From a43d774e298e74e465171773d3de9ace07831972 Mon Sep 17 00:00:00 2001 From: Remi Gacogne Date: Tue, 20 May 2025 10:09:09 +0200 Subject: [PATCH] dnsdist: Fix one potential issue spotted by Coverity As spotted by Coverity, one function called from a destructor could in theory throw an exception which is not caught from within the destructor, which would lead to a termination of the program. At a quick glance it seems quite impossible to happen in practice with the current code, but let's fix it nevertheless. --- pdns/dnsdistdist/dnsdist-tcp.cc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pdns/dnsdistdist/dnsdist-tcp.cc b/pdns/dnsdistdist/dnsdist-tcp.cc index 266b72477e..5bf74c2693 100644 --- a/pdns/dnsdistdist/dnsdist-tcp.cc +++ b/pdns/dnsdistdist/dnsdist-tcp.cc @@ -65,7 +65,12 @@ std::atomic g_tcpStatesDumpRequested{0}; IncomingTCPConnectionState::~IncomingTCPConnectionState() { - dnsdist::IncomingConcurrentTCPConnectionsManager::accountClosedTCPConnection(d_ci.remote); + try { + dnsdist::IncomingConcurrentTCPConnectionsManager::accountClosedTCPConnection(d_ci.remote); + } + catch (...) { + /* in theory it might raise an exception, and we cannot allow it to be uncaught in a dtor */ + } if (d_ci.cs != nullptr) { timeval now{}; -- 2.47.2