Always clean sig0name in msgresetsigs() and dns_message_renderreset()

The fuzzing harness operates on dns_message_t in non-standard ways
and if 'sig0name' is non-NULL when msgresetsigs() and
dns_message_renderreset() are called it should be cleaned up.

diff --git a/lib/dns/message.c b/lib/dns/message.c
index 03b723045f5a445b0b4b051b938b76ba5f49fa07..e57dfd9c02e516301f3e5807c5918e05ae51008e 100644 (file)
--- a/lib/dns/message.c
+++ b/lib/dns/message.c
@@ -526,13 +526,13 @@ msgresetsigs(dns_message_t *msg, bool replying) {
                INSIST(dns_rdataset_isassociated(msg->sig0));
                dns_rdataset_disassociate(msg->sig0);
                isc_mempool_put(msg->rdspool, msg->sig0);
-               if (msg->sig0name != NULL) {
-                       if (dns_name_dynamic(msg->sig0name)) {
-                               dns_name_free(msg->sig0name, msg->mctx);
-                       }
-                       isc_mempool_put(msg->namepool, msg->sig0name);
-               }
                msg->sig0 = NULL;
+       }
+       if (msg->sig0name != NULL) {
+               if (dns_name_dynamic(msg->sig0name)) {
+                       dns_name_free(msg->sig0name, msg->mctx);
+               }
+               isc_mempool_put(msg->namepool, msg->sig0name);
                msg->sig0name = NULL;
        }
 }
@@ -2430,6 +2430,9 @@ dns_message_renderreset(dns_message_t *msg) {
                dns_rdataset_disassociate(msg->tsig);
                dns_message_puttemprdataset(msg, &msg->tsig);
        }
+       if (msg->sig0name != NULL) {
+               dns_message_puttempname(msg, &msg->sig0name);
+       }
        if (msg->sig0 != NULL) {
                dns_rdataset_disassociate(msg->sig0);
                dns_message_puttemprdataset(msg, &msg->sig0);