From 754914f0177cd990db16ff0cc29c8789e94b32bb Mon Sep 17 00:00:00 2001 From: Remi Gacogne Date: Mon, 19 Dec 2016 16:27:14 +0100 Subject: [PATCH] rec: Don't choke on escaped content in getZoneCuts() `getZoneCuts()` was constructing a `DNSName` by passing a raw label returned from `DNSName::getRawLabels()` as a string. The constructor then tried to handle escaped characters from the string, resulting in a different `DNSName` than the expected one. This caused the `qname != begin` condition to be false even after every label in `labelsToAdd` had been added, causing an UB by calling `std::vector::back()` on an empty vector. Using `DNSName::prependRawLabel()` instead prevents this issue since the string is not escaped. --- pdns/validate.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pdns/validate.cc b/pdns/validate.cc index 4574542f8..9e953f9bc 100644 --- a/pdns/validate.cc +++ b/pdns/validate.cc @@ -124,7 +124,7 @@ vector getZoneCuts(const DNSName& begin, const DNSName& end, DNSRecordO // The shortest name is assumed to a zone cut ret.push_back(qname); while(qname != begin) { - qname = DNSName(labelsToAdd.back()) + qname; + qname.prependRawLabel(labelsToAdd.back()); labelsToAdd.pop_back(); bool foundCut = false; auto records = dro.get(qname, (uint16_t)QType::NS); -- 2.40.0