From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Wed, 17 Jun 2026 13:57:30 +0000 (+0200)
Subject: - Fix to check the return value of auth_xfer_create
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b806f16c8bb96e3398d811aa68f3556fe32dc8f9;p=thirdparty%2Funbound.git

- Fix to check the return value of auth_xfer_create
  during fast_reload auth-zone add and change processing.
  Thanks to Qifan Zhang, Palo Alto Networks, for the report.
---

diff --git a/daemon/remote.c b/daemon/remote.c
index eeea93833..fa5a8c0d7 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -7766,6 +7766,16 @@ fr_worker_auth_add(struct worker* worker, struct fast_reload_auth_change* item,
 		/* The xfr item needs to be created. The auth zones lock
 		 * is held to make this possible. */
 		xfr = auth_xfer_create(worker->env.auth_zones, item->new_z);
+		if(!xfr) {
+			log_err("out of memory in fr_worker_auth_add");
+			lock_rw_unlock(&item->new_z->lock);
+			lock_rw_unlock(&worker->env.auth_zones->lock);
+			lock_rw_unlock(&worker->daemon->fast_reload_thread->old_auth_zones->lock);
+			if(loadxfr) {
+				lock_basic_unlock(&loadxfr->lock);
+			}
+			return;
+		}
 		auth_xfr_pickup_config(loadxfr, xfr);
 		/* Serial information is copied into the xfr struct. */
 		if(!xfr_find_soa(item->new_z, xfr)) {
@@ -7835,6 +7845,17 @@ fr_worker_auth_cha(struct worker* worker, struct fast_reload_auth_change* item)
 	} else if(loadxfr && !xfr) {
 		/* Create the xfr. */
 		xfr = auth_xfer_create(worker->env.auth_zones, item->new_z);
+		if(!xfr) {
+			log_err("out of memory in fr_worker_auth_cha");
+			lock_rw_unlock(&item->new_z->lock);
+			lock_rw_unlock(&item->old_z->lock);
+			lock_rw_unlock(&worker->daemon->fast_reload_thread->old_auth_zones->lock);
+			lock_rw_unlock(&worker->env.auth_zones->lock);
+			if(loadxfr) {
+				lock_basic_unlock(&loadxfr->lock);
+			}
+			return;
+		}
 		auth_xfr_pickup_config(loadxfr, xfr);
 		item->new_z->zone_is_slave = 1;
 	}
diff --git a/doc/Changelog b/doc/Changelog
index a1a5adada..afa7c5ccb 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -42,6 +42,9 @@
 	- Fix that malloc failure during edns subnet addrtree
 	  insert is checked, so it does not crash later. Thanks to
 	  Qifan Zhang, Palo Alto Networks, for the report.
+	- Fix to check the return value of auth_xfer_create
+	  during fast_reload auth-zone add and change processing.
+	  Thanks to Qifan Zhang, Palo Alto Networks, for the report.
 
 16 June 2026: Wouter
 	- Fix to disallow $INCLUDE for secondary zones. Start up