From: Evan Hunt <each@isc.org>
Date: Wed, 26 Jun 2019 00:53:32 +0000 (-0700)
Subject: don't overwrite the dns_master_loadfile() result before calling zone_postload()
X-Git-Tag: v9.11.9~13^2~2
X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=4dd46ba0f79d985664185e39a6f796fd57636ca5;p=thirdparty%2Fbind9.git

don't overwrite the dns_master_loadfile() result before calling zone_postload()

if "rndc reload" fails, the result code is supposed to be passed to
zone_postload, but for inline-signing zones, the result can be
overwritten first by a call to the ZONE_TRYLOCK macro. this can lead
to the partially-loaded unsigned zone being synced over to the signed
zone instead of being rejected.

(cherry picked from commit 0b792bd37b9b6a1cc5914ab95987359fda972ff2)
---

diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index 000b42b8418..e03b8af58f4 100644
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -15608,8 +15608,8 @@ zone_loaddone(void *arg, isc_result_t result) {
 		LOCK_ZONE(zone->raw);
 	else if (inline_raw(zone)) {
 		secure = zone->secure;
-		TRYLOCK_ZONE(result, secure);
-		if (result != ISC_R_SUCCESS) {
+		TRYLOCK_ZONE(tresult, secure);
+		if (tresult != ISC_R_SUCCESS) {
 			UNLOCK_ZONE(zone);
 			secure = NULL;
 #if ISC_PLATFORM_USETHREADS