[ldns-users] Inconsistency in ldns_zone_sign_nsec3

Michael Sheldon msheldon at godaddy.com
Mon Jun 7 20:33:50 UTC 2010

The function ldns_zone_sign_nsec3 creates a new signed copy of the
original unsigned zone. In doing so, it clones all of the original RR
records, EXCEPT, it does not clone the SOA record. For that record it
just copies the pointer.

This means if you do a deep free of both the original and the signed
zone, a segfault results. I'm currently working around it by setting the
SOA to NULL after freeing the first copy of the zone.

Michael Sheldon
Dev-DNS Services

More information about the ldns-users mailing list