Potential for NULL pointer de-references (CWE-476) in file 'dnssec-keyfromlabel.c' in BIND-9.12.1-P2
Summary
In reviewing source code in BIND-9.12.1-P2, in directory 'bin/dnssec', file 'dnssec-keyfromlabel.c', a call to isc_mem_strdup() are not checked for a return value of NULL, indicating failure which could lead to a pointer de-reference and segmentation fault.
Steps to reproduce
N/A
What is the current bug behavior?
The call to isc_mem_strdup() is not checked for a return value of NULL
What is the expected correct behavior?
Check to insure the call to isc_mem_strdup() is checked for a return value of NULL
Relevant configuration files
N/A
Relevant logs and/or screenshots
N/A
Possible fixes
--- dnssec-keyfromlabel.c.orig 2018-07-14 18:37:30.377901398 -0700 +++ dnssec-keyfromlabel.c 2018-07-14 18:38:31.271232383 -0700 @@ -225,6 +225,9 @@ break; case 'l': label = isc_mem_strdup(mctx, isc_commandline_argument);
-
if (label == NULL) {
-
fatal("Failed to allocate memory for "
-
"label"); break; case 'n': nametype = isc_commandline_argument;