From 4c2525c4185c02d905f7017336f4847663b4ab8d Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Mon, 30 Jan 2023 10:47:57 +1100 Subject: [PATCH 1/2] Cleanup OpenSSL reference on bad domain name Free/detach tsigkey and sig0key when exiting and then call dst_lib_destroy if we have previously called dst_lib_init. This will, in theory, allow OPENSSL_cleanup to free all memory. --- bin/dig/dighost.c | 39 ++++++++++++++++++++++++--------------- 1 file changed, 24 insertions(+), 15 deletions(-) diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 2de357d950..4bafbf7bae 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -227,6 +227,9 @@ clear_current_lookup(void); static bool next_origin(dig_lookup_t *oldlookup); +static void +cleanup_openssl_refs(void); + static int count_dots(char *string) { char *s; @@ -2334,6 +2337,7 @@ setup_lookup(dig_lookup_t *lookup) { clear_current_lookup(); return (false); #else /* if TARGET_OS_IPHONE */ + cleanup_openssl_refs(); digexit(); #endif /* if TARGET_OS_IPHONE */ } @@ -4660,6 +4664,25 @@ cancel_all(void) { } } +static void +cleanup_openssl_refs(void) { + if (tsigkey != NULL) { + debug("freeing TSIG key %p", tsigkey); + dns_tsigkey_detach(&tsigkey); + } + + if (sig0key != NULL) { + debug("freeing SIG(0) key %p", sig0key); + dst_key_free(&sig0key); + } + + if (is_dst_up) { + debug("destroy DST lib"); + dst_lib_destroy(); + is_dst_up = false; + } +} + /*% * Destroy all of the libs we are using, and get everything ready for a * clean shutdown. @@ -4681,27 +4704,13 @@ destroy_libs(void) { clear_searchlist(); - if (tsigkey != NULL) { - debug("freeing TSIG key %p", tsigkey); - dns_tsigkey_detach(&tsigkey); - } - - if (sig0key != NULL) { - debug("freeing SIG(0) key %p", sig0key); - dst_key_free(&sig0key); - } + cleanup_openssl_refs(); if (namebuf != NULL) { debug("freeing key %p", tsigkey); isc_buffer_free(&namebuf); } - if (is_dst_up) { - debug("destroy DST lib"); - dst_lib_destroy(); - is_dst_up = false; - } - debug("Removing log context"); isc_log_destroy(&lctx); From e27fc4bbc54eaa2db3f3d12b871f8d7dc32298a8 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Mon, 30 Jan 2023 15:26:52 +1100 Subject: [PATCH 2/2] Cleanup OpenSSL reference on bad option Another exit path that needs to be cleaned up. --- bin/dig/dig.c | 1 + bin/dig/dighost.c | 5 +---- bin/dig/dighost.h | 3 +++ 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/bin/dig/dig.c b/bin/dig/dig.c index 7c5c28545a..0d1814cda5 100644 --- a/bin/dig/dig.c +++ b/bin/dig/dig.c @@ -2195,6 +2195,7 @@ plus_option(char *option, bool is_batchfile, bool *need_clone, #if !TARGET_OS_IPHONE exit_or_usage: + cleanup_openssl_refs(); digexit(); #endif /* if !TARGET_OS_IPHONE */ } diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 4bafbf7bae..25c3bdde33 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -227,9 +227,6 @@ clear_current_lookup(void); static bool next_origin(dig_lookup_t *oldlookup); -static void -cleanup_openssl_refs(void); - static int count_dots(char *string) { char *s; @@ -4664,7 +4661,7 @@ cancel_all(void) { } } -static void +void cleanup_openssl_refs(void) { if (tsigkey != NULL) { debug("freeing TSIG key %p", tsigkey); diff --git a/bin/dig/dighost.h b/bin/dig/dighost.h index 06beaa91bc..4c12260338 100644 --- a/bin/dig/dighost.h +++ b/bin/dig/dighost.h @@ -296,6 +296,9 @@ warn(const char *format, ...) ISC_FORMAT_PRINTF(1, 2); noreturn void digexit(void); +void +cleanup_openssl_refs(void); + void debug(const char *format, ...) ISC_FORMAT_PRINTF(1, 2);