Potential for NULL pointer de-reference (CWE-476) in file 'server.c' in BIND-9.12.1-P2
Summary
In reviewing source code in BIND-9.12.1-P2, in directory '/bin/named', file 'server.c', calls to isc_mem_get() are not checked for a return value of NULL, indicating failure which could lead to a de-reference and segmentation fault.
Steps to reproduce
N/A
What is the current bug behavior?
All calls to isc_mem_strdup() are not checked for a return value of NULL
What is the expected correct behavior?
Check all calls to isc_mem_strdup() for a return value of NULL
Relevant configuration files
N/A
Relevant logs and/or screenshots
N/A
Possible fixes
Here is the code below and attached as a diff file to this issue report:
--- server.c.orig 2018-07-14 18:54:31.340288620 -0700 +++ server.c 2018-07-14 18:58:41.105923420 -0700 @@ -2886,6 +2886,11 @@ if (!opts->in_memory && obj != NULL && cfg_obj_isstring(obj)) { opts->zonedir = isc_mem_strdup(view->mctx, cfg_obj_asstring(obj));
-
if (opts->zonedir == NULL) {
-
result = ISC_R_NOMEMORY;
-
goto cleanup;
-
}
-
if (isc_file_isdirectory(opts->zonedir) != ISC_R_SUCCESS) { cfg_obj_log(obj, named_g_lctx, DNS_CATZ_ERROR_LEVEL, "catz: zone-directory '%s' "[server.c.patch](/uploads/3e9adffb2ed566bbfe5ba1b1b42f3351/server.c.patch)