In message , "Ray Bellis via RT" writes: > If you supply +ednsopt=nn[:xx] dighost.c accumulates the supplied > options in a global array, but doesn't dispose of old ones, eventually > triggering a fatal() error when the number reaches EDNSOPT_OPTIONS (100). +noednsopt will reset the index pointer. We do have a memory leak if there was a value and the index is reused. diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 320ed1a953..5e65b1d61d 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -1582,6 +1582,9 @@ save_opt(dig_lookup_t *lookup, char *code, char *value) { fatal("bad edns code point: %s", code); } + if (ednsopts[ednsoptscnt].value != NULL) + isc_mem_free(mctx, ednsopts[ednsoptscnt].value); + ednsopts[ednsoptscnt].code = num; ednsopts[ednsoptscnt].length = 0; ednsopts[ednsoptscnt].value = NULL; > In batch mode this terminates the program. In dig for iOS the fatal() > call doesn't happen, but the array fills up and a crash would occur. > > The array of options is ultimately disposed of in destroy_libs(), but > it's unclear why the entries aren't cleaned up and the array > reinitialised for each query. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org