From: Mark Andrews <marka@isc.org>
Date: Thu, 27 Feb 2020 06:29:32 +0000 (+1100)
Subject: Address race between zone_maintenance and dns_zone_setview_helper
X-Git-Tag: v9.17.3~48^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=67c8f7329de48587c6322e2f077b2b7f476ef41f;p=thirdparty%2Fbind9.git

Address race between zone_maintenance and dns_zone_setview_helper

There was a possible NULL dereference due to data race between accessing
zone->view and zone->view->adb.
---

diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index 36bcacc6c85..5cfc2bf4c24 100644
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -10857,7 +10857,7 @@ zone_maintenance(dns_zone_t *zone) {
 	const char me[] = "zone_maintenance";
 	isc_time_t now;
 	isc_result_t result;
-	bool dumping, load_pending;
+	bool dumping, load_pending, viewok;
 
 	REQUIRE(DNS_ZONE_VALID(zone));
 	ENTER;
@@ -10880,7 +10880,10 @@ zone_maintenance(dns_zone_t *zone) {
 	 * adb or resolver will be NULL, and we had better not try
 	 * to do further maintenance on it.
 	 */
-	if (zone->view == NULL || zone->view->adb == NULL) {
+	LOCK_ZONE(zone);
+	viewok = (zone->view != NULL && zone->view->adb != NULL);
+	UNLOCK_ZONE(zone);
+	if (!viewok) {
 		return;
 	}