From 4e1fe444285f11cf85a32b01f638fb6c102be4a0 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Wed, 26 Mar 2014 12:24:19 +0000
Subject: Terminate DS-search when reaching the root via cache entries.

---
 src/forward.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/forward.c b/src/forward.c
index d9a41ba..7a87cb3 100644
--- a/src/forward.c
+++ b/src/forward.c
@@ -1328,6 +1328,10 @@ static int send_check_sign(time_t now, struct dns_header *header, size_t plen, c
 	  continue;
 	}
 
+      /* Reached the root */
+      if (!name_start)
+	return STAT_BOGUS;
+
       strcpy(keyname, name_start);
       return STAT_NEED_DS_NEG;
     }
@@ -1412,6 +1416,13 @@ static int  tcp_check_for_unsigned_zone(time_t now, struct dns_header *header, s
 	  continue;
 	}
 
+      /* reached the root */
+      if (!name_start)
+	{
+	  free(packet);
+	  return STAT_BOGUS;
+	}
+
       m = dnssec_generate_query(header, ((char *) header) + 65536, name_start, class, T_DS, &server->addr);
       
       /* We rely on the question section coming back unchanged, ensure it is with the hash. */
-- 
cgit v1.2.1