mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-01 15:05:23 +00:00
Code Issues Releases Wiki Activity

3367. [bug] dns_dnsseckey_create() result was not being checked.

Browse Source 
[RT #30685]
This commit is contained in:
Mark Andrews
2012-08-21 12:04:09 +10:00
parent 64a8938b02
commit b29e848220
2 changed files with 13 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@@ -1,3 +1,6 @@
3367. [bug] dns_dnsseckey_create() result was not being checked.
[RT #30685]
3366. [bug] Fixed Read-After-Write dependency violation for IA64 3366. [bug] Fixed Read-After-Write dependency violation for IA64
atomic operations. [RT #25181] atomic operations. [RT #25181]

16
lib/dns/dnssec.c
View File

@@ -1401,11 +1401,12 @@ dns_dnssec_findmatchingkeys(dns_name_t *origin, const char *directory,
* the keys in the keyset, regardless of whether they have * the keys in the keyset, regardless of whether they have
* metadata indicating they should be deactivated or removed. * metadata indicating they should be deactivated or removed.
*/ */
static void static isc_result_t
addkey(dns_dnsseckeylist_t *keylist, dst_key_t **newkey, addkey(dns_dnsseckeylist_t *keylist, dst_key_t **newkey,
isc_boolean_t savekeys, isc_mem_t *mctx) isc_boolean_t savekeys, isc_mem_t *mctx)
{ {
dns_dnsseckey_t *key; dns_dnsseckey_t *key;
isc_result_t result;
/* Skip duplicates */ /* Skip duplicates */
for (key = ISC_LIST_HEAD(*keylist); for (key = ISC_LIST_HEAD(*keylist);
@@ -1433,10 +1434,12 @@ addkey(dns_dnsseckeylist_t *keylist, dst_key_t **newkey,
} }
key->source = dns_keysource_zoneapex; key->source = dns_keysource_zoneapex;
return; return (ISC_R_SUCCESS);
} }
dns_dnsseckey_create(mctx, newkey, &key); result = dns_dnsseckey_create(mctx, newkey, &key);
if (result != ISC_R_SUCCESS)
return (result);
if (key->legacy || savekeys) { if (key->legacy || savekeys) {
key->force_publish = ISC_TRUE; key->force_publish = ISC_TRUE;
key->force_sign = dst_key_isprivate(key->key); key->force_sign = dst_key_isprivate(key->key);
@@ -1444,6 +1447,7 @@ addkey(dns_dnsseckeylist_t *keylist, dst_key_t **newkey,
key->source = dns_keysource_zoneapex; key->source = dns_keysource_zoneapex;
ISC_LIST_APPEND(*keylist, key, link); ISC_LIST_APPEND(*keylist, key, link);
*newkey = NULL; *newkey = NULL;
return (ISC_R_SUCCESS);
} }
@@ -1534,7 +1538,7 @@ dns_dnssec_keylistfromrdataset(dns_name_t *origin,
goto skip; goto skip;
if (public) { if (public) {
addkey(keylist, &pubkey, savekeys, mctx); RETERR(addkey(keylist, &pubkey, savekeys, mctx));
goto skip; goto skip;
} }
@@ -1587,7 +1591,7 @@ dns_dnssec_keylistfromrdataset(dns_name_t *origin,
} }
if (result == ISC_R_FILENOTFOUND || result == ISC_R_NOPERM) { if (result == ISC_R_FILENOTFOUND || result == ISC_R_NOPERM) {
addkey(keylist, &pubkey, savekeys, mctx); RETERR(addkey(keylist, &pubkey, savekeys, mctx));
goto skip; goto skip;
} }
RETERR(result); RETERR(result);
@@ -1602,7 +1606,7 @@ dns_dnssec_keylistfromrdataset(dns_name_t *origin,
*/ */
dst_key_setttl(privkey, dst_key_getttl(pubkey)); dst_key_setttl(privkey, dst_key_getttl(pubkey));
addkey(keylist, &privkey, savekeys, mctx); RETERR(addkey(keylist, &privkey, savekeys, mctx));
skip: skip:
if (pubkey != NULL) if (pubkey != NULL)
dst_key_free(&pubkey); dst_key_free(&pubkey);