fix: usr: Fix a bug in allow-query/allow-transfer catalog zone custom properties

The :iscman:`named` process could terminate unexpectedly when
processing a catalog zone with an invalid ``allow-query`` or
``allow-transfer`` custom property (i.e. having a non-APL type)
coexisting with the valid property. This has been fixed.

Closes #5941

Merge branch '5941-catz-catz_process_apl-bug-fix' into 'main'

See merge request isc-projects/bind9!11954

bin/tests/system/catz/tests.sh

@@ -2761,6 +2761,56 @@ wait_for_soa @10.53.0.4 check-allow-query.example. dig.out.test$n || ret=1
 if [ $ret -ne 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
+##########################################################################
+# GL #5941
+
+nextpart ns4/named.run >/dev/null
+
+n=$((n + 1))
+echo_i "Add a normal and a spurious allow-transfer RRs to catalog-misc zone using nsupdate ($n)"
+ret=0
+# It is important to include an RRtype with a numeric representation that is
+# less than APL. E.g., AFSDB is 18 which is less than APL's 42. Also including
+# the AMTRELAY RRtype (260) which is bigger than APL, just for completeness.
+$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1
+    server 10.53.0.1 ${PORT}
+    update add allow-transfer.ext.catalog-misc.example. 3600 IN AFSDB 0 hostname
+    update add allow-transfer.ext.catalog-misc.example. 3600 IN APL 1:10.53.0.0/24
+    update add allow-transfer.ext.catalog-misc.example. 3600 IN AMTRELAY 0 0 0 .
+    send
+END
+if [ $ret -ne 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "waiting for secondary to sync up ($n)"
+ret=0
+wait_for_message ns4/named.run "catz: catalog-misc.example: reload done: success" || ret=1
+if [ $ret -ne 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+nextpart ns4/named.run >/dev/null
+
+n=$((n + 1))
+echo_i "Deleting the allow-query RRs from catalog-misc zone ($n)"
+ret=0
+$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1
+    server 10.53.0.1 ${PORT}
+    update delete allow-transfer.ext.catalog-misc.example. 3600 IN AFSDB 0 hostname
+    update delete allow-transfer.ext.catalog-misc.example. 3600 IN APL 1:10.53.0.0/24
+    update delete allow-transfer.ext.catalog-misc.example. 3600 IN AMTRELAY 0 0 0 .
+    send
+END
+if [ $ret -ne 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "waiting for secondary to sync up ($n)"
+ret=0
+wait_for_message ns4/named.run "catz: catalog-misc.example: reload done: success" || ret=1
+if [ $ret -ne 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
 ##########################################################################
 # GL #5658
 

lib/dns/catz.c

@@ -1523,6 +1523,17 @@ catz_process_primaries(dns_catz_zone_t *catz, dns_ipkeylist_t *ipkl,
 static isc_result_t
 catz_process_apl(dns_catz_zone_t *catz, isc_buffer_t **aclbp,
 		 dns_rdataset_t *value) {
+	REQUIRE(DNS_RDATASET_VALID(value));
+	REQUIRE(dns_rdataset_isassociated(value));
+
+	if (value->type != dns_rdatatype_apl) {
+		return ISC_R_FAILURE;
+	}
+
+	REQUIRE(DNS_CATZ_ZONE_VALID(catz));
+	REQUIRE(aclbp != NULL);
+	REQUIRE(*aclbp == NULL);
+
 	isc_result_t result = ISC_R_SUCCESS;
 	dns_rdata_t rdata;
 	dns_rdata_in_apl_t rdata_apl;
@@ -1531,16 +1542,6 @@ catz_process_apl(dns_catz_zone_t *catz, isc_buffer_t **aclbp,
 	isc_buffer_t *aclb = NULL;
 	unsigned char buf[256]; /* larger than INET6_ADDRSTRLEN */
 
-	REQUIRE(DNS_CATZ_ZONE_VALID(catz));
-	REQUIRE(aclbp != NULL);
-	REQUIRE(*aclbp == NULL);
-	REQUIRE(DNS_RDATASET_VALID(value));
-	REQUIRE(dns_rdataset_isassociated(value));
-
-	if (value->type != dns_rdatatype_apl) {
-		return ISC_R_FAILURE;
-	}
-
 	if (dns_rdataset_count(value) > 1) {
 		isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_CATZ,
 			      ISC_LOG_WARNING,