From eb06423b7e67787e56004a25794c8d0b9f077488 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= Date: Thu, 24 Jan 2019 12:55:24 +0100 Subject: [PATCH] Try to fix crash at +sigchase +topdown When multilabel name is already cached, child_of_zone fails check when zone_name is direct child of name. Error is ignored and crashes on expectation child_name was initialized. Handle the error and relax the check. Reproducer: dig isc.org dig +sigchase +topdown isc.org --- bin/dig/dighost.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index caf1a48f04..3cd4ac3e71 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -5381,7 +5381,7 @@ child_of_zone(dns_name_t * name, dns_name_t * zone_name, name_reln = dns_name_fullcompare(name, zone_name, &orderp, &nlabelsp); if (name_reln != dns_namereln_subdomain || - dns_name_countlabels(name) <= dns_name_countlabels(zone_name) + 1) { + dns_name_countlabels(name) < dns_name_countlabels(zone_name) + 1) { printf("\n;; ERROR : "); dns_name_print(name, stdout); printf(" is not a subdomain of: "); @@ -5973,6 +5973,8 @@ sigchase_td(dns_message_t *msg) dns_name_init(&tmp_name, NULL); result = child_of_zone(&chase_name, &chase_current_name, &tmp_name); + if (result != ISC_R_SUCCESS) + goto cleanandgo; if (dns_name_dynamic(&chase_authority_name)) free_name(&chase_authority_name); dup_name(&tmp_name, &chase_authority_name);