upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix KASP key leaks on keystore lookup failure

Browse source 
In both cfg_kasp_fromconfig() and cfg_kasp_builtinconfig(), the
newly allocated KASP key was not destroyed when the keystore
lookup failed.

(cherry picked from commit df1993611b)
This commit is contained in:
Ondřej Surý 2026-03-14 12:54:50 +01:00 committed by Ondřej Surý
parent 769dff3e6f
commit 338961bf7e
No known key found for this signature in database
GPG key ID: 2820F37E873DEA41
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/isccfg/kaspconf.c
View file

@ -852,6 +852,7 @@ cfg_kasp_fromconfig(const cfg_obj_t *config, dns_kasp_t *default_kasp,
"find keystore (%s)",
isc_result_totext(result));
}
dns_kasp_key_destroy(new_key);
goto cleanup;
}
dns_kasp_addkey(kasp, new_key);
@ -972,6 +973,7 @@ cfg_kasp_builtinconfig(isc_mem_t *mctx, const char *name,
DNS_KEYSTORE_KEYDIRECTORY,
&new_key->keystore);
if (result != ISC_R_SUCCESS) {
dns_kasp_key_destroy(new_key);
goto cleanup;
}
dns_kasp_addkey(kasp, new_key);