From 240f2b9da0aac7f055aa039a1a59d7f91e35e394 Mon Sep 17 00:00:00 2001
From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Tue, 7 Sep 2021 12:18:04 +0200
Subject: [PATCH] dnsdist: Fix wrong reference counting in DoH cross-protocol
 handling

---
 pdns/dnsdistdist/doh.cc | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/pdns/dnsdistdist/doh.cc b/pdns/dnsdistdist/doh.cc
index e90077db4e..6301727a37 100644
--- a/pdns/dnsdistdist/doh.cc
+++ b/pdns/dnsdistdist/doh.cc
@@ -492,6 +492,7 @@ public:
       return;
     }
 
+    du->ids = std::move(query);
     du->status_code = 502;
     sendDoHUnitToTheMainThread(du, "cross-protocol error response");
     du->release();
@@ -637,19 +638,20 @@ static int processDOHQuery(DOHUnit* du)
         proxyProtocolPayload = getProxyProtocolPayload(dq);
       }
 
-      auto cpq = std::make_unique<DoHCrossProtocolQuery>(du);
-      du->get();
-      cpq->query.d_proxyProtocolPayload = std::move(proxyProtocolPayload);
-      du->tcp = true;
       du->ids.origID = htons(queryId);
       du->ids.cs = &cs;
       setIDStateFromDNSQuestion(du->ids, dq, std::move(qname));
 
+      /* this moves du->ids, careful! */
+      du->get();
+      auto cpq = std::make_unique<DoHCrossProtocolQuery>(du);
+      cpq->query.d_proxyProtocolPayload = std::move(proxyProtocolPayload);
+      du->tcp = true;
       if (du->downstream->passCrossProtocolQuery(std::move(cpq))) {
         return 0;
       }
       else {
-        du->release();
+        /* do not release du here, it belongs to the DoHCrossProtocolQuery object */
         du->status_code = 502;
         return -1;
       }
-- 
2.47.3