From b727e19b8219411ace8dff6140c98d6474c005dc Mon Sep 17 00:00:00 2001 From: Remi Gacogne Date: Thu, 19 Oct 2017 11:13:24 +0200 Subject: [PATCH] auth: Handle addKey() returning false in apiZoneCryptokeysPOST Reported by Coverity. --- pdns/ws-auth.cc | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/pdns/ws-auth.cc b/pdns/ws-auth.cc index 473599783..c600356ea 100644 --- a/pdns/ws-auth.cc +++ b/pdns/ws-auth.cc @@ -970,7 +970,7 @@ static void apiZoneCryptokeysPOST(DNSName zonename, HttpRequest *req, HttpRespon throw ApiException("Invalid keytype " + stringFromJson(document, "keytype")); } - int64_t insertedId; + int64_t insertedId = -1; if (content.is_null()) { int bits = keyOrZone ? ::arg().asNum("default-ksk-size") : ::arg().asNum("default-zsk-size"); @@ -995,7 +995,9 @@ static void apiZoneCryptokeysPOST(DNSName zonename, HttpRequest *req, HttpRespon } try { - dk->addKey(zonename, keyOrZone, algorithm, insertedId, bits, active); + if (!dk->addKey(zonename, keyOrZone, algorithm, insertedId, bits, active)) { + throw ApiException("Adding key failed, perhaps DNSSEC not enabled in configuration?"); + } } catch (std::runtime_error& error) { throw ApiException(error.what()); } @@ -1021,7 +1023,9 @@ static void apiZoneCryptokeysPOST(DNSName zonename, HttpRequest *req, HttpRespon catch (std::runtime_error& error) { throw ApiException("Key could not be parsed. Make sure your key format is correct."); } try { - dk->addKey(zonename, dpk,insertedId, active); + if (!dk->addKey(zonename, dpk,insertedId, active)) { + throw ApiException("Adding key failed, perhaps DNSSEC not enabled in configuration?"); + } } catch (std::runtime_error& error) { throw ApiException(error.what()); } -- 2.40.0