3126. [security] Using DNAME record to generate replacements caused

RPZ to exit with a assertion failure. [RT #23766]

bin/tests/system/rpz/test1

@@ -12,13 +12,19 @@
 ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 ; PERFORMANCE OF THIS SOFTWARE.
 
-; $Id: test1,v 1.4 2011/01/13 19:30:41 each Exp $
+; $Id: test1,v 1.4.8.1 2011/06/09 03:14:04 marka Exp $
 
 
 server 10.53.0.3 5300
 
+; NXDOMAIN
 update add  a0-1.tld2.bl.	300 CNAME .
-update add  a3-1.tld2.bl.	300 CNAME *.
+
+; NODATA
+update add  a1-1.tld2.bl.	300 CNAME *.
+;	and no assert-botch
+update add  a1-2.tld2.bl.	300 DNAME example.com.
+
 update add  *.sub1.tld2.bl.	300 A 12.12.12.12
 
 send

bin/tests/system/rpz/tests.sh

@@ -12,7 +12,7 @@
 # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 # PERFORMANCE OF THIS SOFTWARE.
 
-# $Id: tests.sh,v 1.3.8.2 2011/06/09 00:53:55 marka Exp $
+# $Id: tests.sh,v 1.3.8.3 2011/06/09 03:14:04 marka Exp $
 
 # test response policy zones (RPZ)
 
@@ -152,7 +152,9 @@ status=0
 
 start_test "RPZ QNAME rewrites" test1
 nxdomain a0-1.tld2
-nodata a3-1.tld2
+nodata a1-1.tld2
+nodata a1-2.tld2
+nodata sub.a1-2.tld2
 a12 a4-1.sub1.tld2
 end_test
 
@@ -266,6 +268,7 @@ if [ $ret != 0 ]; then
 fi
 status=`expr $status + $ret`
 
+
 if test "$status" -eq 0; then
     rm -f dig.out*
 fi