diff --git a/CHANGES b/CHANGES index e8968f411d..ca7da17efb 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +5129. [contrib] sdlz_helper.c:build_querylist was not properly + splitting the query string. [GL #798] + 5128. [bug] Refreshkeytime was not being updated for managed keys zones. [GL #784] diff --git a/contrib/dlz/drivers/include/dlz/sdlz_helper.h b/contrib/dlz/drivers/include/dlz/sdlz_helper.h index 4d74e70d90..b6add3f1a0 100644 --- a/contrib/dlz/drivers/include/dlz/sdlz_helper.h +++ b/contrib/dlz/drivers/include/dlz/sdlz_helper.h @@ -59,7 +59,7 @@ typedef struct driverinstance driverinstance_t; struct query_segment { void *sql; unsigned int strlen; - bool direct; + bool direct; ISC_LINK(query_segment_t) link; }; diff --git a/contrib/dlz/drivers/sdlz_helper.c b/contrib/dlz/drivers/sdlz_helper.c index c44f724382..e08cf89d77 100644 --- a/contrib/dlz/drivers/sdlz_helper.c +++ b/contrib/dlz/drivers/sdlz_helper.c @@ -106,11 +106,11 @@ build_querylist(isc_mem_t *mctx, const char *query_str, char **zone, bool foundzone = false; bool foundrecord = false; bool foundclient = false; + char *free_me = NULL; char *temp_str = NULL; - char *right_str = NULL; query_list_t *tql; query_segment_t *tseg = NULL; - char *last; + char *last = NULL; REQUIRE(querylist != NULL && *querylist == NULL); REQUIRE(mctx != NULL); @@ -135,15 +135,24 @@ build_querylist(isc_mem_t *mctx, const char *query_str, char **zone, ISC_LIST_INIT(*tql); /* make a copy of query_str so we can chop it up */ - temp_str = right_str = isc_mem_strdup(mctx, query_str); + free_me = temp_str = isc_mem_strdup(mctx, query_str); /* couldn't make a copy, problem!! */ - if (right_str == NULL) { + if (temp_str == NULL) { result = ISC_R_NOMEMORY; goto cleanup; } /* loop through the string and chop it up */ - while (right_str != NULL) { + for (;;) { + /* + * Split string into tokens at '$'. + */ + const char *sql = strtok_r(temp_str, "$", &last); + if (sql == NULL) { + break; + } + temp_str = NULL; + /* allocate memory for tseg */ tseg = isc_mem_get(mctx, sizeof(query_segment_t)); if (tseg == NULL) { /* no memory, clean everything up. */ @@ -157,13 +166,7 @@ build_querylist(isc_mem_t *mctx, const char *query_str, char **zone, /* append the query segment to the list */ ISC_LIST_APPEND(*tql, tseg, link); - /* - * split string at the first "$". set query segment to - * left portion - */ - last = NULL; - tseg->sql = isc_mem_strdup(mctx, - strtok_r(right_str, "$", &last)); + tseg->sql = isc_mem_strdup(mctx, sql); if (tseg->sql == NULL) { /* no memory, clean everything up. */ result = ISC_R_NOMEMORY; @@ -181,7 +184,7 @@ build_querylist(isc_mem_t *mctx, const char *query_str, char **zone, */ isc_mem_free(mctx, tseg->sql); /* set tseg->sql to in-direct zone string */ - tseg->sql = (char**) zone; + tseg->sql = zone; tseg->strlen = 0; /* tseg->sql points in-directly to a string */ tseg->direct = false; @@ -194,9 +197,9 @@ build_querylist(isc_mem_t *mctx, const char *query_str, char **zone, */ isc_mem_free(mctx, tseg->sql); /* set tseg->sql to in-direct record string */ - tseg->sql = (char**) record; + tseg->sql = record; tseg->strlen = 0; - /* tseg->sql points in-directly poinsts to a string */ + /* tseg->sql points in-directly points to a string */ tseg->direct = false; foundrecord = true; /* check if we encountered "$client$" token */ @@ -207,16 +210,16 @@ build_querylist(isc_mem_t *mctx, const char *query_str, char **zone, */ isc_mem_free(mctx, tseg->sql); /* set tseg->sql to in-direct record string */ - tseg->sql = (char**) client; + tseg->sql = client; tseg->strlen = 0; - /* tseg->sql points in-directly poinsts to a string */ + /* tseg->sql points in-directly points to a string */ tseg->direct = false; foundclient = true; } } /* we don't need temp_str any more */ - isc_mem_free(mctx, temp_str); + isc_mem_free(mctx, free_me); /* * add checks later to verify zone and record are found if * necessary. @@ -259,9 +262,9 @@ build_querylist(isc_mem_t *mctx, const char *query_str, char **zone, return (ISC_R_SUCCESS); cleanup: - /* get rid of temp_str */ - if (temp_str != NULL) - isc_mem_free(mctx, temp_str); + /* get rid of free_me */ + if (free_me != NULL) + isc_mem_free(mctx, free_me); flag_fail: /* get rid of what was build of the query list */