From 320aa64d1881a0b05d6d384181c3202b8a3a4c87 Mon Sep 17 00:00:00 2001
From: TCY16 <tom@nlnetlabs.nl>
Date: Wed, 29 Sep 2021 12:54:41 +0200
Subject: [PATCH] add QDCOUNT=0 to CHAOS query in ACL

---
 daemon/worker.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/daemon/worker.c b/daemon/worker.c
index 2f2e62b32..bd7567b34 100644
--- a/daemon/worker.c
+++ b/daemon/worker.c
@@ -1061,10 +1061,11 @@ deny_refuse(struct comm_point* c, enum acl_access acl,
 		LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), 
 			LDNS_RCODE_REFUSED);
 
-		sldns_buffer_skip(c->buffer, (ssize_t)sizeof(uint16_t)); /* skip qtype  */
-		
+		sldns_buffer_skip(c->buffer, (ssize_t)sizeof(uint16_t)); /* skip qtype */
+
 		/* check the qclass */
 		if (sldns_buffer_read_u16(c->buffer) != LDNS_RR_CLASS_IN) {
+			LDNS_QDCOUNT_SET(sldns_buffer_begin(c->buffer), 0);
 			LDNS_ANCOUNT_SET(sldns_buffer_begin(c->buffer), 0);
 			LDNS_NSCOUNT_SET(sldns_buffer_begin(c->buffer), 0);
 			LDNS_ARCOUNT_SET(sldns_buffer_begin(c->buffer), 0);
-- 
2.47.2