Increment query counters on resend

Internal resend paths in the resolver can be triggered in flows that
are expected to execute at most once. For example, when a query fails
and a specific flag is not set, the flag is enabled and the query is
retried. On a subsequent failure, the flag prevents another retry and
the resolver proceeds to the next server (or aborts).

However, if a flag check is accidentally omitted, this can result in
an unbounded loop repeatedly querying the same server. To guard
against this, resend operations now also increment the query
counters, ensuring such loops are eventually capped by the configured
limits.

This is a 9.11 re-implementation of the original commits:

00345dde8feadf6601c864f000d99e42986159d9
b863694b32f8f764ae7475939888aebe99425b90

diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
index 2b57b8ebb4b04a0d47197d80d8f3db1f853d0ad7..016d8208e8821234815ec1fe248b859c724eee67 100644 (file)
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -9035,6 +9035,17 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
                 * Resend (probably with changed options).
                 */
                FCTXTRACE("resend");
+
+               result = isc_counter_increment(fctx->qc);
+               if (result != ISC_R_SUCCESS) {
+                       isc_log_write(dns_lctx, DNS_LOGCATEGORY_RESOLVER,
+                                     DNS_LOGMODULE_RESOLVER, ISC_LOG_DEBUG(3),
+                                     "exceeded max queries resolving '%s'",
+                                     fctx->info);
+                       fctx_done(fctx, DNS_R_SERVFAIL, __LINE__);
+                       return;
+               }
+
                inc_stats(res, dns_resstatscounter_retry);
                bucketnum = fctx->bucketnum;
                fctx_increference(fctx);