Add shutdown checks in dns_catz_dbupdate_callback()

When a zone database update callback is called, the 'catzs' object,
extracted from the callback argument, might be already shutting down,
in which case the 'catzs->zones' can be NULL and cause an assertion
failure when calling isc_ht_find().

Add an early return from the callback if 'catzs->shuttingdown' is true.

Also check the validity of 'catzs->zones' after locking 'catzs' in
case there is a race with dns_catz_shutdown_catzs() running in another
thread.

diff --git a/lib/dns/catz.c b/lib/dns/catz.c
index 4dfa2fac3ed3d2ec3e9f49aa6df401562678c55b..c58b727de0109b94e0e097b8e3099ff57e32571a 100644 (file)
--- a/lib/dns/catz.c
+++ b/lib/dns/catz.c
@@ -2137,9 +2137,17 @@ dns_catz_dbupdate_callback(dns_db_t *db, void *fn_arg) {
        REQUIRE(DNS_CATZ_ZONES_VALID(fn_arg));
        catzs = (dns_catz_zones_t *)fn_arg;
 
+       if (atomic_load(&catzs->shuttingdown)) {
+               return (ISC_R_SHUTTINGDOWN);
+       }
+
        dns_name_toregion(&db->origin, &r);
 
        LOCK(&catzs->lock);
+       if (catzs->zones == NULL) {
+               result = ISC_R_SHUTTINGDOWN;
+               goto cleanup;
+       }
        result = isc_ht_find(catzs->zones, r.base, r.length, (void **)&catz);
        if (result != ISC_R_SUCCESS) {
                goto cleanup;