rec: Copy the negative cache entry before validating it #9251
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Short description
Otherwise, in the unlikely case that:
we might trigger a heap-based use-after-free (read), possibly leading to a crash if the memory has been reused already.
This PR is composed of a first commit doing exactly that, and only that. IMHO this is what we will want to backport to 4.3.x and 4.2.x to keep the change small.
The second commit basically reverts the change introduced in 4.2 (28364e4) to prevent a copy when retrieving entries from the negative cache. That seemed like a good idea at the time, but the resulting interface is too brittle. It requires not keeping the pointer around if there is any chance that we could yield by going to the network, which is hard to keep track of in the recursor.
Checklist
I have: