DNS: avoid overflow in cache TTL for negative entries. Bug 1395

author Jeremy Harris <jgh146exb@wizmail.org>

Sun, 20 Sep 2015 20:47:10 +0000 (21:47 +0100)

committer Jeremy Harris <jgh146exb@wizmail.org>

Sun, 20 Sep 2015 20:47:10 +0000 (21:47 +0100)
author Jeremy Harris <jgh146exb@wizmail.org>
Sun, 20 Sep 2015 20:47:10 +0000 (21:47 +0100)
committer Jeremy Harris <jgh146exb@wizmail.org>
Sun, 20 Sep 2015 20:47:10 +0000 (21:47 +0100)
diff --git a/src/src/verify.c b/src/src/verify.c

index cb88f28a91f82137d1a02a53a09c8f4f979f5b66..435570bc87203cd3435e246f1641b106f7000a2f 100644 (file)
--- a/src/src/verify.c
+++ b/src/src/verify.c
@@ -3600,7 +3600,7 @@ cache the result in permanent memory. */
  
  else
    {
-  uint ttl = UINT_MAX;
+  uint ttl = 3600;
  
    store_pool = POOL_PERM;
  
@@ -3633,7 +3633,10 @@ else
  
    Quite apart from one A6 RR generating multiple addresses, there are DNS
    lists that return more than one A record, so we must handle multiple
-  addresses generated in that way as well. */
+  addresses generated in that way as well.
+
+  Mark the cache entry with the "now" plus the minimum of the address TTLs,
+  or some suitably far-future time if none were found. */
  
    if (cb->rc == DNS_SUCCEED)
      {
author	Jeremy Harris <jgh146exb@wizmail.org>
	Sun, 20 Sep 2015 20:47:10 +0000 (21:47 +0100)
committer	Jeremy Harris <jgh146exb@wizmail.org>
	Sun, 20 Sep 2015 20:47:10 +0000 (21:47 +0100)