Fix dangling references to outdated views after reconfig

This commit fix a leak which was happening every time an inline-signed zone was added to the configuration, followed by a rndc reconfig. During the reconfig process, the secure version of every inline-signed zone was "moved" to a new view upon a reconfig and it "took the raw version along", but only once the secure version was freed (at shutdown) was prev_view for the raw version detached from, causing the old view to be released as well. This caused dangling references to be kept for the previous view, thus keeping all resources used by that view in memory.
2026-02-26 03:11:56 -05:00 · 2021-02-11 11:32:20 -03:00 · 2021-02-11 11:32:20 -03:00 · 30729c7013
commit 30729c7013
parent fe6bd687d7
3 changed files with 14 additions and 13 deletions
--- a/bin/named/server.c
+++ b/bin/named/server.c
@ -7975,7 +7975,6 @@ configure_zone_setviewcommit(isc_result_t result, const cfg_obj_t *zconfig,
 	isc_result_t result2;
 	dns_view_t *pview = NULL;
 	dns_zone_t *zone = NULL;
-	dns_zone_t *raw = NULL;

 	zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
 	origin = dns_fixedname_initname(&fixorigin);
@ -7997,22 +7996,10 @@ configure_zone_setviewcommit(isc_result_t result, const cfg_obj_t *zconfig,
 		return;
 	}

-	dns_zone_getraw(zone, &raw);
-
 	if (result == ISC_R_SUCCESS) {
 		dns_zone_setviewcommit(zone);
-		if (raw != NULL) {
-			dns_zone_setviewcommit(raw);
-		}
 	} else {
 		dns_zone_setviewrevert(zone);
-		if (raw != NULL) {
-			dns_zone_setviewrevert(raw);
-		}
-	}
-
-	if (raw != NULL) {
-		dns_zone_detach(&raw);
 	}

 	dns_zone_detach(&zone);
--- a/bin/tests/system/views/ns2/named1.conf.in
+++ b/bin/tests/system/views/ns2/named1.conf.in
@ -41,3 +41,11 @@ zone "example" {
 	file "example.db";
 	allow-update { any; };
 };
+
+zone "inline" {
+	type primary;
+	file "external/inline.db";
+	key-directory "external";
+	auto-dnssec maintain;
+	inline-signing yes;
+};
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@ -1616,6 +1616,9 @@ dns_zone_setviewcommit(dns_zone_t *zone) {
 	if (zone->prev_view != NULL) {
 		dns_view_weakdetach(&zone->prev_view);
 	}
+	if (inline_secure(zone)) {
+		dns_zone_setviewcommit(zone->raw);
+	}
 	UNLOCK_ZONE(zone);
 }

@ -1628,6 +1631,9 @@ dns_zone_setviewrevert(dns_zone_t *zone) {
 		dns_zone_setview_helper(zone, zone->prev_view);
 		dns_view_weakdetach(&zone->prev_view);
 	}
+	if (inline_secure(zone)) {
+		dns_zone_setviewrevert(zone->raw);
+	}
 	UNLOCK_ZONE(zone);
 }