From: Aram Sargsyan Date: Thu, 11 May 2023 12:08:13 +0000 (+0000) Subject: Check whether zone->db is a valid pointer before attaching X-Git-Tag: v9.19.14~54^2~1 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=fae0930eb84063fc03d711a0c772c58e5b470377;p=thirdparty%2Fbind9.git Check whether zone->db is a valid pointer before attaching The zone_resigninc() function does not check the validity of 'zone->db', which can crash named if the zone was unloaded earlier, for example with "rndc delete". Check that 'zone->db' is not 'NULL' before attaching to it, like it is done in zone_sign() and zone_nsec3chain() functions, which can similarly be called by zone maintenance. --- diff --git a/lib/dns/zone.c b/lib/dns/zone.c index d943295588b..7481d3b12f1 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -6825,8 +6825,14 @@ zone_resigninc(dns_zone_t *zone) { } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); - dns_db_attach(zone->db, &db); + if (zone->db != NULL) { + dns_db_attach(zone->db, &db); + } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); + if (db == NULL) { + result = ISC_R_FAILURE; + goto failure; + } result = dns_db_newversion(db, &version); if (result != ISC_R_SUCCESS) {