From 81274f4b08b04eade0936cd32a4ba56281d7c2d2 Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Tue, 7 Feb 2012 01:07:47 +0000
Subject: [PATCH] 3280.   [bug]           Potential double free of a rdataset
 on out of memory                         with DNS64. [RT #27762]

---
 CHANGES           |  3 +++
 bin/named/query.c | 10 +++++-----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/CHANGES b/CHANGES
index 5b4432602d..1d6fee59d3 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+3280.	[bug]		Potential double free of a rdataset on out of memory
+			with DNS64. [RT #27762]
+
 3279.	[bug]		Hold a internal reference to the zone while performing
 			a asynchronous load.  Address potential memory leak
 			if the asynchronous is cancelled. [RT #27750]
diff --git a/bin/named/query.c b/bin/named/query.c
index 53aa489b5d..6bae511641 100644
--- a/bin/named/query.c
+++ b/bin/named/query.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: query.c,v 1.383 2012/01/31 23:47:31 tbox Exp $ */
+/* $Id: query.c,v 1.384 2012/02/07 01:07:47 marka Exp $ */
 
 /*! \file */
 
@@ -6132,6 +6132,8 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
 				query_putrdataset(client, &sigrdataset);
 			rdataset = client->query.dns64_aaaa;
 			sigrdataset = client->query.dns64_sigaaaa;
+			client->query.dns64_aaaa = NULL;
+			client->query.dns64_sigaaaa = NULL;
 			if (fname == NULL) {
 				dbuf = query_getnamebuf(client);
 				if (dbuf == NULL) {
@@ -6145,8 +6147,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
 				}
 			}
 			dns_name_copy(client->query.qname, fname, NULL);
-			client->query.dns64_aaaa = NULL;
-			client->query.dns64_sigaaaa = NULL;
 			dns64 = ISC_FALSE;
 #ifdef dns64_bis_return_excluded_addresses
 			/*
@@ -6391,6 +6391,8 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
 				query_putrdataset(client, &sigrdataset);
 			rdataset = client->query.dns64_aaaa;
 			sigrdataset = client->query.dns64_sigaaaa;
+			client->query.dns64_aaaa = NULL;
+			client->query.dns64_sigaaaa = NULL;
 			if (fname == NULL) {
 				dbuf = query_getnamebuf(client);
 				if (dbuf == NULL) {
@@ -6404,8 +6406,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
 				}
 			}
 			dns_name_copy(client->query.qname, fname, NULL);
-			client->query.dns64_aaaa = NULL;
-			client->query.dns64_sigaaaa = NULL;
 			dns64 = ISC_FALSE;
 #ifdef dns64_bis_return_excluded_addresses
 			if (dns64_excluded)