From da4436812c7108dd39e09069d4af770eaa738c7f Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Fri, 22 Mar 2013 09:55:29 +1100
Subject: [PATCH] 3533.   [contrib]       query-loc-0.4.0: memory leaks. [RT
 #32960]

3532.   [contrib]       zkt: fixed buffer overrun, resource leaks. [RT #32960]
---
 CHANGES                       |  4 ++++
 contrib/query-loc-0.4.0/loc.c |  6 +++---
 contrib/zkt/dki.c             |  2 +-
 contrib/zkt/zkt-soaserial.c   | 10 ++++++++--
 4 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/CHANGES b/CHANGES
index 72c7640085..ed3a2ec1b6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+3533.	[contrib]	query-loc-0.4.0: memory leaks. [RT #32960]
+
+3532.	[contrib]	zkt: fixed buffer overrun, resource leaks. [RT #32960]
+
 3531.	[bug]		win32: A uninitialized value could be returned on out
 			of memory. [RT #32960]
 
diff --git a/contrib/query-loc-0.4.0/loc.c b/contrib/query-loc-0.4.0/loc.c
index 57e37370fc..58cbcdfa4a 100644
--- a/contrib/query-loc-0.4.0/loc.c
+++ b/contrib/query-loc-0.4.0/loc.c
@@ -151,7 +151,8 @@ getlocbyaddr (addr, mask)
   struct in_addr netaddr;
   u_int32_t a;
   struct in_addr themask;
-  char *text_addr, *text_mask;
+  char text_addr[sizeof("255.255.255.255")],
+       text_mask[sizeof("255.255.255.255")];
 
   if (mask == NULL)
     {
@@ -162,13 +163,12 @@ getlocbyaddr (addr, mask)
       themask = *mask;
     }
 
-  text_addr = (char *) malloc (256);
-  text_mask = (char *) malloc (256);
   strcpy (text_addr, inet_ntoa (addr));
   strcpy (text_mask, inet_ntoa (themask));
 
   if (debug >= 2)
     printf ("Testing address %s/%s\n", text_addr, text_mask);
+
   if (mask == NULL)
     {
       a = ntohl (addr.s_addr);
diff --git a/contrib/zkt/dki.c b/contrib/zkt/dki.c
index f42a75fa82..5cd2fa21e6 100644
--- a/contrib/zkt/dki.c
+++ b/contrib/zkt/dki.c
@@ -70,7 +70,7 @@ static	dki_t	*dki_alloc ()
 	dki_estr[0] = '\0';
 	dki_t	*dkp = malloc (sizeof (dki_t));
 
-	if ( (dkp = malloc (sizeof (dki_t))) )
+	if ( dkp != NULL )
 	{
 		memset (dkp, 0, sizeof (dki_t));
 		return dkp;
diff --git a/contrib/zkt/zkt-soaserial.c b/contrib/zkt/zkt-soaserial.c
index ff107d9fab..39f66d50fd 100644
--- a/contrib/zkt/zkt-soaserial.c
+++ b/contrib/zkt/zkt-soaserial.c
@@ -120,14 +120,17 @@ static	int	read_serial_fromfile (const char *fname, unsigned long *serial)
 	soafound = 0;
 	while ( !soafound && fgets (buf, sizeof buf, fp) )
 	{
-		if ( sscanf (buf, "%*s %*d IN SOA %255s %*s (\n", master) == 1 )
+		if ( sscanf (buf, "%*s %*d IN SOA %254s %*s (\n", master) == 1 )
 			soafound = 1;
-		else if ( sscanf (buf, "%*s IN SOA %255s %*s (\n", master) == 1 )
+		else if ( sscanf (buf, "%*s IN SOA %254s %*s (\n", master) == 1 )
 			soafound = 1;
 	}
 
 	if ( !soafound )
+	{
+		fclose (fp);
 		return -2;	/* no zone file (soa not found) */
+	}
 
 	/* move forward until any non ws is reached */
 	while ( (c = getc (fp)) != EOF && isspace (c) )
@@ -136,7 +139,10 @@ static	int	read_serial_fromfile (const char *fname, unsigned long *serial)
 
 	*serial = 0L;	/* read in the current serial number */
 	if ( fscanf (fp, "%lu", serial) != 1 )	/* try to get serial no */
+	{
+		fclose (fp);
 		return -3;	/* no serial number found */
+	}
 
 	fclose (fp);