From: Remi Gacogne Date: Mon, 19 Dec 2016 15:27:14 +0000 (+0100) Subject: rec: Don't choke on escaped content in getZoneCuts() X-Git-Tag: rec-4.0.4~7^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F4807%2Fhead;p=thirdparty%2Fpdns.git rec: Don't choke on escaped content in getZoneCuts() `getZoneCuts()` was constructing a `DNSName` by passing a raw label returned from `DNSName::getRawLabels()` as a string. The constructor then tried to handle escaped characters from the string, resulting in a different `DNSName` than the expected one. This caused the `qname != begin` condition to be false even after every label in `labelsToAdd` had been added, causing an UB by calling `std::vector::back()` on an empty vector. Using `DNSName::prependRawLabel()` instead prevents this issue since the string is not escaped. (cherry picked from commit 754914f0177cd990db16ff0cc29c8789e94b32bb) --- diff --git a/pdns/validate.cc b/pdns/validate.cc index 3a180a4740..e0db5f6cac 100644 --- a/pdns/validate.cc +++ b/pdns/validate.cc @@ -124,7 +124,7 @@ vector getZoneCuts(const DNSName& begin, const DNSName& end, DNSRecordO // The shortest name is assumed to a zone cut ret.push_back(qname); while(qname != begin) { - qname = DNSName(labelsToAdd.back()) + qname; + qname.prependRawLabel(labelsToAdd.back()); labelsToAdd.pop_back(); bool foundCut = false; auto records = dro.get(qname, (uint16_t)QType::NS);