From fae0930eb84063fc03d711a0c772c58e5b470377 Mon Sep 17 00:00:00 2001 From: Aram Sargsyan Date: Thu, 11 May 2023 12:08:13 +0000 Subject: [PATCH] Check whether zone->db is a valid pointer before attaching The zone_resigninc() function does not check the validity of 'zone->db', which can crash named if the zone was unloaded earlier, for example with "rndc delete". Check that 'zone->db' is not 'NULL' before attaching to it, like it is done in zone_sign() and zone_nsec3chain() functions, which can similarly be called by zone maintenance. --- lib/dns/zone.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/dns/zone.c b/lib/dns/zone.c index d943295588..7481d3b12f 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -6825,8 +6825,14 @@ zone_resigninc(dns_zone_t *zone) { } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); - dns_db_attach(zone->db, &db); + if (zone->db != NULL) { + dns_db_attach(zone->db, &db); + } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); + if (db == NULL) { + result = ISC_R_FAILURE; + goto failure; + } result = dns_db_newversion(db, &version); if (result != ISC_R_SUCCESS) {