43 lines
1.7 KiB
Diff
43 lines
1.7 KiB
Diff
From 148608c7b2a6fb55dafd35632b4a661f90ed36fb Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= <michal@isc.org>
|
|
Date: Mon, 13 Jun 2022 14:03:16 +0200
|
|
Subject: [PATCH] Check for NULL before dereferencing qctx->rpz_st
|
|
|
|
Commit 9ffb4a7ba11fae64a6ce2dd6390cd334372b7ab7 causes Clang Static
|
|
Analyzer to flag a potential NULL dereference in query_nxdomain():
|
|
|
|
query.c:9394:26: warning: Dereference of null pointer [core.NullDereference]
|
|
if (!qctx->nxrewrite || qctx->rpz_st->m.rpz->addsoa) {
|
|
^~~~~~~~~~~~~~~~~~~
|
|
1 warning generated.
|
|
|
|
The warning above is for qctx->rpz_st potentially being a NULL pointer
|
|
when query_nxdomain() is called from query_resume(). This is a false
|
|
positive because none of the database lookup result codes currently
|
|
causing query_nxdomain() to be called (DNS_R_EMPTYWILD, DNS_R_NXDOMAIN)
|
|
can be returned by a database lookup following a recursive resolution
|
|
attempt. Add a NULL check nevertheless in order to future-proof the
|
|
code and silence Clang Static Analyzer.
|
|
|
|
(cherry picked from commit 07592d1315412c38c978e8d009aace5d0f5bef93)
|
|
---
|
|
lib/ns/query.c | 4 +++-
|
|
1 file changed, 3 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/lib/ns/query.c b/lib/ns/query.c
|
|
index 43638a35eb8..067c6a23729 100644
|
|
--- a/lib/ns/query.c
|
|
+++ b/lib/ns/query.c
|
|
@@ -9248,7 +9248,9 @@ query_nxdomain(query_ctx_t *qctx, bool empty_wild) {
|
|
{
|
|
ttl = 0;
|
|
}
|
|
- if (!qctx->nxrewrite || qctx->rpz_st->m.rpz->addsoa) {
|
|
+ if (!qctx->nxrewrite ||
|
|
+ (qctx->rpz_st != NULL && qctx->rpz_st->m.rpz->addsoa))
|
|
+ {
|
|
result = query_addsoa(qctx, ttl, section);
|
|
if (result != ISC_R_SUCCESS) {
|
|
QUERY_ERROR(qctx, result);
|
|
--
|
|
2.23.0
|