commit fdfcfdc: [Fix] Spf: Do not parse non TXT DNS replies as TXT replies

[Vsevolod Stakhov]

Author: Vsevolod Stakhov
Date: 2021-08-23 14:12:40 +0100
URL: https://github.com/rspamd/rspamd/commit/fdfcfdc36a98809b98a3c3ca4cf9931e732b0710 (HEAD -> master)

[Fix] Spf: Do not parse non TXT DNS replies as TXT replies

---
 src/libserver/spf.c | 36 ++++++++++++++++++++++--------------
 1 file changed, 22 insertions(+), 14 deletions(-)

diff --git a/src/libserver/spf.c b/src/libserver/spf.c
index 999423c7d..5261ad01f 100644
--- a/src/libserver/spf.c
+++ b/src/libserver/spf.c
@@ -783,26 +783,34 @@ spf_process_txt_record (struct spf_record *rec, struct spf_resolved_element *res
 	 * or incorrect records (e.g. spf2 records)
 	 */
 	LL_FOREACH (reply->entries, elt) {
-		if (strncmp (elt->content.txt.data, "v=spf1", sizeof ("v=spf1") - 1)
+		if (elt->type == RDNS_REQUEST_TXT) {
+			if (strncmp(elt->content.txt.data, "v=spf1", sizeof("v=spf1") - 1)
 				== 0) {
-			selected = elt;
-			rspamd_mempool_set_variable (rec->task->task_pool,
-					RSPAMD_MEMPOOL_SPF_RECORD,
-					rspamd_mempool_strdup (rec->task->task_pool,
-							elt->content.txt.data), NULL);
-			break;
+				selected = elt;
+				rspamd_mempool_set_variable(rec->task->task_pool,
+						RSPAMD_MEMPOOL_SPF_RECORD,
+						rspamd_mempool_strdup (rec->task->task_pool,
+								elt->content.txt.data), NULL);
+				break;
+			}
 		}
 	}
 
 	if (!selected) {
 		LL_FOREACH (reply->entries, elt) {
-			if (start_spf_parse (rec, resolved, elt->content.txt.data)) {
-				ret = TRUE;
-				rspamd_mempool_set_variable (rec->task->task_pool,
-						RSPAMD_MEMPOOL_SPF_RECORD,
-						rspamd_mempool_strdup (rec->task->task_pool,
-								elt->content.txt.data), NULL);
-				break;
+			/*
+			 * Rubbish spf record? Let's still try to process it, but merely for
+			 * TXT RRs
+			 */
+			if (elt->type == RDNS_REQUEST_TXT) {
+				if (start_spf_parse(rec, resolved, elt->content.txt.data)) {
+					ret = TRUE;
+					rspamd_mempool_set_variable(rec->task->task_pool,
+							RSPAMD_MEMPOOL_SPF_RECORD,
+							rspamd_mempool_strdup (rec->task->task_pool,
+									elt->content.txt.data), NULL);
+					break;
+				}
 			}
 		}
 	}