From 58c526bd0f63d5d424b7a03867b51ace495989a8 Mon Sep 17 00:00:00 2001
From: Otto Moerbeek <otto.moerbeek@open-xchange.com>
Date: Wed, 3 Jun 2020 12:15:46 +0200
Subject: [PATCH] If a CNAME target is found in the cache, check if it's equal
 to qname and ServFail if so.

Fixes the easy case of #9153. Longer chains with self-refs remain an issue.
---
 pdns/syncres.cc | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/pdns/syncres.cc b/pdns/syncres.cc
index 3fde0ef257..347afa6ab1 100644
--- a/pdns/syncres.cc
+++ b/pdns/syncres.cc
@@ -852,6 +852,7 @@ int SyncRes::doResolveNoQNameMinimization(const DNSName &qname, const QType &qty
 
     if(!d_skipCNAMECheck && doCNAMECacheCheck(qname, qtype, ret, depth, res, state, wasAuthZone, wasForwardRecurse)) { // will reroute us if needed
       d_wasOutOfBand = wasAuthZone;
+      // Do not set *fromCache; res does not reflect the final result in all cases
       return res;
     }
 
@@ -1329,6 +1330,12 @@ bool SyncRes::doCNAMECacheCheck(const DNSName &qname, const QType &qtype, vector
         newTarget = cnameContent->getTarget();
       }
 
+      if (qname == newTarget) {
+        LOG(prefix<<qname<<": Got a CNAME referral (from cache) to self, returning SERVFAIL"<<endl);
+        res = RCode::ServFail;
+        return true;
+      }
+
       set<GetBestNSAnswer>beenthere;
       vState cnameState = Indeterminate;
       res = doResolve(newTarget, qtype, ret, depth+1, beenthere, cnameState);
-- 
2.47.2