From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Mon, 23 Mar 2026 12:27:04 +0000 (+0100)
Subject: dnsdist: Fix out-of-bounds check for UDP responses from backend
X-Git-Tag: auth-5.1.0-beta1~24^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=fb91c4cc940ec919be9ee548fe1835f464afcafc;p=thirdparty%2Fpdns.git

dnsdist: Fix out-of-bounds check for UDP responses from backend

Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
---

diff --git a/pdns/dnsdistdist/dnsdist-backend.cc b/pdns/dnsdistdist/dnsdist-backend.cc
index 31592b996c..f8100882b9 100644
--- a/pdns/dnsdistdist/dnsdist-backend.cc
+++ b/pdns/dnsdistdist/dnsdist-backend.cc
@@ -581,7 +581,7 @@ uint16_t DownstreamState::saveState(InternalQueryState&& state)
 
   do {
     uint16_t selectedID = (idOffset++) % idStates.size();
-    IDState& ids = idStates[selectedID];
+    IDState& ids = idStates.at(selectedID);
     auto guard = ids.acquire();
     if (!guard) {
       continue;
@@ -624,7 +624,7 @@ void DownstreamState::restoreState(uint16_t id, InternalQueryState&& state)
     return;
   }
 
-  auto& ids = idStates[id];
+  auto& ids = idStates.at(id);
   auto guard = ids.acquire();
   if (!guard) {
     /* already used */
@@ -663,11 +663,11 @@ std::optional<InternalQueryState> DownstreamState::getState(uint16_t id)
     return result;
   }
 
-  if (id > idStates.size()) {
+  if (id >= idStates.size()) {
     return result;
   }
 
-  auto& ids = idStates[id];
+  auto& ids = idStates.at(id);
   auto guard = ids.acquire();
   if (!guard) {
     return result;