From 30729c7013d0ea2f7eac85f44129df33fb28aaa3 Mon Sep 17 00:00:00 2001
From: Diego Fronza <diego@isc.org>
Date: Thu, 11 Feb 2021 11:32:20 -0300
Subject: [PATCH] Fix dangling references to outdated views after reconfig

This commit fix a leak which was happening every time an inline-signed
zone was added to the configuration, followed by a rndc reconfig.

During the reconfig process, the secure version of every inline-signed
zone was "moved" to a new view upon a reconfig and it "took the raw
version along", but only once the secure version was freed (at shutdown)
was prev_view for the raw version detached from, causing the old view to
be released as well.

This caused dangling references to be kept for the previous view, thus
keeping all resources used by that view in memory.
---
 bin/named/server.c                        | 13 -------------
 bin/tests/system/views/ns2/named1.conf.in |  8 ++++++++
 lib/dns/zone.c                            |  6 ++++++
 3 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/bin/named/server.c b/bin/named/server.c
index e4e80f6f81..c2afd5523a 100644
--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -7975,7 +7975,6 @@ configure_zone_setviewcommit(isc_result_t result, const cfg_obj_t *zconfig,
 	isc_result_t result2;
 	dns_view_t *pview = NULL;
 	dns_zone_t *zone = NULL;
-	dns_zone_t *raw = NULL;
 
 	zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
 	origin = dns_fixedname_initname(&fixorigin);
@@ -7997,22 +7996,10 @@ configure_zone_setviewcommit(isc_result_t result, const cfg_obj_t *zconfig,
 		return;
 	}
 
-	dns_zone_getraw(zone, &raw);
-
 	if (result == ISC_R_SUCCESS) {
 		dns_zone_setviewcommit(zone);
-		if (raw != NULL) {
-			dns_zone_setviewcommit(raw);
-		}
 	} else {
 		dns_zone_setviewrevert(zone);
-		if (raw != NULL) {
-			dns_zone_setviewrevert(raw);
-		}
-	}
-
-	if (raw != NULL) {
-		dns_zone_detach(&raw);
 	}
 
 	dns_zone_detach(&zone);
diff --git a/bin/tests/system/views/ns2/named1.conf.in b/bin/tests/system/views/ns2/named1.conf.in
index 4ad0e557e3..64ac6fa8d9 100644
--- a/bin/tests/system/views/ns2/named1.conf.in
+++ b/bin/tests/system/views/ns2/named1.conf.in
@@ -41,3 +41,11 @@ zone "example" {
 	file "example.db";
 	allow-update { any; };
 };
+
+zone "inline" {
+	type primary;
+	file "external/inline.db";
+	key-directory "external";
+	auto-dnssec maintain;
+	inline-signing yes;
+};
diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index b0120ec4e3..0269a9b42d 100644
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -1616,6 +1616,9 @@ dns_zone_setviewcommit(dns_zone_t *zone) {
 	if (zone->prev_view != NULL) {
 		dns_view_weakdetach(&zone->prev_view);
 	}
+	if (inline_secure(zone)) {
+		dns_zone_setviewcommit(zone->raw);
+	}
 	UNLOCK_ZONE(zone);
 }
 
@@ -1628,6 +1631,9 @@ dns_zone_setviewrevert(dns_zone_t *zone) {
 		dns_zone_setview_helper(zone, zone->prev_view);
 		dns_view_weakdetach(&zone->prev_view);
 	}
+	if (inline_secure(zone)) {
+		dns_zone_setviewrevert(zone->raw);
+	}
 	UNLOCK_ZONE(zone);
 }