bind9/lib
Ondřej Surý a957dd13fa Stop leaking DNSSEC keys past the zone key limit
find_zone_keys() collects every matching private key into a local list,
hands the first DNS_MAXZONEKEYS keys to the caller, and frees the rest.
On overflow it destroyed only the first surplus key before breaking out
of the loop, so any keys after it stayed linked on the local list and
were lost when the function returned.

Unlink and destroy every list entry, transferring a key to the caller
only while under the limit.  No entry is left behind, so a zone with
more than DNS_MAXZONEKEYS matching keys no longer leaks memory on each
signing attempt.
2026-07-01 16:45:56 +10:00
..
dns Stop leaking DNSSEC keys past the zone key limit 2026-07-01 16:45:56 +10:00
isc Replace uint with unsigned int in the histo.c unit 2026-07-01 08:04:48 +02:00
isccc switch isc_md_type_t to a proper enum 2026-02-02 11:12:55 +03:00
isccfg Delegations have a minimal TTL of 60 seconds 2026-07-01 08:40:05 +02:00
ns Replace void* data pointers with match enum in radix nodes 2026-07-01 06:42:09 +02:00
.gitignore
meson.build replace the build system with meson 2025-06-11 10:30:12 +03:00