From 765ed1a254e04c3b6ab59e0cad9acb11a56e45e6 Mon Sep 17 00:00:00 2001
From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Mon, 24 Dec 2018 14:26:13 +0100
Subject: [PATCH] rec: Add constraints while loading the Public Suffix List

---
 pdns/recursordist/pubsuffixloader.cc | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pdns/recursordist/pubsuffixloader.cc b/pdns/recursordist/pubsuffixloader.cc
index 1bf1f54183..4f46555233 100644
--- a/pdns/recursordist/pubsuffixloader.cc
+++ b/pdns/recursordist/pubsuffixloader.cc
@@ -38,6 +38,7 @@ void initPublicSuffixList(const std::string& file)
   bool loaded = false;
   if (!file.empty()) {
     try {
+      Regex reg("^[.0-9a-z-]*$");
       std::ifstream suffixFile(file);
       if (!suffixFile.is_open()) {
         throw std::runtime_error("Error opening the public suffix list file");
@@ -50,7 +51,14 @@ void initPublicSuffixList(const std::string& file)
           continue;
         }
         try {
+          line = toLower(line);
+          if (!reg.match(line)) {
+            continue;
+          }
           DNSName name(toLower(line));
+          if (name.countLabels() < 2) {
+            continue;
+          }
           pbList.push_back(name.labelReverse().getRawLabels());
         }
         catch(...) {
-- 
2.47.2