Backport of CVE-2020-25829 (any-cache-update) to 4.2.x

author Otto Moerbeek <otto.moerbeek@open-xchange.com>

Mon, 12 Oct 2020 08:11:21 +0000 (10:11 +0200)

committer Otto Moerbeek <otto.moerbeek@open-xchange.com>

Mon, 12 Oct 2020 08:11:21 +0000 (10:11 +0200)
author Otto Moerbeek <otto.moerbeek@open-xchange.com>
Mon, 12 Oct 2020 08:11:21 +0000 (10:11 +0200)
committer Otto Moerbeek <otto.moerbeek@open-xchange.com>
Mon, 12 Oct 2020 08:11:21 +0000 (10:11 +0200)
diff --git a/pdns/syncres.cc b/pdns/syncres.cc

index 50e0dc962031a01a86e578dea1a95a5f35bea7a5..59e21e2763b861dfa1df91b49bbf50a2ed26b8af 100644 (file)
--- a/pdns/syncres.cc
+++ b/pdns/syncres.cc
@@ -952,6 +952,11 @@ DNSName SyncRes::getBestNSNamesFromCache(const DNSName &qname, const QType& qtyp
  
  void SyncRes::updateValidationStatusInCache(const DNSName &qname, const QType& qt, bool aa, vState newState) const
  {
+  if (qt == QType::ANY || qt == QType::ADDR) {
+    // not doing that
+    return;
+  }
+
    if (newState == Bogus) {
      t_RC->updateValidationStatus(d_now.tv_sec, qname, qt, d_cacheRemote, aa, newState, s_maxbogusttl + d_now.tv_sec);
    }
author	Otto Moerbeek <otto.moerbeek@open-xchange.com>
	Mon, 12 Oct 2020 08:11:21 +0000 (10:11 +0200)
committer	Otto Moerbeek <otto.moerbeek@open-xchange.com>
	Mon, 12 Oct 2020 08:11:21 +0000 (10:11 +0200)