dnsdist: Prevent reading an uninitialized rcode in cache inspection

Entries smaller than a dnsheader should not make it into the cache
anyway, but better safe than sorry.

diff --git a/pdns/dnsdist-cache.cc b/pdns/dnsdist-cache.cc
index b884df5002ea6ded0601ccf81ae27bf0e97a7cb2..1da937ea539711ea8ec6d8f8fdd8b7f652ce772f 100644 (file)
--- a/pdns/dnsdist-cache.cc
+++ b/pdns/dnsdist-cache.cc
@@ -502,9 +502,11 @@ std::set<DNSName> DNSDistPacketCache::getDomainsContainingRecords(const ComboAdd
 
       try {
         dnsheader dh;
-        if (value.len >= sizeof(dnsheader)) {
-          memcpy(&dh, value.value.data(), sizeof(dnsheader));
+        if (value.len < sizeof(dnsheader)) {
+          continue;
         }
+
+        memcpy(&dh, value.value.data(), sizeof(dnsheader));
         if (dh.rcode != RCode::NoError || (dh.ancount == 0 && dh.nscount == 0 && dh.arcount == 0)) {
           continue;
         }
@@ -563,9 +565,11 @@ std::set<ComboAddress> DNSDistPacketCache::getRecordsForDomain(const DNSName& do
         }
 
         dnsheader dh;
-        if (value.len >= sizeof(dnsheader)) {
-          memcpy(&dh, value.value.data(), sizeof(dnsheader));
+        if (value.len < sizeof(dnsheader)) {
+          continue;
         }
+
+        memcpy(&dh, value.value.data(), sizeof(dnsheader));
         if (dh.rcode != RCode::NoError || (dh.ancount == 0 && dh.nscount == 0 && dh.arcount == 0)) {
           continue;
         }