From bcb4f9cd4a2a779e4b289bf218ee35b84ccef760 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Thu, 14 May 2026 23:01:36 +0000 Subject: [PATCH] BUG/MINOR: config/dns: properly fail on duplicate nameserver name detection In cfg_parse_resolvers(), two duplicate name checks set err_code but lacked 'goto out', allowing execution to fall through and create the duplicate entry. This would result in new resolvers and nameservers to be created after the error was displayed, and a leak of the previous one. It's mostly harmless since we're exiting after such errors. This can be backported if desired. --- src/resolvers.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/resolvers.c b/src/resolvers.c index 0200be4c5..6556cc8a5 100644 --- a/src/resolvers.c +++ b/src/resolvers.c @@ -3712,6 +3712,7 @@ int cfg_parse_resolvers(const char *file, int linenum, char **args, int kwm) ha_alert("Parsing [%s:%d]: resolvers '%s' has same name as another resolvers (declared at %s:%d).\n", file, linenum, args[1], curr_resolvers->conf.file, curr_resolvers->conf.line); err_code |= ERR_ALERT | ERR_ABORT; + goto out; } } @@ -3749,6 +3750,7 @@ int cfg_parse_resolvers(const char *file, int linenum, char **args, int kwm) ha_alert("Parsing [%s:%d]: nameserver '%s' has same name as another nameserver (declared at %s:%d).\n", file, linenum, args[1], newnameserver->conf.file, newnameserver->conf.line); err_code |= ERR_ALERT | ERR_FATAL; + goto out; } } -- 2.47.3