rec: Pass the correct buffer size to arecvfrom()

The size we used to pass to arecvfrom() along with our buffer was off by
one byte, resulting in the last byte of our buffer to be uninitialized for
answers exactly matching our outgoing buffer size. Since we passed the
correct size to MOADNSParser, we were reading one bye of unitialized
memory for such answers.
This caused issue with some authoritative servers sending an answer of our
exact buffer size, causing a parsing error. We would then retry without EDNS,
causing DNSSEC validation failures for some domains on such authoritative
servers.

diff --git a/pdns/lwres.cc b/pdns/lwres.cc
index 516f92d99b84e32f98df34a2e73fa26e7dbd3478..6c045a8b9e76c4accf1fd134791a4c30a7a40ed6 100644 (file)
--- a/pdns/lwres.cc
+++ b/pdns/lwres.cc
@@ -161,7 +161,7 @@ int asyncresolve(const ComboAddress& ip, const DNSName& domain, int type, bool d
   
     // sleep until we see an answer to this, interface to mtasker
     
-    ret=arecvfrom(reinterpret_cast<char *>(buf.get()), bufsize-1,0, ip, &len, qid,
+    ret=arecvfrom(reinterpret_cast<char *>(buf.get()), bufsize, 0, ip, &len, qid,
                   domain, type, queryfd, now);
   }
   else {