From eb72ff6d8a2f32ffc55f9e4e37b0a30be36570b2 Mon Sep 17 00:00:00 2001
From: Franco Fichtner <franco@opnsense.org>
Date: Mon, 2 Aug 2021 09:53:58 +0200
Subject: [PATCH] unbound: reject invalid cache data

---
 src/opnsense/scripts/unbound/cache.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/opnsense/scripts/unbound/cache.sh b/src/opnsense/scripts/unbound/cache.sh
index faed4b3c6..17aa355bc 100755
--- a/src/opnsense/scripts/unbound/cache.sh
+++ b/src/opnsense/scripts/unbound/cache.sh
@@ -31,6 +31,11 @@ UNBOUNDCTL="/usr/local/sbin/unbound-control -c /var/unbound/unbound.conf"
 CACHE="/var/unbound/cache.dump.gz"
 COMMAND=${1}
 
+if [ -f ${CACHE} -a "$(zcat ${CACHE} | wc -l | awk '{ print $1 }')" = "0" ]; then
+	# purge invalid data
+	COMMAND=flush
+fi
+
 if [ "${COMMAND}" = "dump" ]; then
 	${UNBOUNDCTL} dump_cache | gzip > ${CACHE}
 elif [ "${COMMAND}" = "load" -a -f "${CACHE}" ]; then