From 63145fb1d328eb66f9c786d2273bc2e3f6a3ecf5 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Wed, 13 Oct 2021 17:06:48 +1100 Subject: [PATCH] Prevent existing catalog zone entries being incorrectly deleted After receiving a new version of a catalog zone it is required to merge it with the old version. The algorithm walks through the new version's hash table and applies the following logic: 1. If an entry from the new version does not exist in the old version, then it's a new entry, add the entry to the `toadd` hash table. 2. If the zone does not exist in the set of configured zones, because it was deleted via rndc delzone or it was removed from another catalog zone instance, then add into to the `toadd` hash table to be reinstantiated. 3. If an entry from the new version also exists in the old version, but is modified, then add the entry to the `tomod` hash table, then remove it from the old version's hash table. 4. If an entry from the new version also exists in the old version and is the same (unmodified) then just remove it from the old version's hash table. The algorithm then deletes all the remaining zones which still exist in the old version's hash table (because only the ones that don't exist in the new version should now remain there), then adds the ones that were added to the `toadd`, and modifies the ones that were added to the `tomod`, completing the merge. During a recent refactoring, the part when the entry should be removed from the old version's hash table on condition (4.) above was accidentally omitted, so the unmodified zones were remaining in the old version's hash table and consequently being deleted. --- lib/dns/catz.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lib/dns/catz.c b/lib/dns/catz.c index b0c4527ee2..c519244b49 100644 --- a/lib/dns/catz.c +++ b/lib/dns/catz.c @@ -494,6 +494,14 @@ dns_catz_zones_merge(dns_catz_zone_t *target, dns_catz_zone_t *newzone) { zname, czname); continue; } + + /* + * Delete the old entry so that it won't accidentally be + * removed as a non-existing entry below. + */ + dns_catz_entry_detach(target, &oentry); + result = isc_ht_delete(target->entries, key, (uint32_t)keysize); + RUNTIME_CHECK(result == ISC_R_SUCCESS); } RUNTIME_CHECK(result == ISC_R_NOMORE); isc_ht_iter_destroy(&iter1);