upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Always clean sig0name in msgresetsigs() and dns_message_renderreset()

Browse source 
The fuzzing harness operates on dns_message_t in non-standard ways
and if 'sig0name' is non-NULL when msgresetsigs() and
dns_message_renderreset() are called it should be cleaned up.
This commit is contained in:
Mark Andrews 2020-09-28 12:54:17 +10:00
parent fc5c9e6bce
commit 450fab92b1
1 changed files with 9 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
lib/dns/message.c
View file

@ -526,13 +526,13 @@ msgresetsigs(dns_message_t *msg, bool replying) {
INSIST(dns_rdataset_isassociated(msg->sig0));
dns_rdataset_disassociate(msg->sig0);
isc_mempool_put(msg->rdspool, msg->sig0);
if (msg->sig0name != NULL) {
if (dns_name_dynamic(msg->sig0name)) {
dns_name_free(msg->sig0name, msg->mctx);
}
isc_mempool_put(msg->namepool, msg->sig0name);
}
msg->sig0 = NULL;
}
if (msg->sig0name != NULL) {
if (dns_name_dynamic(msg->sig0name)) {
dns_name_free(msg->sig0name, msg->mctx);
}
isc_mempool_put(msg->namepool, msg->sig0name);
msg->sig0name = NULL;
}
}
@ -2430,6 +2430,9 @@ dns_message_renderreset(dns_message_t *msg) {
dns_rdataset_disassociate(msg->tsig);
dns_message_puttemprdataset(msg, &msg->tsig);
}
if (msg->sig0name != NULL) {
dns_message_puttempname(msg, &msg->sig0name);
}
if (msg->sig0 != NULL) {
dns_rdataset_disassociate(msg->sig0);
dns_message_puttemprdataset(msg, &msg->sig0);