From dbd86cb6d2478aad99f8127009944e9c47ef8463 Mon Sep 17 00:00:00 2001 From: Aram Sargsyan Date: Mon, 23 Mar 2026 15:15:18 +0000 Subject: [PATCH] Allow empty APL records Allow empty APL records because RFC 3123 (Section 4) says "zero or more items". This fixes processing of a catalog zone ACL (which is based on APL records) when the zone contains an empty APL record or when a zone update arrives which creates an empty APL record. (cherry picked from commit 35b8af229e82291fd635225ac45f853e7190f8b7) --- lib/dns/rdata/in_1/apl_42.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/dns/rdata/in_1/apl_42.c b/lib/dns/rdata/in_1/apl_42.c index 67c021062b..ee33fa5c57 100644 --- a/lib/dns/rdata/in_1/apl_42.c +++ b/lib/dns/rdata/in_1/apl_42.c @@ -327,7 +327,7 @@ dns_rdata_apl_first(dns_rdata_in_apl_t *apl) { /* * If no APL return ISC_R_NOMORE. */ - if (apl->apl == NULL) { + if (apl->apl == NULL || apl->apl_len == 0) { return ISC_R_NOMORE; }