From ce24c00b7d46d7bed95691af036ad629aa08ad39 Mon Sep 17 00:00:00 2001
From: Pieter Lexis <pieter.lexis@powerdns.com>
Date: Thu, 9 Nov 2017 11:09:32 +0100
Subject: [PATCH] Check return value of getTSIGKey and B64Decode

This would lead to crashes if the TSIG key was referenced in
TSIG-ALLOW-FROM but the key was not in the tsigkeys table.

Closes #5931

(cherry picked from commit fba65bff16fd5decaa80df08938873725cbdfe45)
---
 pdns/mastercommunicator.cc | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/pdns/mastercommunicator.cc b/pdns/mastercommunicator.cc
index 2fd276217..5bd833604 100644
--- a/pdns/mastercommunicator.cc
+++ b/pdns/mastercommunicator.cc
@@ -238,7 +238,10 @@ void CommunicatorClass::sendNotification(int sock, const DNSName& domain, const
   pw.getHeader()->aa = true; 
 
   if (tsigkeyname.empty() == false) {
-    B.getTSIGKey(tsigkeyname, &tsigalgorithm, &tsigsecret64);
+    if (!B.getTSIGKey(tsigkeyname, &tsigalgorithm, &tsigsecret64)) {
+      L<<Logger::Error<<"TSIG key '"<<tsigkeyname<<"' for domain '"<<domain<<"' not found"<<endl;
+      return;
+    }
     TSIGRecordContent trc;
     if (tsigalgorithm.toStringNoDot() == "hmac-md5")
       trc.d_algoName = DNSName(tsigalgorithm.toStringNoDot() + ".sig-alg.reg.int.");
@@ -248,7 +251,10 @@ void CommunicatorClass::sendNotification(int sock, const DNSName& domain, const
     trc.d_fudge = 300;
     trc.d_origID=ntohs(id);
     trc.d_eRcode=0;
-    B64Decode(tsigsecret64, tsigsecret);
+    if (B64Decode(tsigsecret64, tsigsecret) == -1) {
+      L<<Logger::Error<<"Unable to Base-64 decode TSIG key '"<<tsigkeyname<<"' for domain '"<<domain<<"'"<<endl;
+      return;
+    }
     addTSIG(pw, &trc, tsigkeyname, tsigsecret, "", false);
   }
 
-- 
2.49.0