On 05/07/2021 16:53, Dominik DL6ER wrote: > Hey Simon, > > the current dnsmasq master version contains a bug rewriting all > NXDOMAIN replies from upstream with NOERROR. > > The error has been introduced in commit > d0ae3f5a4dc094e8fe2a3c607028c1c59f42f473 (see attached diff) and is > ultimately caused by > >> lookup_domain(daemon->namebuff, F_CONFIG, NULL, NULL) > > at line 668/669 returning 1 when it shouldn't. > > How to reproduce: > > 1. Start dnsmasq > 2. Query a non-existing domain such as "google.comxxx". > > dnsmasq 6860cf932baeaf1c2f09c2a58e38be189ae394de (and older) replies > with NXDOMAN (as expected) > dnsmasq d0ae3f5a4dc094e8fe2a3c607028c1c59f42f473 (and newer) replies > incorrectly with NOERROR and sets the AA bit. > > Let me know if you need any further information. >
Nice catch, thanks. I believe that df25f204ba822c9c00bc9372c85da58e9aff6e86 should fix this. Cheers, Simon. _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
