From 5dc3a1c3d3bf733b94fe213d40da6ea766646ece Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Tue, 14 Jul 2015 14:48:42 +1000
Subject: [PATCH] 4165.   [bug]           An failure to reset a value to NULL
 in tkey.c could                         result in an assertion failure.
 (CVE-2015-5477)                         [RT #40046]

(cherry picked from commit dbb064aa7972ef918d9a235b713108a4846cbb62)
---
 CHANGES        | 4 ++++
 lib/dns/tkey.c | 1 +
 2 files changed, 5 insertions(+)

diff --git a/CHANGES b/CHANGES
index 8f2aa3e19c..fd9140107a 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+4165.	[bug]		An failure to reset a value to NULL in tkey.c could
+			result in an assertion failure. (CVE-2015-5477)
+			[RT #40046]
+
 4164.	[bug]		Don't rename slave files and journals on out of memory.
 			[RT #40033]
 
diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c
index c442914685..b8eb83a9be 100644
--- a/lib/dns/tkey.c
+++ b/lib/dns/tkey.c
@@ -649,6 +649,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx,
 		 * Try the answer section, since that's where Win2000
 		 * puts it.
 		 */
+		name = NULL;
 		if (dns_message_findname(msg, DNS_SECTION_ANSWER, qname,
 					 dns_rdatatype_tkey, 0, &name,
 					 &tkeyset) != ISC_R_SUCCESS) {