From: Michał Kępień Date: Tue, 23 Jul 2019 09:43:46 +0000 (+0200) Subject: Restore locking in resume_dslookup() X-Git-Tag: v9.15.3~35^2 X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=ca528766d6685a3cd42a708fa6d996380f00664f;p=thirdparty%2Fbind9.git Restore locking in resume_dslookup() Commit 9da902a201b6d0e1bdbac0af067a59bb0a489c9c removed locking around the fctx_decreference() call inside resume_dslookup(). This allows fctx_unlink() to be called without the bucket lock being held, which must never happen. Ensure the bucket lock is held by resume_dslookup() before it calls fctx_decreference(). --- diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index c46abb5db35..939df18ea31 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -7186,7 +7186,9 @@ resume_dslookup(isc_task_t *task, isc_event_t *event) { if (dns_rdataset_isassociated(&nameservers)) { dns_rdataset_disassociate(&nameservers); } + LOCK(&res->buckets[fctx->bucketnum].lock); bucket_empty = fctx_decreference(fctx); + UNLOCK(&res->buckets[fctx->bucketnum].lock); if (bucket_empty) { empty_bucket(res); }