More fixes to the internal SPF implementation:

* In opendmarc_spf_reverse(), fix a typo that caused the string to be flipped
  on the wrong delimiter (i.e., not flipped at all), which fixes the "ptr"
  mechanism's subdomain testing.
* In opendmarc_spf_dns_lookup_a(), handle the return values of the lookup
  functions appropriately.  This plugs a memory leak and resolves some
  false negatives.

libopendmarc/opendmarc_spf.c

@@ -547,7 +547,7 @@ opendmarc_spf_reverse(char *str, char *buf, size_t buflen)
 
 	dotp = strchr(dupe, '.');
 	if (dotp != NULL)
-		dotorcolon = ',';
+		dotorcolon = '.';
 	else
 	{
 		dotp = strchr(dupe, ':');

libopendmarc/opendmarc_spf_dns.c

@@ -219,21 +219,35 @@ opendmarc_spf_dns_lookup_a_actual(char *domain, int sought, char **ary, int *cnt
 **	cnt		-- Pointer to count of lines in array
 ** Returns:
 **	ary	-- on success
-**	NULL	-- otherise, and place the h_errno error into reply
+**	NULL	-- otherwise, and place the h_errno error into reply
 ** Side Effects:
 **	Makes a connection to the local name server and blocks
 **	waiting for a reply.
 ***************************************************************************************************/
 char **
 opendmarc_spf_dns_lookup_a(char *domain, char **ary, int *cnt)
 {
-	char **retp;
+	bool found = FALSE;
+	char **a_retp;
+	char **aaaa_retp;
+
+	a_retp = opendmarc_spf_dns_lookup_a_actual(domain, T_A, ary, cnt); 
+	if (a_retp != (char **) NULL)
+	{
+		ary = a_retp;
+		found = TRUE;
+	}
 
-	retp = opendmarc_spf_dns_lookup_a_actual(domain, T_A, ary, cnt); 
 #ifdef T_AAAA
-	retp = opendmarc_spf_dns_lookup_a_actual(domain, T_AAAA, retp, cnt);
+	aaaa_retp = opendmarc_spf_dns_lookup_a_actual(domain, T_AAAA, ary, cnt);
+	if (aaaa_retp != (char **) NULL)
+	{
+		ary = aaaa_retp;
+		found = TRUE;
+	}
 #endif /* T_AAAA */
-	return retp;
+
+	return *cnt > 0 ? ary : NULL;
 }
 
 /***************************************************************************************************