Merge branch '3065-memory-leak-on-duplicately-named-dnssec-policy' into 'main'

Resolve "memory leak on duplicately named dnssec-policy"

Closes #3065

See merge request isc-projects/bind9!5669

CHANGES

@@ -1,3 +1,7 @@
+5785.	[bug]		named could leak memory when two dnssec-policy clauses
+			had the same name. named failed to log this error.
+			[GL #3085]
+
 5784.	[func]		Implement TLS-contexts reuse. Reusing the
 			previously created TLS context objects can reduce
 			initialisation time for some configurations and enables

bin/tests/system/checkconf/bad-kasp-duplicate.conf

@@ -0,0 +1,13 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+dnssec-policy a { };
+dnssec-policy a { };

lib/isccfg/kaspconf.c

@@ -272,6 +272,11 @@ cfg_kasp_fromconfig(const cfg_obj_t *config, const char *name, isc_mem_t *mctx,
 	result = dns_kasplist_find(kasplist, kaspname, &kasp);
 
 	if (result == ISC_R_SUCCESS) {
+		cfg_obj_log(
+			config, logctx, ISC_LOG_ERROR,
+			"dnssec-policy: duplicately named policy found '%s'",
+			kaspname);
+		dns_kasp_detach(&kasp);
 		return (ISC_R_EXISTS);
 	}
 	if (result != ISC_R_NOTFOUND) {