BIND 10 #2946: avoid handling DNSServer events after free
BIND 10 Development
do-not-reply at isc.org
Thu May 16 00:31:26 UTC 2013
#2946: avoid handling DNSServer events after free
-------------------------------------+-------------------------------------
Reporter: jinmei | Owner:
Type: defect | jinmei
Priority: medium | Status:
Component: b10-auth | accepted
Keywords: | Milestone:
Sensitive: 0 | Sprint-20130528
Sub-Project: DNS | Resolution:
Estimated Difficulty: 5 | CVSS Scoring:
Total Hours: 0 | Defect Severity: N/A
| Feature Depending on Ticket:
| Add Hours to Ticket: 0
| Internal?: 0
-------------------------------------+-------------------------------------
Comment (by jinmei):
trac2946 is ready for review.
the changes (except the last commit, see below) should be
straightforward with the understanding the problem.
regarding other servers than `SyncUDPServer`, on a closer lookup (+
some experiments) I realized they don't have this issue, at least in
an obvious way like the case of `SyncUDPServer`. Other server
implementations passes a copy of the server object, sharing actual
resources via member shared_ptr's.
I noticed one possible point of use-after-free in `TCPServer`, which
was fixed in the last commit. The change should be straightforward,
although I couldn't come up with a reasonable test scenario to prove
my theory. So, if this is considered a premature change I'm okay with
excluding it.
proposed changelog:
{{{
614.? [bug] jinmei
b10-auth: Avoid referencing to a freed object when authoritative
server addresses are reconfigured. It caused a crash on a busy
server during initial startup time, and the same crash could also
happen if listen_on parameters are reconfigured run time.
(Trac #2946, git TBD)
}}}
--
Ticket URL: <http://bind10.isc.org/ticket/2946#comment:4>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list