From 1a02ba61202bde2a1d10ae98629951a2465eba5b Mon Sep 17 00:00:00 2001
From: Kees Monshouwer <mind04@monshouwer.org>
Date: Tue, 13 Jan 2015 12:54:27 +0100
Subject: [PATCH] auth: limit long version strings to 63 characters and catch
 exceptions in secpoll

---
 pdns/common_startup.cc | 5 ++++-
 pdns/secpoll-auth.cc   | 3 ++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/pdns/common_startup.cc b/pdns/common_startup.cc
index a1feccbaa2..189505b300 100644
--- a/pdns/common_startup.cc
+++ b/pdns/common_startup.cc
@@ -440,7 +440,10 @@ void mainthread()
    DNSPacket::s_udpTruncationThreshold = std::max(512, ::arg().asNum("udp-truncation-threshold"));
    DNSPacket::s_doEDNSSubnetProcessing = ::arg().mustDo("edns-subnet-processing");
 
-   doSecPoll(true); // this must be BEFORE chroot
+   try {
+     doSecPoll(true); // this must be BEFORE chroot
+   }
+   catch(...) {}
 
    if(!::arg()["chroot"].empty()) {  
      triggerLoadOfLibraries();
diff --git a/pdns/secpoll-auth.cc b/pdns/secpoll-auth.cc
index 84b3a1a914..cf9cc8ff56 100644
--- a/pdns/secpoll-auth.cc
+++ b/pdns/secpoll-auth.cc
@@ -124,7 +124,8 @@ void doSecPoll(bool first)
   struct timeval now;
   gettimeofday(&now, 0);
 
-  string query = "auth-" + string(PACKAGEVERSION) +".security-status."+::arg()["security-poll-suffix"];
+  string version = "auth-" + string(PACKAGEVERSION);
+  string query = version.substr(0, 63) +".security-status."+::arg()["security-poll-suffix"];
 
   if(*query.rbegin()!='.')
     query+='.';
-- 
2.47.2