From: Colin Vidal <colin@isc.org>
Date: Tue, 19 May 2026 13:04:11 +0000 (+0200)
Subject: fix possible NULL dereference in `cfg_map_findclause()`
X-Git-Tag: v9.21.23~40^2~2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d1c55d78c63dc7a32ce2bfd134711e1f710aa528;p=thirdparty%2Fbind9.git

fix possible NULL dereference in `cfg_map_findclause()`

`cfg_map_findclause()` did not check whether a clause existed before
dereferencing it, which could lead to a NULL dereference. Add the
missing check to prevent this.

In practice, this was not triggering any known bug, since
`cfg_map_findclause()` is only called in contexts where the clause is
known to exist.
---

diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c
index c19239e37cb..80ceeadb813 100644
--- a/lib/isccfg/parser.c
+++ b/lib/isccfg/parser.c
@@ -2948,10 +2948,14 @@ cfg_map_findclause(const cfg_type_t *map, const char *name) {
 	REQUIRE(name != NULL);
 
 	found = cfg_map_firstclause(map, &clauses, &idx);
-	while (name != NULL && strcasecmp(name, found->name)) {
+	while (found != NULL && name != NULL && strcasecmp(name, found->name)) {
 		found = cfg_map_nextclause(map, &clauses, &idx);
 	}
 
+	if (found == NULL) {
+		return found;
+	}
+
 	return ((cfg_clausedef_t *)clauses) + idx;
 }