From 65d7f2bbef55df87077bc7794f9d479e3d460ab1 Mon Sep 17 00:00:00 2001
From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Tue, 29 Mar 2016 14:49:50 +0200
Subject: [PATCH] dnsdist: Prevent dangling TCP fd in case setupTCPDownstream()
 fails

Remove the closed socket descriptor from the sockets map.
Otherwise, if an exception occurs in setupTCPDownstream(), we might
try to use it and close it again later, not knowing it has been
reassigned to another socket or, worse, to a TCP acceptor pipe.
---
 pdns/dnsdist-tcp.cc | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/pdns/dnsdist-tcp.cc b/pdns/dnsdist-tcp.cc
index 81954a30fc12..eaeb974317a0 100644
--- a/pdns/dnsdist-tcp.cc
+++ b/pdns/dnsdist-tcp.cc
@@ -358,6 +358,8 @@ void* tcpClientThread(int pipefd)
         if(!sendNonBlockingMsgLen(dsock, dq.len, ds->tcpSendTimeout, ds->remote, ds->sourceAddr, ds->sourceItf)) {
 	  vinfolog("Downstream connection to %s died on us, getting a new one!", ds->getName());
           close(dsock);
+          dsock=-1;
+          sockets.erase(ds->remote);
           sockets[ds->remote]=dsock=setupTCPDownstream(ds);
           downstream_failures++;
           goto retry;
@@ -374,6 +376,8 @@ void* tcpClientThread(int pipefd)
         catch(const runtime_error& e) {
           vinfolog("Downstream connection to %s died on us, getting a new one!", ds->getName());
           close(dsock);
+          dsock=-1;
+          sockets.erase(ds->remote);
           sockets[ds->remote]=dsock=setupTCPDownstream(ds);
           downstream_failures++;
           goto retry;
@@ -382,6 +386,8 @@ void* tcpClientThread(int pipefd)
         if(!getNonBlockingMsgLen(dsock, &rlen, ds->tcpRecvTimeout)) {
 	  vinfolog("Downstream connection to %s died on us phase 2, getting a new one!", ds->getName());
           close(dsock);
+          dsock=-1;
+          sockets.erase(ds->remote);
           sockets[ds->remote]=dsock=setupTCPDownstream(ds);
           downstream_failures++;
           goto retry;