Commit 24231afa authored by Mark Andrews's avatar Mark Andrews
Browse files

4229. [bug] A variable could be used uninitalised in

                        dns_update_signaturesinc. [RT #40784]
parent 8a0b6b39
4229. [bug] A variable could be used uninitalised in
dns_update_signaturesinc. [RT #40784]
4228. [bug] Address race condition in dns_client_destroyrestrans.
[RT #40605]
......
......@@ -1361,7 +1361,7 @@ struct dns_update_state {
unsigned int nkeys;
isc_stdtime_t inception, expire;
dns_ttl_t nsecttl;
isc_boolean_t check_ksk, keyset_kskonly;
isc_boolean_t check_ksk, keyset_kskonly, build_nsec3;
enum { sign_updates, remove_orphaned, build_chain, process_nsec,
sign_nsec, update_nsec3, process_nsec3, sign_nsec3 } state;
};
......@@ -1376,7 +1376,7 @@ dns_update_signaturesinc(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db,
dns_update_state_t mystate, *state;
dns_difftuple_t *t, *next;
isc_boolean_t flag, build_nsec, build_nsec3;
isc_boolean_t flag, build_nsec;
unsigned int i;
isc_stdtime_t now;
dns_rdata_soa_t soa;
......@@ -1405,6 +1405,7 @@ dns_update_signaturesinc(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db,
dns_diff_init(diff->mctx, &state->nsec_mindiff);
dns_diff_init(diff->mctx, &state->work);
state->nkeys = 0;
state->build_nsec3 = ISC_FALSE;
result = find_zone_keys(zone, db, newver, diff->mctx,
DNS_MAXZONEKEYS, state->zone_keys,
......@@ -1569,7 +1570,7 @@ dns_update_signaturesinc(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db,
* See if we need to build NSEC or NSEC3 chains.
*/
CHECK(dns_private_chains(db, newver, privatetype, &build_nsec,
&build_nsec3));
&state->build_nsec3));
if (!build_nsec) {
state->state = update_nsec3;
goto next_state;
......@@ -1832,7 +1833,7 @@ dns_update_signaturesinc(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db,
INSIST(ISC_LIST_EMPTY(state->nsec_diff.tuples));
INSIST(ISC_LIST_EMPTY(state->nsec_mindiff.tuples));
if (!build_nsec3) {
if (!state->build_nsec3) {
update_log(log, zone, ISC_LOG_DEBUG(3),
"no NSEC3 chains to rebuild");
goto failure;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment