authoritative: Prevent a potential race condition in cache cleaning

Clean query cache before cleaning packet cache. Otherwise the following
situation is possible:

* thread A cleans packet cache
* thread B answers a question for the same name that is being cleaned by A
* since there is no packet cache it populates a packet cache entry from the
  query cache (which has not yet been cleaned by thread A
* thread A cleans query cache
* the server will return the old packet cache entry until its TTL expires or
  cache is cleaned again

Switching which cache is cleaned first fixes this race condition.

Signed-off-by: Deyan Doychev <deyan@siteground.com>

diff --git a/pdns/auth-caches.cc b/pdns/auth-caches.cc
index 4fd75bb74a9624987200346d3abf8876d4b294f3..580d4dde67a54a56a4d53bc2b61710f7eb01d09d 100644 (file)
--- a/pdns/auth-caches.cc
+++ b/pdns/auth-caches.cc
@@ -31,8 +31,9 @@ extern AuthQueryCache QC;
 uint64_t purgeAuthCaches()
 {
   uint64_t ret = 0;
-  ret += PC.purge();
+  /* Clean query cache before packet cache to avoid potential race condition */
   ret += QC.purge();
+  ret += PC.purge();
   return ret;
 }
 
@@ -40,8 +41,9 @@ uint64_t purgeAuthCaches()
 uint64_t purgeAuthCaches(const std::string& match)
 {
   uint64_t ret = 0;
-  ret += PC.purge(match);
+  /* Clean query cache before packet cache to avoid potential race condition */
   ret += QC.purge(match);
+  ret += PC.purge(match);
   return ret;
 }
 
@@ -49,8 +51,9 @@ uint64_t purgeAuthCaches(const std::string& match)
 uint64_t purgeAuthCachesExact(const DNSName& qname)
 {
   uint64_t ret = 0;
-  ret += PC.purgeExact(qname);
+  /* Clean query cache before packet cache to avoid potential race condition */
   ret += QC.purgeExact(qname);
+  ret += PC.purgeExact(qname);
   return ret;
 }