plugin/cache: Fix cache poisoning exploit (#5174)

plugin/cache/item.go

@@ -1,14 +1,18 @@
 package cache
 
 import (
+	"strings"
 	"time"
 
 	"github.com/coredns/coredns/plugin/cache/freq"
+	"github.com/coredns/coredns/request"
 
 	"github.com/miekg/dns"
 )
 
 type item struct {
+	Name               string
+	QType              uint16
 	Rcode              int
 	AuthenticatedData  bool
 	RecursionAvailable bool
@@ -24,6 +28,10 @@ type item struct {
 
 func newItem(m *dns.Msg, now time.Time, d time.Duration) *item {
 	i := new(item)
+	if len(m.Question) != 0 {
+		i.Name = m.Question[0].Name
+		i.QType = m.Question[0].Qtype
+	}
 	i.Rcode = m.Rcode
 	i.AuthenticatedData = m.AuthenticatedData
 	i.RecursionAvailable = m.RecursionAvailable
@@ -87,3 +95,10 @@ func (i *item) ttl(now time.Time) int {
 	ttl := int(i.origTTL) - int(now.UTC().Sub(i.stored).Seconds())
 	return ttl
 }
+
+func (i *item) matches(state request.Request) bool {
+	if state.QType() == i.QType && strings.EqualFold(state.QName(), i.Name) {
+		return true
+	}
+	return false
+}