diff options
author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2024-01-07 06:01:05 +0900 |
---|---|---|
committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2024-01-11 02:10:11 +0900 |
commit | 41398e87930902d62a3f6d11e4ff8b4af54fc69e (patch) | |
tree | 3701086ae291e56acb5f64d3287691a9e0810bbf | |
parent | resolve: drop DNS_TRANSACTION_UPSTREAM_DNSSEC_FAILURE (diff) | |
download | systemd-41398e87930902d62a3f6d11e4ff8b4af54fc69e.tar.xz systemd-41398e87930902d62a3f6d11e4ff8b4af54fc69e.zip |
resolve: several follow-ups for 9ca133e97a0c8795b1f293ccea4965b4ad1accc4.
- add missing initialization for DnsQuery.answer_ede_rcode,
- clear EDE code and message in dns_transaction_reset_answer(),
otherwise the previous EDE code or message may be mistakenly reused
on restart. This fixes memory leak of DnsTransaction.answer_ede_msg.
- also clear EDE code and message in dns_query_reset_answer(),
otherwise ede message is leaked if dns_query_accept() is called
multiple times for the same DnsQuery.
Follow-up for 9ca133e97a0c8795b1f293ccea4965b4ad1accc4.
Fixes #30752.
-rw-r--r-- | src/resolve/resolved-dns-query.c | 20 | ||||
-rw-r--r-- | src/resolve/resolved-dns-query.h | 2 | ||||
-rw-r--r-- | src/resolve/resolved-dns-transaction.c | 4 |
3 files changed, 10 insertions, 16 deletions
diff --git a/src/resolve/resolved-dns-query.c b/src/resolve/resolved-dns-query.c index a7bc45838f7..861a2db2cce 100644 --- a/src/resolve/resolved-dns-query.c +++ b/src/resolve/resolved-dns-query.c @@ -368,6 +368,8 @@ static void dns_query_reset_answer(DnsQuery *q) { q->answer = dns_answer_unref(q->answer); q->answer_rcode = 0; + q->answer_ede_rcode = _DNS_EDE_RCODE_INVALID; + q->answer_ede_msg = mfree(q->answer_ede_msg); q->answer_dnssec_result = _DNSSEC_RESULT_INVALID; q->answer_errno = 0; q->answer_query_flags = 0; @@ -421,8 +423,6 @@ DnsQuery *dns_query_free(DnsQuery *q) { dns_answer_unref(q->reply_authoritative); dns_answer_unref(q->reply_additional); - free(q->answer_ede_msg); - if (q->request_stream) { /* Detach the stream from our query, in case something else keeps a reference to it. */ (void) set_remove(q->request_stream->queries, q); @@ -516,6 +516,7 @@ int dns_query_new( .question_bypass = dns_packet_ref(question_bypass), .ifindex = ifindex, .flags = flags, + .answer_ede_rcode = _DNS_EDE_RCODE_INVALID, .answer_dnssec_result = _DNSSEC_RESULT_INVALID, .answer_protocol = _DNS_PROTOCOL_INVALID, .answer_family = AF_UNSPEC, @@ -898,20 +899,13 @@ static void dns_query_accept(DnsQuery *q, DnsQueryCandidate *c) { !FLAGS_SET(t->answer_query_flags, SD_RESOLVED_AUTHENTICATED)) continue; - char *answer_ede_msg = NULL; - if (t->answer_ede_msg) { - answer_ede_msg = strdup(t->answer_ede_msg); - if (!answer_ede_msg) { - r = log_oom(); - goto fail; - } - } - DNS_ANSWER_REPLACE(q->answer, dns_answer_ref(t->answer)); q->answer_rcode = t->answer_rcode; - q->answer_dnssec_result = t->answer_dnssec_result; q->answer_ede_rcode = t->answer_ede_rcode; - q->answer_ede_msg = answer_ede_msg; + r = free_and_strdup_warn(&q->answer_ede_msg, t->answer_ede_msg); + if (r < 0) + goto fail; + q->answer_dnssec_result = t->answer_dnssec_result; q->answer_query_flags = t->answer_query_flags | dns_transaction_source_to_query_flags(t->answer_source); q->answer_errno = t->answer_errno; DNS_PACKET_REPLACE(q->answer_full_packet, dns_packet_ref(t->received)); diff --git a/src/resolve/resolved-dns-query.h b/src/resolve/resolved-dns-query.h index 74ad2c73500..29d7288981f 100644 --- a/src/resolve/resolved-dns-query.h +++ b/src/resolve/resolved-dns-query.h @@ -73,9 +73,9 @@ struct DnsQuery { /* Discovered data */ DnsAnswer *answer; int answer_rcode; - DnssecResult answer_dnssec_result; int answer_ede_rcode; char *answer_ede_msg; + DnssecResult answer_dnssec_result; uint64_t answer_query_flags; DnsProtocol answer_protocol; int answer_family; diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c index 12c48deb662..aabaa129447 100644 --- a/src/resolve/resolved-dns-transaction.c +++ b/src/resolve/resolved-dns-transaction.c @@ -28,6 +28,8 @@ static void dns_transaction_reset_answer(DnsTransaction *t) { t->received = dns_packet_unref(t->received); t->answer = dns_answer_unref(t->answer); t->answer_rcode = 0; + t->answer_ede_rcode = _DNS_EDE_RCODE_INVALID; + t->answer_ede_msg = mfree(t->answer_ede_msg); t->answer_dnssec_result = _DNSSEC_RESULT_INVALID; t->answer_source = _DNS_TRANSACTION_SOURCE_INVALID; t->answer_query_flags = 0; @@ -166,8 +168,6 @@ DnsTransaction* dns_transaction_free(DnsTransaction *t) { dns_resource_key_unref(t->key); dns_packet_unref(t->bypass); - free(t->answer_ede_msg); - return mfree(t); } |