Fix Coverity CID 487882: Error handling issues

The dns_qpiter_next() was called without checking the return value. If
we cannot move the iterator forward, there is no use in calling the
step() function.

/lib/dns/qpzone.c: 2804 in activeempty()
2798     	 * of the name we were searching for. Step the iterator
2799     	 * forward, then step() will continue forward until it
2800     	 * finds a node with active data. If that node is a
2801     	 * subdomain of the one we were looking for, then we're
2802     	 * at an active empty nonterminal node.
2803     	 */
>>>     CID 487882:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "dns_qpiter_next" without checking return value (as is done elsewhere 26 out of 27 times).
2804     	dns_qpiter_next(it, NULL, NULL, NULL);
2805     	return (step(search, it, FORWARD, next) &&
2806     		dns_name_issubdomain(next, current));
2807     }

diff --git a/lib/dns/qpzone.c b/lib/dns/qpzone.c
index ae77f197a0147584a4d07c685ecc6f6e659ceea7..615e3e7c53363360c2d5d0648ef85279fcfabd8c 100644 (file)
--- a/lib/dns/qpzone.c
+++ b/lib/dns/qpzone.c
@@ -2786,7 +2786,11 @@ activeempty(qpdb_search_t *search, dns_qpiter_t *it,
         * subdomain of the one we were looking for, then we're
         * at an active empty nonterminal node.
         */
-       dns_qpiter_next(it, NULL, NULL, NULL);
+       isc_result_t result = dns_qpiter_next(it, NULL, NULL, NULL);
+       if (result != ISC_R_SUCCESS) {
+               /* An ENT at the end of the zone is impossible */
+               return (false);
+       }
        return (step(search, it, FORWARD, next) &&
                dns_name_issubdomain(next, current));
 }