From c82da2167dcbd8300f0eaa81fb900c0b17e8f94c Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Fri, 22 Mar 2013 09:21:30 +1100 Subject: [PATCH] 3531. [bug] win32: A uninitialized value could be returned on out of memory. [RT #32960] --- CHANGES | 3 +++ lib/isc/unix/socket.c | 8 ++++---- lib/isc/win32/socket.c | 14 ++++++-------- 3 files changed, 13 insertions(+), 12 deletions(-) diff --git a/CHANGES b/CHANGES index 443693864d..72c7640085 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +3531. [bug] win32: A uninitialized value could be returned on out + of memory. [RT #32960] + 3530. [contrib] Better RTT tracking in queryperf. [RT #30128] 3529. [func] Named now listens on both IPv4 and IPv6 interfaces diff --git a/lib/isc/unix/socket.c b/lib/isc/unix/socket.c index b288a9cd5c..f2efd48bb4 100644 --- a/lib/isc/unix/socket.c +++ b/lib/isc/unix/socket.c @@ -2104,7 +2104,7 @@ allocate_socket(isc__socketmgr_t *manager, isc_sockettype_t type, sock->sendcmsgbuf = NULL; /* - * set up cmsg buffers + * Set up cmsg buffers. */ cmsgbuflen = 0; #if defined(USE_CMSG) && defined(ISC_PLATFORM_HAVEIN6PKTINFO) @@ -2146,7 +2146,7 @@ allocate_socket(isc__socketmgr_t *manager, isc_sockettype_t type, sock->tag = NULL; /* - * set up list of readers and writers to be initially empty + * Set up list of readers and writers to be initially empty. */ ISC_LIST_INIT(sock->recv_list); ISC_LIST_INIT(sock->send_list); @@ -2161,7 +2161,7 @@ allocate_socket(isc__socketmgr_t *manager, isc_sockettype_t type, sock->bound = 0; /* - * initialize the lock + * Initialize the lock. */ result = isc_mutex_init(&sock->lock); if (result != ISC_R_SUCCESS) { @@ -2171,7 +2171,7 @@ allocate_socket(isc__socketmgr_t *manager, isc_sockettype_t type, } /* - * Initialize readable and writable events + * Initialize readable and writable events. */ ISC_EVENT_INIT(&sock->readable_ev, sizeof(intev_t), ISC_EVENTATTR_NOPURGE, NULL, ISC_SOCKEVENT_INTR, diff --git a/lib/isc/win32/socket.c b/lib/isc/win32/socket.c index ec0ab7610b..1b4b953882 100644 --- a/lib/isc/win32/socket.c +++ b/lib/isc/win32/socket.c @@ -1466,7 +1466,7 @@ allocate_socket(isc_socketmgr_t *manager, isc_sockettype_t type, ISC_LINK_INIT(sock, link); /* - * set up list of readers and writers to be initially empty + * Set up list of readers and writers to be initially empty. */ ISC_LIST_INIT(sock->recv_list); ISC_LIST_INIT(sock->send_list); @@ -1489,20 +1489,16 @@ allocate_socket(isc_socketmgr_t *manager, isc_sockettype_t type, sock->recvbuf.remaining = 0; sock->recvbuf.base = isc_mem_get(manager->mctx, sock->recvbuf.len); // max buffer size if (sock->recvbuf.base == NULL) { - sock->magic = 0; + result = ISC_R_NOMEMORY; goto error; } /* - * initialize the lock + * Initialize the lock. */ result = isc_mutex_init(&sock->lock); - if (result != ISC_R_SUCCESS) { - sock->magic = 0; - isc_mem_put(manager->mctx, sock->recvbuf.base, sock->recvbuf.len); - sock->recvbuf.base = NULL; + if (result != ISC_R_SUCCESS) goto error; - } socket_log(__LINE__, sock, NULL, EVENT, NULL, 0, 0, "allocated"); @@ -1513,6 +1509,8 @@ allocate_socket(isc_socketmgr_t *manager, isc_sockettype_t type, return (ISC_R_SUCCESS); error: + if (sock->recvbuf.base != NULL) + isc_mem_put(manager->mctx, sock->recvbuf.base, sock->recvbuf.len); isc_mem_put(manager->mctx, sock, sizeof(*sock)); return (result);