Pre-Submission Checklist

• Commit message has the format required by CONTRIBUTING guide
• Commits are split per component (core, individual modules, libs, utils, ...)
• Each component has a single commit (if not, squash them into one commit)
• No commits to README files for modules (changes must be done to docbook files
  in doc/ subfolder, the README file is autogenerated)

Type Of Change

• Small bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds new functionality)
• Breaking change (fix or feature that would change existing functionality)

Checklist:

• PR should be backported to stable branches
• Tested changes locally
• Related to issue #XXXX (replace XXXX with an open issue number)

Description

When dns_use_search_list=1 (the default), get_record() may prepend a "fake CNAME" record to map short hostnames to their expanded form. The DMQ module's get_dmq_host_list() function was iterating through all returned records and casting rdata to struct a_rdata * without checking the record type. This caused CNAME record data (hostname bytes) to be interpreted as IP address bytes, resulting in bogus IP addresses.

For example, a hostname containing .ord would produce the IP 43.111.114.100 (the ASCII bytes +ord = 0x2B 0x6F 0x72 0x64).

This has been tested and fixed with Kamailio 6.0.x, backported also to master.

Fix

Add a type check to skip non-A records in the iteration loop:

if(prec->type != T_A) {
    continue;
}

Affected Environments

This bug affects Kamailio deployments using the following setup:

• DMQ module with dmq_notification_address containing partial hostnames
• DNS search lists (common in Kubernetes environments)
• Default dns_use_search_list=1 setting

Workarounds

Before this fix, users could work around the issue by:

• Using fully qualified domain names in dmq_notification_address
• Setting dns_use_search_list=0 in kamailio.cfg