]> git.ipfire.org Git - thirdparty/unbound.git/commitdiff
projects / thirdparty / unbound.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4b627bd)
fix ipset wrong behavior 955/head
authorAlexander V. Buev <san@zzz.spb.ru>
Tue, 17 Oct 2023 15:35:42 +0000 (18:35 +0300)
committerAlexander V. Buev <san@zzz.spb.ru>
Tue, 17 Oct 2023 15:35:42 +0000 (18:35 +0300)
  Issue description:

    If local zone directive is assigned as following:

      "local-zone domain.com ipset"

    then any answers for query with names such as
    "anytext1domain.com" or "example2domain.com"
    will be added to ipset.

  This commit fixes this issue.

ipset/ipset.c patch | blob | blame | history

diff --git a/ipset/ipset.c b/ipset/ipset.c
index c61ebc205ee871e47efffdb846312ff5477772eb..af55de8d6fc2b22e3e14b10c711a7d4d6d7f63a5 100644 (file)
--- a/ipset/ipset.c
+++ b/ipset/ipset.c
@@ -158,10 +158,10 @@ ipset_check_zones_for_rrset(struct module_env *env, struct ipset_env *ie,
                qs = NULL;
                plen = strlen(p->str);
 
-               if (dlen >= plen) {
+               if (dlen == plen || (dlen > plen && dname[dlen - plen - 1] == '.' )) {
                        ds = dname + (dlen - plen);
                }
-               if (qlen >= plen) {
+               if (qlen == plen || (qlen > plen && qname[qlen - plen - 1] == '.' )) {
                        qs = qname + (qlen - plen);
                }
                if ((ds && strncasecmp(p->str, ds, plen) == 0)
Mirror of https://github.com/NLnetLabs/unbound.git