axfr-retriever: abort on chunk with TC set

author Peter van Dijk <peter.van.dijk@powerdns.com>

Wed, 14 Sep 2022 11:22:09 +0000 (13:22 +0200)

committer Peter van Dijk <peter.van.dijk@powerdns.com>

Wed, 14 Sep 2022 11:22:09 +0000 (13:22 +0200)
author Peter van Dijk <peter.van.dijk@powerdns.com>
Wed, 14 Sep 2022 11:22:09 +0000 (13:22 +0200)
committer Peter van Dijk <peter.van.dijk@powerdns.com>
Wed, 14 Sep 2022 11:22:09 +0000 (13:22 +0200)
diff --git a/pdns/axfr-retriever.cc b/pdns/axfr-retriever.cc

index c206306eeb05ad32f0b7da97c77901bff734fc3f..ce67f06384b236829d7a957e650390c56724b255 100644 (file)
--- a/pdns/axfr-retriever.cc
+++ b/pdns/axfr-retriever.cc
@@ -133,6 +133,10 @@ int AXFRRetriever::getChunk(Resolver::res_t &res, vector<DNSRecord>* records, ui
      throw ResolverException("AXFR chunk error: " + RCode::to_s(err));
    }
  
+  if(mdp.d_header.tc) {
+    throw ResolverException("AXFR chunk had TC bit set");
+  }
+
    try {
      d_tsigVerifier.check(std::string(d_buf.data(), len), mdp);
    }
author	Peter van Dijk <peter.van.dijk@powerdns.com>
	Wed, 14 Sep 2022 11:22:09 +0000 (13:22 +0200)
committer	Peter van Dijk <peter.van.dijk@powerdns.com>
	Wed, 14 Sep 2022 11:22:09 +0000 (13:22 +0200)