[nsd-users] SIGSEGV in rbtree_find_less_equal

Jeroen Koekkoek jeroen at nlnetlabs.nl
Wed Oct 9 11:53:38 UTC 2024 

Hi Chris,

I can reproduce with your zone. Thanks!

Best,
Jeroen


On Tue, 2024-10-08 at 14:07 +0000, Chris LaVallee wrote:
> 
> Hi Jeroen,
> 
> 
> Attached is the zone I used. Did you add the record for a.bar ?
> 
> 
> Ex:
> 
> 
> a.bar   300     IN  NS      ns.somewhere.net.
> 
> 
> Chris
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> From: Jeroen Koekkoek <jeroen at nlnetlabs.nl>
> Sent: Tuesday, October 8, 2024 5:33 AM
> To: Chris LaVallee <clavallee at edg.io>; nsd-users at lists.nlnetlabs.nl
> <nsd-users at lists.nlnetlabs.nl>
> Subject: Re: [nsd-users] SIGSEGV in rbtree_find_less_equal
> 
>  
> 
> 
> Hi Chris,
> 
> I'm having trouble trying to reproduce the issue locally.
> 
> Like you I configure two zones.
> 
> zone:
>   name: example.com.
>   zonefile: example.com.zone.signed
> 
> zone:
>   name: bar.example.com.
>   zonefile: bar.example.com.zone
> 
> The file bar.example.com.zone does not exist. After touching and
> reloading the signed zone, no segfault occurs. I've tried with and
> without the "--disable-radix-tree" configure option (as the error
> occurs in the rbtree). I've also tried with example.com. being an
> NSEC
> and NSEC3 zone.
> 
> Can you provide some more details?
> 
> Best regards,
> Jeroen
> 
> 
> 
> 
> On Wed, 2024-10-02 at 14:57 +0000, Chris LaVallee via nsd-users
> wrote:
> > 
> > Hi,
> > 
> > 
> > I found a reproducible seg fault with a DNSSEC signed zone and
> > overlapping config. I'm running NSD 4.10.1. Here's how to
> > reproduce.
> > 
> > 
> > 2 zones in nsd.conf:
> > 
> > 
> > zone:
> >         name:     "foo.com."
> >         zonefile:     "/zones/foo.com.zone.signed"
> > 
> > 
> > zone:
> >         name:     "bar.foo.com."
> >         zonefile: "/zones/bar.foo.com.zone"
> > 
> > 
> > 
> > 
> > Zone files:
> > 
> > 
> > foo.com.zone.signed is DNSSEC signed with a record for a.bar (A
> > record or anything)
> > bar.foo.com.zone doesn't exist  (but it's in nsd.conf shown above)
> > 
> > 
> > 
> > 
> > Steps:
> > 1) Startup NSD
> > 2) touch foo.com.zone.signed
> > 3) reload NSD
> > 
> > 
> > 
> > 
> > nsd.log will say:
> > [2024-10-02 07:19:58.691] nsd[962739]: info: control cmd:  reload
> > [2024-10-02 07:19:58.845] nsd[962752]: error: handle_reload_cmd:
> > reload closed cmd channel
> > [2024-10-02 07:19:58.845] nsd[962752]: warning: Reload process
> > 962740
> > failed, continuing with old database
> > 
> > 
> > core dump says SIGSEGV in rbtree_find_less_equal
> > 
> > 
> > 
> > 
> > Chris LaVallee
> > Edgio (formally EdgeCast Networks)
> > 
> > 
> > 
> > 
> > _______________________________________________
> > nsd-users mailing list
> > nsd-users at lists.nlnetlabs.nl
> > https://lists.nlnetlabs.nl/mailman/listinfo/nsd-users
>

More information about the nsd-users mailing list