From: W.C.A. Wijngaards Date: Wed, 17 Jun 2026 13:33:06 +0000 (+0200) Subject: - Fix that malloc failure for ngtcp2_conn_server_new X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8f2fbd66fc5ad5cc64ce627e36277ead9fdb147e;p=thirdparty%2Funbound.git - Fix that malloc failure for ngtcp2_conn_server_new cleans up reference that older ngtcp2 versions can leave. Thanks to Qifan Zhang, Palo Alto Networks, for the report. --- diff --git a/doc/Changelog b/doc/Changelog index 3678a06ef..93c86dc41 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -26,6 +26,9 @@ - Fix that malloc failure in doq connection setup, does not crash in doq connection delete later. Thanks to Qifan Zhang, Palo Alto Networks, for the report. + - Fix that malloc failure for ngtcp2_conn_server_new + cleans up reference that older ngtcp2 versions can leave. + Thanks to Qifan Zhang, Palo Alto Networks, for the report. 16 June 2026: Wouter - Fix to disallow $INCLUDE for secondary zones. Start up diff --git a/services/listen_dnsport.c b/services/listen_dnsport.c index 03234ab9b..58b74863f 100644 --- a/services/listen_dnsport.c +++ b/services/listen_dnsport.c @@ -4881,6 +4881,7 @@ doq_conn_setup(struct doq_conn* conn, uint8_t* scid, size_t scidlen, rv = ngtcp2_conn_server_new(&conn->conn, &scid_cid, &sv_scid, &path, conn->version, &callbacks, &settings, ¶ms, NULL, conn); if(rv != 0) { + conn->conn = NULL; lock_rw_unlock(&conn->table->conid_lock); log_err("ngtcp2_conn_server_new failed: %s", ngtcp2_strerror(rv)); diff --git a/testcode/doqclient.c b/testcode/doqclient.c index 5c5698f1b..e83766673 100644 --- a/testcode/doqclient.c +++ b/testcode/doqclient.c @@ -1137,8 +1137,11 @@ static struct ngtcp2_conn* conn_client_setup(struct doq_client_data* data) client_chosen_version, &cbs, &settings, ¶ms, NULL, /* ngtcp2_mem allocator, use default */ data /* callback argument */); - if(!conn) fatal_exit("could not ngtcp2_conn_client_new: %s", - ngtcp2_strerror(rv)); + if(rv!=0) { + conn = NULL; + fatal_exit("could not ngtcp2_conn_client_new: %s", + ngtcp2_strerror(rv)); + } data->cc_algo = settings.cc_algo; return conn; }