axfr-retriever: abort on chunk with TC set

author Peter van Dijk <peter.van.dijk@powerdns.com>

Wed, 14 Sep 2022 11:22:09 +0000 (13:22 +0200)

committer Peter van Dijk <peter.van.dijk@powerdns.com>

Tue, 27 Sep 2022 11:22:24 +0000 (13:22 +0200)
author Peter van Dijk <peter.van.dijk@powerdns.com>
Wed, 14 Sep 2022 11:22:09 +0000 (13:22 +0200)
committer Peter van Dijk <peter.van.dijk@powerdns.com>
Tue, 27 Sep 2022 11:22:24 +0000 (13:22 +0200)
diff --git a/pdns/axfr-retriever.cc b/pdns/axfr-retriever.cc

index 99f386bc148bec366f8653a95c14bbb253d53f5a..17bad21a0a85dfc84d33a200bddec07de1ce2a9b 100644 (file)
--- a/pdns/axfr-retriever.cc
+++ b/pdns/axfr-retriever.cc
@@ -133,6 +133,10 @@ int AXFRRetriever::getChunk(Resolver::res_t &res, vector<DNSRecord>* records, ui
      throw ResolverException("AXFR chunk error: " + RCode::to_s(err));
    }
  
+  if(mdp.d_header.tc) {
+    throw ResolverException("AXFR chunk had TC bit set");
+  }
+
    try {
      d_tsigVerifier.check(std::string(d_buf.get(), len), mdp);
    }
author	Peter van Dijk <peter.van.dijk@powerdns.com>
	Wed, 14 Sep 2022 11:22:09 +0000 (13:22 +0200)
committer	Peter van Dijk <peter.van.dijk@powerdns.com>
	Tue, 27 Sep 2022 11:22:24 +0000 (13:22 +0200)