From: Yorgos Thessalonikefs <yorgos@nlnetlabs.nl>
Date: Tue, 3 Dec 2024 13:10:17 +0000 (+0100)
Subject: - Safeguard alias loop while looking in the cache for expired answers.
X-Git-Tag: release-1.23.0rc1~83
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=b4a9c8bb0573b565375db5efd8e7f849667fa881;p=thirdparty%2Funbound.git

- Safeguard alias loop while looking in the cache for expired answers.
---

diff --git a/doc/Changelog b/doc/Changelog
index fdcf53f3c..5e625dc97 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -6,6 +6,7 @@
 	  (1 day) as suggested by RFC8767.
 	- Merge #1198: Fix log-servfail with serve expired and no useful cache
 	  contents.
+	- Safeguard alias loop while looking in the cache for expired answers.
 
 22 November 2024: Yorgos
 	- Fix #1175: serve-expired does not adhere to secure-by-default
diff --git a/services/mesh.c b/services/mesh.c
index 18a53b4a5..a25094d12 100644
--- a/services/mesh.c
+++ b/services/mesh.c
@@ -2183,7 +2183,7 @@ mesh_serve_expired_callback(void* arg)
 	struct timeval tv = {0, 0};
 	int must_validate = (!(qstate->query_flags&BIT_CD)
 		|| qstate->env->cfg->ignore_cd) && qstate->env->need_to_validate;
-	int i = 0;
+	int i = 0, for_count;
 	int is_expired;
 	if(!qstate->serve_expired_data) return;
 	verbose(VERB_ALGO, "Serve expired: Trying to reply with expired data");
@@ -2196,9 +2196,10 @@ mesh_serve_expired_callback(void* arg)
 			"Serve expired: Not allowed to look into cache for stale");
 		return;
 	}
-	/* The following while is used instead of the `goto lookup_cache`
-	 * like in the worker. */
-	while(1) {
+	/* The following for is used instead of the `goto lookup_cache`
+	 * like in the worker. This loop should get max 2 passes if we need to
+	 * do any aliasing. */
+	for(for_count = 0; for_count < 2; for_count++) {
 		fptr_ok(fptr_whitelist_serve_expired_lookup(
 			qstate->serve_expired_data->get_cached_answer));
 		msg = (*qstate->serve_expired_data->get_cached_answer)(qstate,