81,8 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, if (status != LDNS_STATUS_OK) { fprintf(stderr, "Error adding root servers to resolver: %s\n", ldns_get_errorstr_by_id(status)); ldns_rr_list_print(stdout, global_dns_root); + ldns_resolver_free(res); + ldns_pkt_free(p); return NULL; } diff --git a/drill/dnssec.c b/drill/dnssec.c index 4ab8961f..b8074be0 100644 --- a/drill/dnssec.c +++ b/drill/dnssec.c @@ -22,12 +22,10 @@ get_rr(ldns_resolver *res, ldns_rdf *zname, ldns_rr_type t, ldns_rr_class c) p = ldns_pkt_new(); found = NULL; - if (ldns_resolver_send(&p, res, zname, t, c, 0) != LDNS_STATUS_OK) { - /* oops */ - return NULL; - } else { + if (ldns_resolver_send(&p, res, zname, t, c, 0) == LDNS_STATUS_OK) { found = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_ANY_NOQUESTION); } + ldns_pkt_free(p); return found; } @@ -36,6 +34,7 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p) { ldns_rr_list *new_nss; ldns_rr_list *hostnames; + char *answerfrom_str; if (verbosity < 5) { return; @@ -46,8 +45,7 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p) new_nss = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NS, LDNS_SECTION_ANSWER); ldns_rr_list_print(fd, new_nss); - - /* new_nss can be empty.... */ + ldns_rr_list_deep_free(new_nss); fprintf(fd, ";; Received %d bytes from %s#%d(", (int) ldns_pkt_size(p), @@ -59,7 +57,11 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p) ldns_rr_rdf(ldns_rr_list_rr(hostnames, 0), 0)); ldns_rr_list_deep_free(hostnames); } else { - fprintf(fd, "%s", ldns_rdf2str(ldns_pkt_answerfrom(p))); + answerfrom_str = ldns_rdf2str(ldns_pkt_answerfrom(p)); + if (answerfrom_str) { + fprintf(fd, "%s", answerfrom_str); + LDNS_FREE(answerfrom_str); + } } fprintf(fd, ") in %u ms\n\n", (unsigned int)ldns_pkt_querytime(p)); } @@ -68,6 +70,7 @@ void drill_pkt_print_footer(FILE *fd, ldns_resolver *r, ldns_pkt *p) { ldns_rr_list *hostnames; + char *answerfrom_str; if (verbosity < 5) { return; @@ -85,7 +88,11 @@ drill_pkt_print_footer(FILE *fd, ldns_resolver *r, ldns_pkt *p) ldns_rr_rdf(ldns_rr_list_rr(hostnames, 0), 0)); ldns_rr_list_deep_free(hostnames); } else { - fprintf(fd, "%s", ldns_rdf2str(ldns_pkt_answerfrom(p))); + answerfrom_str = ldns_rdf2str(ldns_pkt_answerfrom(p)); + if (answerfrom_str) { + fprintf(fd, "%s", answerfrom_str); + LDNS_FREE(answerfrom_str); + } } fprintf(fd, ") in %u ms\n\n", (unsigned int)ldns_pkt_querytime(p)); } @@ -98,7 +105,6 @@ get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t, ldns_rr_list **rrlist, ldns_rr_list **sig) { ldns_pkt_type pt = LDNS_PACKET_UNKNOWN; - ldns_rr_list *rr = NULL; ldns_rr_list *sigs = NULL; size_t i; @@ -111,36 +117,52 @@ get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t, pt = ldns_pkt_reply_type(p); if (name) { - rr = ldns_pkt_rr_list_by_name_and_type(p, name, t, LDNS_SECTION_ANSWER); - if (!rr) { - rr = ldns_pkt_rr_list_by_name_and_type(p, name, t, LDNS_SECTION_AUTHORITY); + if (rrlist) { + *rrlist = ldns_pkt_rr_list_by_name_and_type(p, name, t, + LDNS_SECTION_ANSWER); + if (!*rrlist) { + *rrlist = ldns_pkt_rr_list_by_name_and_type( + p, name, t, + LDNS_SECTION_AUTHORITY); + } } - sigs = ldns_pkt_rr_list_by_name_and_type(p, name, LDNS_RR_TYPE_RRSIG, - LDNS_SECTION_ANSWER); - if (!sigs) { - sigs = ldns_pkt_rr_list_by_name_and_type(p, name, LDNS_RR_TYPE_RRSIG, - LDNS_SECTION_AUTHORITY); + if (sig) { + sigs = ldns_pkt_rr_list_by_name_and_type(p, name, + LDNS_RR_TYPE_RRSIG, + LDNS_SECTION_ANSWER); + if (!sigs) { + sigs = ldns_pkt_rr_list_by_name_and_type( + p, name, LDNS_RR_TYPE_RRSIG, + LDNS_SECTION_AUTHORITY); + } } } else { - /* A DS-referral - get the DS records if they are there */ - rr = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_AUTHORITY); - sigs = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_RRSIG, - LDNS_SECTION_AUTHORITY); + /* A DS-referral - get the DS records if they are there */ + if (rrlist) { + *rrlist = ldns_pkt_rr_list_by_type( + p, t, LDNS_SECTION_AUTHORITY); + } + if (sig) { + sigs = ldns_pkt_rr_list_by_type(p, + LDNS_RR_TYPE_RRSIG, + LDNS_SECTION_AUTHORITY); + } } if (sig) { *sig = ldns_rr_list_new(); for (i = 0; i < ldns_rr_list_rr_count(sigs); i++) { /* only add the sigs that cover this type */ - if (ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(ldns_rr_list_rr(sigs, i))) == - t) { - ldns_rr_list_push_rr(*sig, ldns_rr_clone(ldns_rr_list_rr(sigs, i))); + if (t == ldns_rdf2rr_type(ldns_rr_rrsig_typecovered( + ldns_rr_list_rr(sigs, i)))) { + + ldns_rr_list_push_rr(*sig, + ldns_rr_clone( + ldns_rr_list_rr( + sigs, i))); } } } ldns_rr_list_deep_free(sigs); - if (rrlist) { - *rrlist = rr; - } if (pt == LDNS_PACKET_NXDOMAIN || pt == LDNS_PACKET_NODATA) { return pt; @@ -217,12 +239,28 @@ ldns_verify_denial(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_lis ldns_rr_list* sigs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANY_NOQUESTION); ldns_rr* q = ldns_rr_new(); ldns_rr* match = NULL; - if(!sigs) return LDNS_STATUS_MEM_ERR; - if(!q) return LDNS_STATUS_MEM_ERR; + + if(!sigs) { + if (q) { + ldns_rr_free(q); + } + ldns_rr_list_deep_free(nsecs); + return LDNS_STATUS_MEM_ERR; + } + if(!q) { + ldns_rr_list_deep_free(nsecs); + ldns_rr_list_deep_free(sigs); + return LDNS_STATUS_MEM_ERR; + } ldns_rr_set_question(q, 1); ldns_rr_set_ttl(q, 0); ldns_rr_set_owner(q, ldns_rdf_clone(name)); - if(!ldns_rr_owner(q)) return LDNS_STATUS_MEM_ERR; + if(!ldns_rr_owner(q)) { + ldns_rr_free(q); + ldns_rr_list_deep_free(sigs); + ldns_rr_list_deep_free(nsecs); + return LDNS_STATUS_MEM_ERR; + } ldns_rr_set_type(q, type); /* result = ldns_dnssec_verify_denial_nsec3(q, nsecs, sigs, ldns_pkt_get_rcode(pkt), type, ldns_pkt_ancount(pkt) == 0); */ diff --git a/drill/drill_util.c b/drill/drill_util.c index a3753c82..4efb1f00 100644 --- a/drill/drill_util.c +++ b/drill/drill_util.c @@ -132,6 +132,7 @@ print_ds_of_keys(ldns_pkt *p) ds = ldns_key_rr2ds(ldns_rr_list_rr(keys, i), LDNS_SHA256); local_print_ds(stdout, "; sha256: ", ds); } + ldns_rr_list_deep_free(keys); } } diff --git a/drill/securetrace.c b/drill/securetrace.c index f5416a81..c6e7e588 100644 --- a/drill/securetrace.c +++ b/drill/securetrace.c @@ -231,7 +231,8 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, if (status != LDNS_STATUS_OK) { printf("ERRRRR: %s\n", ldns_get_errorstr_by_id(status)); ldns_rr_list_print(stdout, global_dns_root); - return status; + result = status; + goto done; } labels_count = ldns_dname_label_count(name); if (start_name) { diff --git a/drill/work.c b/drill/work.c index 2a28d79c..150cd7ed 100644 --- a/drill/work.c +++ b/drill/work.c @@ -256,6 +256,7 @@ dump_hex(const ldns_pkt *pkt, const char *filename) if (status != LDNS_STATUS_OK) { error("Unable to convert packet: error code %u", status); + LDNS_FREE(wire); return; } diff --git a/examples/ldns-dane.c b/examples/ldns-dane.c index d369bc74..748ce30b 100644 --- a/examples/ldns-dane.c +++ b/examples/ldns-dane.c @@ -178,6 +178,7 @@ ldns_err(const char* s, ldns_status err) ssl_err(s); } else { fprintf(stderr, "error: %s\n", ldns_get_errorstr_by_id(err)); + assert(0); exit(EXIT_FAILURE); } } @@ -696,7 +697,7 @@ bogus: if (! insecure_is_ok) { error: ldns_rr_list_deep_free(*rrs); - *rrs = NULL; + *rrs = ldns_rr_list_new(); } cleanup: if (keys) { diff --git a/host2str.c b/host2str.c index b31cd05a..521e2468 100644 --- a/host2str.c +++ b/host2str.c @@ -2083,18 +2083,14 @@ ldns_buffer2str(ldns_buffer *buffer) char * ldns_buffer_export2str(ldns_buffer *buffer) { - /* check if buffer ends with \0, if not, and - if there is space, add it */ - if (*(ldns_buffer_at(buffer, ldns_buffer_position(buffer))) != 0) { - if (!ldns_buffer_reserve(buffer, 1)) { - return NULL; - } - ldns_buffer_write_u8(buffer, (uint8_t) '\0'); - if (!ldns_buffer_set_capacity(buffer, ldns_buffer_position(buffer))) { - return NULL; - } + /* Append '\0' as string terminator */ + if (! ldns_buffer_reserve(buffer, 1)) { + return NULL; } + ldns_buffer_write_u8(buffer, 0); + /* reallocate memory to the size of the string and export */ + ldns_buffer_set_capacity(buffer, ldns_buffer_position(buffer)); return ldns_buffer_export(buffer); } diff --git a/test/test_all.sh b/test/test_all.sh index 21f9d7cb..d12ce7b1 100755 --- a/test/test_all.sh +++ b/test/test_all.sh @@ -19,9 +19,11 @@ test_tool_avail "dig" echo start the test at `date` in `pwd` $TPKG clean $TPKG -a ../.. fake 01-compile.tpkg +$TPKG -a ../.. fake 02-lint.tpkg $TPKG -a ../.. fake 07-compile-examples.tpkg $TPKG -a ../.. fake 16-compile-builddir.tpkg $TPKG -a ../.. fake 999-compile-nossl.tpkg +$TPKG -a ../.. fake codingstyle.tpkg for tests in *.tpkg do