From: Jeremy Harris Date: Sun, 20 Sep 2015 20:47:10 +0000 (+0100) Subject: DNS: avoid overflow in cache TTL for negative entries. Bug 1395 X-Git-Tag: exim-4_87_RC1~89 X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=e162fc9757d4b8cb41aca74214e968622d6c3dee;p=exim.git DNS: avoid overflow in cache TTL for negative entries. Bug 1395 --- diff --git a/src/src/verify.c b/src/src/verify.c index cb88f28a9..435570bc8 100644 --- a/src/src/verify.c +++ b/src/src/verify.c @@ -3600,7 +3600,7 @@ cache the result in permanent memory. */ else { - uint ttl = UINT_MAX; + uint ttl = 3600; store_pool = POOL_PERM; @@ -3633,7 +3633,10 @@ else Quite apart from one A6 RR generating multiple addresses, there are DNS lists that return more than one A record, so we must handle multiple - addresses generated in that way as well. */ + addresses generated in that way as well. + + Mark the cache entry with the "now" plus the minimum of the address TTLs, + or some suitably far-future time if none were found. */ if (cb->rc == DNS_SUCCEED) {