From 7115fc5c43bbbf67e1c2f61a87484e2bb4863170 Mon Sep 17 00:00:00 2001
From: Evan Hunt <each@isc.org>
Date: Mon, 9 Sep 2013 22:14:19 -0700
Subject: [PATCH] [v9_8] strdup journal filename

3646.	[bug]		Journal filename string could be set incorrectly,
                        causing garbage in log messages.  [RT #34738]
(cherry picked from commit 18df9e628ea10c7d607f43fcfd935e7924731f24)
---
 CHANGES           |  3 +++
 lib/dns/journal.c | 12 +++++++++---
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/CHANGES b/CHANGES
index c5a66f10a8..d2762af696 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+3646.	[bug]		Journal filename string could be set incorrectly,
+                        causing garbage in log messages.  [RT #34738]
+
 	--- 9.8.6 released ---
 
 3638.	[cleanup]	Add the ability to handle ENOPROTOOPT in case it is 
diff --git a/lib/dns/journal.c b/lib/dns/journal.c
index 1564a811ff..1f09934e85 100644
--- a/lib/dns/journal.c
+++ b/lib/dns/journal.c
@@ -299,7 +299,7 @@ struct dns_journal {
 	unsigned int		magic;		/*%< JOUR */
 	isc_mem_t		*mctx;		/*%< Memory context */
 	journal_state_t		state;
-	const char 		*filename;	/*%< Journal file name */
+	char 			*filename;	/*%< Journal file name */
 	FILE *			fp;		/*%< File handle */
 	isc_offset_t		offset;		/*%< Current file offset */
 	journal_header_t 	header;		/*%< In-core journal header */
@@ -554,10 +554,13 @@ journal_open(isc_mem_t *mctx, const char *filename, isc_boolean_t write,
 	j->mctx = mctx;
 	j->state = JOURNAL_STATE_INVALID;
 	j->fp = NULL;
-	j->filename = filename;
+	j->filename = isc_mem_strdup(mctx, filename);
 	j->index = NULL;
 	j->rawindex = NULL;
 
+	if (j->filename == NULL)
+		FAIL(ISC_R_NOMEMORY);
+
 	result = isc_stdio_open(j->filename, write ? "rb+" : "rb", &fp);
 
 	if (result == ISC_R_FILENOTFOUND) {
@@ -660,6 +663,8 @@ journal_open(isc_mem_t *mctx, const char *filename, isc_boolean_t write,
 			    sizeof(journal_rawpos_t));
 		j->index = NULL;
 	}
+	if (j->filename != NULL)
+		isc_mem_free(j->mctx, j->filename);
 	if (j->fp != NULL)
 		(void)isc_stdio_close(j->fp);
 	isc_mem_put(j->mctx, j, sizeof(*j));
@@ -1200,7 +1205,8 @@ dns_journal_destroy(dns_journal_t **journalp) {
 		isc_mem_put(j->mctx, j->it.target.base, j->it.target.length);
 	if (j->it.source.base != NULL)
 		isc_mem_put(j->mctx, j->it.source.base, j->it.source.length);
-
+	if (j->filename != NULL)
+		isc_mem_free(j->mctx, j->filename);
 	if (j->fp != NULL)
 		(void)isc_stdio_close(j->fp);
 	j->magic = 0;