Potential for NULL pointer dereference (CWE-476) in BIND 9.14.5, file 'filter-aaaa.c'
Summary
In reviewing calls to 'isc_mem_get()', in directory '/bin/plugins' file 'filter-aaaa.c' at line 368, there is a call made to 'isc_mem_get()' that are not checked for a return value of NULL, which potentially could cause a NULL pointer dereference
BIND version used
9.14.5
Steps to reproduce
Bug is in software
What is the current bug behavior?
If memory allocation fails, the end result could be a 'segmentation fault (core dumped)', the check added prevents this by a graceful exit...
What is the expected correct behavior?
All memory allocations should be checked to ensure the memory requested is actually returned.
Relevant configuration files
N/A
Relevant logs and/or screenshots
N/A
Possible fixes
I am attaching the patch file to this bug report...
--- filter-aaaa.c.orig 2019-09-05 19:32:26.725724200 -0700
+++ filter-aaaa.c 2019-09-05 19:35:27.951335800 -0700
@@ -368,6 +368,10 @@
cfg_file, cfg_line, parameters != NULL ? "with" : "no");
inst = isc_mem_get(mctx, sizeof(*inst));
+ if (inst == NULL) { /* unable to allocate memory */
+ result = ISC_R_NOMEMORY;
+ goto cleanup;
+ }
memset(inst, 0, sizeof(*inst));
isc_mem_attach(mctx, &inst->mctx);
```[filter-aaaa.c.patch](/uploads/b1c78b0abccbf0cef6f7be55347bbe36/filter-aaaa.c.patch)