From: TCY16 <tom@nlnetlabs.nl>
Date: Wed, 29 Sep 2021 10:54:41 +0000 (+0200)
Subject: add QDCOUNT=0 to CHAOS query in ACL
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=320aa64d1881a0b05d6d384181c3202b8a3a4c87;p=thirdparty%2Funbound.git

add QDCOUNT=0 to CHAOS query in ACL
---

diff --git a/daemon/worker.c b/daemon/worker.c
index 2f2e62b32..bd7567b34 100644
--- a/daemon/worker.c
+++ b/daemon/worker.c
@@ -1061,10 +1061,11 @@ deny_refuse(struct comm_point* c, enum acl_access acl,
 		LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), 
 			LDNS_RCODE_REFUSED);
 
-		sldns_buffer_skip(c->buffer, (ssize_t)sizeof(uint16_t)); /* skip qtype  */
-		
+		sldns_buffer_skip(c->buffer, (ssize_t)sizeof(uint16_t)); /* skip qtype */
+
 		/* check the qclass */
 		if (sldns_buffer_read_u16(c->buffer) != LDNS_RR_CLASS_IN) {
+			LDNS_QDCOUNT_SET(sldns_buffer_begin(c->buffer), 0);
 			LDNS_ANCOUNT_SET(sldns_buffer_begin(c->buffer), 0);
 			LDNS_NSCOUNT_SET(sldns_buffer_begin(c->buffer), 0);
 			LDNS_ARCOUNT_SET(sldns_buffer_begin(c->buffer), 0);