From dde7e5daf786ca2a5133f0f8f492a3a617d2e54a Mon Sep 17 00:00:00 2001
From: Tom Limoncelli <tlimoncelli@stackoverflow.com>
Date: Wed, 1 Mar 2023 10:15:41 -0500
Subject: [PATCH] FEATURE: Detect simple CNAME loops (#2112)

---
 pkg/normalize/validate.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pkg/normalize/validate.go b/pkg/normalize/validate.go
index 9a77ced65..4111940fc 100644
--- a/pkg/normalize/validate.go
+++ b/pkg/normalize/validate.go
@@ -187,6 +187,11 @@ func checkTargets(rec *models.RecordConfig, domain string) (errs []error) {
 		if label == "@" {
 			check(fmt.Errorf("cannot create CNAME record for bare domain"))
 		}
+		labelFQDN := dnsutil.AddOrigin(label, domain)
+		targetFQDN := dnsutil.AddOrigin(target, domain)
+		if labelFQDN == targetFQDN {
+			check(fmt.Errorf("CNAME loop (target points at itself)"))
+		}
 	case "MX":
 		check(checkTarget(target))
 	case "NAPTR":