[bind10-dev] double free bug

[Francis Dupont]

Note this shows only on Windows because for an unknown reason
on my Linux Fedora 15/gcc 4.6.1 the client timer handler
(clientTimeout() method of the ForwardQuery class) is never called
even the asio documentation says it should...

The problem is in src/lib/resolve/tests in all timeout tests,
I show it the first one (RecursiveQueryTest.forwardQueryTimeout):
in recursive_query_unittest.cc lines 686 to 717, reindented:

...
    Message query_message(Message::RENDER);
...

    query.forward(ConstMessagePtr(&query_message),
                  answer, buffer, &server, callback);
    // Run the test
    io_service_->run();
    EXPECT_EQ(callback->result, MockResolverCallback::FAILURE);
}

The problem is the shared pointer to query_message is put in a
ForwardQuery object which is deleted by the last handler (so only on
Windows). In the debug mode the runtime raises an assertion because
the query_message object is deleted too at the end of the block
it is declared.
Note the boost::shared_ptr documentation is pretty clear the constructor
argument must be allocated by new, my proposed fix is:

replace
    Message query_message(Message::RENDER);
    isc::resolve::initResponseMessage(question, query_message);
by
    Message *query_message = new Message(Message::RENDER);
    isc::resolve::initResponseMessage(question, *query_message);
and
    query.forward(ConstMessagePtr(&query_message),
by
    query.forward(ConstMessagePtr(query_message),

BTW even it is enough to fix the 4 occurrences in the *imeout* tests,
IMHO it is better to fix all occurrences.

Regards

Francis Dupont <fdupont at isc.org>