Fix KASP key leaks on keystore lookup failure

In both cfg_kasp_fromconfig() and cfg_kasp_builtinconfig(), the
newly allocated KASP key was not destroyed when the keystore
lookup failed.

(cherry picked from commit df1993611bae62ad0267d8652d599b4158f3e9a9)

diff --git a/lib/isccfg/kaspconf.c b/lib/isccfg/kaspconf.c
index 58b0818fe4a6ae928d76f6127248aa1d99c911e0..09129e4298416ee9e47dbb06134492c90c046712 100644 (file)
--- a/lib/isccfg/kaspconf.c
+++ b/lib/isccfg/kaspconf.c
@@ -852,6 +852,7 @@ cfg_kasp_fromconfig(const cfg_obj_t *config, dns_kasp_t *default_kasp,
                                                    "find keystore (%s)",
                                                    isc_result_totext(result));
                                }
+                               dns_kasp_key_destroy(new_key);
                                goto cleanup;
                        }
                        dns_kasp_addkey(kasp, new_key);
@@ -972,6 +973,7 @@ cfg_kasp_builtinconfig(isc_mem_t *mctx, const char *name,
                                               DNS_KEYSTORE_KEYDIRECTORY,
                                               &new_key->keystore);
                if (result != ISC_R_SUCCESS) {
+                       dns_kasp_key_destroy(new_key);
                        goto cleanup;
                }
                dns_kasp_addkey(kasp, new_key);