From 410fcbfcfe7ceb100f309695a6a7d9e9536b8296 Mon Sep 17 00:00:00 2001
From: Aram Sargsyan <aram@isc.org>
Date: Wed, 1 Feb 2023 14:41:58 +0000
Subject: [PATCH] Fix a bug in resolver's resume_dslookup() function

A recent refactoring in 7e4e125e5ea5b29c946ce4646461d06a75cd8702
had introduced a logical error which could result in calling the
dns_resolver_createfetch() function with 'nameservers' pointer set
to NULL, but with 'domain' not set to NULL, which is not allowed
by the function.

Make sure 'domain' is set only when 'nsrdataset' is valid.
---
 lib/dns/resolver.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
index fc6d7f57df..32cb137f7a 100644
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -7217,6 +7217,8 @@ resume_dslookup(isc_task_t *task, isc_event_t *event) {
 	dns_resolver_t *res = NULL;
 	dns_rdataset_t *nsrdataset = NULL;
 	dns_rdataset_t nameservers;
+	dns_fixedname_t fixed;
+	dns_name_t *domain = NULL;
 	unsigned int n;
 	dns_fetch_t *fetch = NULL;
 
@@ -7291,12 +7293,16 @@ resume_dslookup(isc_task_t *task, isc_event_t *event) {
 			goto cleanup;
 		}
 
-		/* Get nameservers from fctx->nsfetch before we destroy it. */
+		/* Get nameservers from fetch before we destroy it. */
 		dns_rdataset_init(&nameservers);
 		if (dns_rdataset_isassociated(&fetch->private->nameservers)) {
 			dns_rdataset_clone(&fetch->private->nameservers,
 					   &nameservers);
 			nsrdataset = &nameservers;
+
+			/* Get domain from fetch before we destroy it. */
+			domain = dns_fixedname_initname(&fixed);
+			dns_name_copy(fetch->private->domain, domain);
 		}
 
 		n = dns_name_countlabels(fctx->nsname);
@@ -7306,10 +7312,10 @@ resume_dslookup(isc_task_t *task, isc_event_t *event) {
 
 		fetchctx_ref(fctx);
 		result = dns_resolver_createfetch(
-			res, fctx->nsname, dns_rdatatype_ns,
-			fetch->private->domain, nsrdataset, NULL, NULL, 0,
-			fctx->options, 0, NULL, task, resume_dslookup, fctx,
-			&fctx->nsrrset, NULL, &fctx->nsfetch);
+			res, fctx->nsname, dns_rdatatype_ns, domain, nsrdataset,
+			NULL, NULL, 0, fctx->options, 0, NULL, task,
+			resume_dslookup, fctx, &fctx->nsrrset, NULL,
+			&fctx->nsfetch);
 		if (result != ISC_R_SUCCESS) {
 			fetchctx_unref(fctx);
 			if (result == DNS_R_DUPLICATE) {