From 1fa40654d2ddb4dfa45f58e3c6244348ae654d1e Mon Sep 17 00:00:00 2001
From: "W.C.A. Wijngaards" <wouter@nlnetlabs.nl>
Date: Wed, 20 Nov 2019 11:01:56 +0100
Subject: [PATCH] - Fix Race Condition in autr_tp_create(),   reported by X41
 D-Sec.

---
 doc/Changelog         | 2 ++
 validator/autotrust.c | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/doc/Changelog b/doc/Changelog
index d02d74122..fb44011f0 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,6 +1,8 @@
 20 November 2019: Wouter
 	- Fix Out of Bounds Read in rrinternal_get_owner(),
 	  reported by X41 D-Sec.
+	- Fix Race Condition in autr_tp_create(),
+	  reported by X41 D-Sec.
 
 19 November 2019: Wouter
 	- Fix CVE-2019-18934, shell execution in ipsecmod.
diff --git a/validator/autotrust.c b/validator/autotrust.c
index be7830fb8..da7078a19 100644
--- a/validator/autotrust.c
+++ b/validator/autotrust.c
@@ -370,10 +370,10 @@ autr_tp_create(struct val_anchors* anchors, uint8_t* own, size_t own_len,
 		free(tp);
 		return NULL;
 	}
-	lock_basic_unlock(&anchors->lock);
 	lock_basic_init(&tp->lock);
 	lock_protect(&tp->lock, tp, sizeof(*tp));
 	lock_protect(&tp->lock, tp->autr, sizeof(*tp->autr));
+	lock_basic_unlock(&anchors->lock);
 	return tp;
 }