- Fix doxygen issue

- Fix memory leak
 - IANA ports update
 - merge littlehash ASAN changes

services/authzone.h

@@ -472,7 +472,7 @@ struct auth_zones* auth_zones_create(void);
  * @return false on failure.
  */
 int auth_zones_apply_cfg(struct auth_zones* az, struct config_file* cfg,
-	int setup, int* iz_rpz);
+	int setup, int* is_rpz);
 
 /** initial pick up of worker timeouts, ties events to worker event loop
  * @param az: auth zones structure

services/rpz.c

@@ -556,7 +556,9 @@ rpz_insert_rr(struct rpz* r, size_t aznamelen, uint8_t* dname,
 /**
  * Find RPZ local-zone by qname.
  * @param r: rpz containing local-zone tree
- * @param qinfo: qinfo struct
+ * @param qname: qname
+ * @param qname_len: length of qname
+ * @param qclass: qclass
  * @param only_exact: if 1 only excact (non wildcard) matches are returned
  * @param wr: get write lock for local-zone if 1, read lock if 0
  * @return: NULL or local-zone holding rd or wr lock
@@ -680,6 +682,7 @@ rpz_data_delete_rr(struct local_zone* z, uint8_t* policydname,
 /**
  * Remove RR from RPZ's respip set
  * @param raddr: respip node
+ * @param rr_type: RR type of RR to remove
  * @param rdata: rdata of RR to remove
  * @param rdatalen: length of rdata
  * @param region: RPZ's repsip_set region
@@ -786,14 +789,18 @@ rpz_remove_rr(struct rpz* r, size_t aznamelen, uint8_t* dname, size_t dnamelen,
 	uint16_t rr_type, uint16_t rr_class, uint8_t* rdatawl, size_t rdatalen)
 {
 	size_t policydnamelen;
-	/* name is free'd in local_zone delete */
-	uint8_t* policydname = calloc(1, LDNS_MAX_DOMAINLEN + 1);
 	enum rpz_trigger t;
 	enum rpz_action a;
+	uint8_t* policydname;
+
+	if(!(policydname = calloc(1, LDNS_MAX_DOMAINLEN + 1)))
+		return;
 
 	a = rpz_rr_to_action(rr_type, rdatawl, rdatalen);
-	if(a == RPZ_INVALID_ACTION)
+	if(a == RPZ_INVALID_ACTION) {
+		free(policydname);
 		return;
+	}
 	if(!(policydnamelen = strip_dname_origin(dname, dnamelen, aznamelen,
 		policydname))) {
 		free(policydname);

util/iana_ports.inc

@@ -1848,7 +1848,6 @@
 2197,
 2198,
 2199,
-2200,
 2201,
 2202,
 2203,
@@ -4768,6 +4767,7 @@
 8088,
 8097,
 8100,
+8111,
 8115,
 8116,
 8118,

util/net_help.h

@@ -469,6 +469,7 @@ void listen_sslctx_delete_ticket_keys(void);
  * @param dname: the dname containing RPZ format netblock
  * @param addr: where to store sockaddr.
  * @param addrlen: length of stored sockaddr is returned.
+ * @param net: where to store netmask
  * @param af: where to store address family.
  * @return 0 on error.
  */

util/storage/lookup3.c

@@ -1,4 +1,7 @@
 /*
+  May 2019(Wouter) patch to enable the valgrind clean implementation all the
+     time.  This enables better security audit and checks, which is better
+     than the speedup.  Git issue #30.  Renamed the define ARRAY_CLEAN_ACCESS.
   February 2013(Wouter) patch defines for BSD endianness, from Brad Smith.
   January 2012(Wouter) added randomised initial value, fallout from 28c3.
   March 2007(Wouter) adapted from lookup3.c original, add config.h include.
@@ -44,6 +47,7 @@ on 1 byte), but shoehorning those bytes into integers efficiently is messy.
 -------------------------------------------------------------------------------
 */
 /*#define SELF_TEST 1*/
+#define ARRAY_CLEAN_ACCESS 1
 
 #include "config.h"
 #include "util/storage/lookup3.h"
@@ -336,7 +340,7 @@ uint32_t hashlittle( const void *key, size_t length, uint32_t initval)
   u.ptr = key;
   if (HASH_LITTLE_ENDIAN && ((u.i & 0x3) == 0)) {
     const uint32_t *k = (const uint32_t *)key;         /* read 32-bit chunks */
-#ifdef VALGRIND
+#ifdef ARRAY_CLEAN_ACCESS
     const uint8_t  *k8;
 #endif
 
@@ -361,7 +365,7 @@ uint32_t hashlittle( const void *key, size_t length, uint32_t initval)
      * still catch it and complain.  The masking trick does make the hash
      * noticeably faster for short strings (like English words).
      */
-#ifndef VALGRIND
+#ifndef ARRAY_CLEAN_ACCESS
 
     switch(length)
     {