From e633398010fe4e173df47b57fd43da594af96c7c Mon Sep 17 00:00:00 2001 From: Matthijs Mekking Date: Tue, 23 Aug 2022 10:54:42 +0200 Subject: [PATCH] nsec3.c: Add a missing dns_db_detachnode() call There is one case in 'dns_nsec3_activex()' where it returns but forgets to detach the db node. Add the missing 'dns_db_detachnode()' call. This case only triggers if 'sig-signing-type' (privatetype) is set to 0 (which by default is not), or if the function is called with 'complete' is set to 'true' (which at this moment do not exist). --- lib/dns/nsec3.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c index fca6459343..253de1cab7 100644 --- a/lib/dns/nsec3.c +++ b/lib/dns/nsec3.c @@ -1830,6 +1830,7 @@ dns_nsec3_activex(dns_db_t *db, dns_dbversion_t *version, bool complete, try_private: if (privatetype == 0 || complete) { + dns_db_detachnode(db, &node); *answer = false; return (ISC_R_SUCCESS); }