From: Remi Gacogne Date: Tue, 20 May 2025 08:09:09 +0000 (+0200) Subject: dnsdist: Fix one potential issue spotted by Coverity X-Git-Tag: dnsdist-2.0.0-alpha2~6^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a43d774e298e74e465171773d3de9ace07831972;p=thirdparty%2Fpdns.git dnsdist: Fix one potential issue spotted by Coverity As spotted by Coverity, one function called from a destructor could in theory throw an exception which is not caught from within the destructor, which would lead to a termination of the program. At a quick glance it seems quite impossible to happen in practice with the current code, but let's fix it nevertheless. --- diff --git a/pdns/dnsdistdist/dnsdist-tcp.cc b/pdns/dnsdistdist/dnsdist-tcp.cc index 266b72477e..5bf74c2693 100644 --- a/pdns/dnsdistdist/dnsdist-tcp.cc +++ b/pdns/dnsdistdist/dnsdist-tcp.cc @@ -65,7 +65,12 @@ std::atomic g_tcpStatesDumpRequested{0}; IncomingTCPConnectionState::~IncomingTCPConnectionState() { - dnsdist::IncomingConcurrentTCPConnectionsManager::accountClosedTCPConnection(d_ci.remote); + try { + dnsdist::IncomingConcurrentTCPConnectionsManager::accountClosedTCPConnection(d_ci.remote); + } + catch (...) { + /* in theory it might raise an exception, and we cannot allow it to be uncaught in a dtor */ + } if (d_ci.cs != nullptr) { timeval now{};