[Fix] Clear inherited address family flags when creating new SPF addr nodes

When spf_record_process_addr creates a new address node for subsequent
DNS replies (MX A/AAAA resolution), it copies the original addr via
memcpy, inheriting all flags including the address family flag from the
first reply. The new reply's flag was OR'd in without clearing the
inherited one, resulting in nodes with both IPV4 and IPV6 flags set.
Since spf_addr_mask_to_string checks IPV4 before IPV6, such nodes would
always display as IPv4, causing duplicate IPv4 addresses in output
instead of the correct IPv4 + IPv6 pair.

Issue: #5951

diff --git a/src/libserver/spf.c b/src/libserver/spf.c
index 5707b006ae93499a60c928860f66e799589b07cd..207a4ec3c723124ae2935260a9fe531c64646e40 100644 (file)
--- a/src/libserver/spf.c
+++ b/src/libserver/spf.c
@@ -764,10 +764,12 @@ spf_record_process_addr(struct spf_record *rec, struct spf_addr *addr, struct rd
                                   &reply->content.aaa.addr,
                                   sizeof(addr->addr6));
                        naddr->flags |= RSPAMD_SPF_FLAG_IPV6;
+                       naddr->flags &= ~RSPAMD_SPF_FLAG_IPV4;
                }
                else if (reply->type == RDNS_REQUEST_A) {
                        memcpy(naddr->addr4, &reply->content.a.addr, sizeof(addr->addr4));
                        naddr->flags |= RSPAMD_SPF_FLAG_IPV4;
+                       naddr->flags &= ~RSPAMD_SPF_FLAG_IPV6;
                }
                else {
                        msg_err_spf(