[Unbound-users] [hannah at schlund.de: Bug#567976: libunbound-dev: libunbound crashes when trying to resolve syntactically invalid domain names]
edmonds at debian.org
Mon Feb 1 19:40:51 UTC 2010
FYI: a bug report from a user. i have not been able to reproduce the
----- Forwarded message from Hannah Schroeter <hannah at schlund.de> -----
Date: Mon, 01 Feb 2010 16:44:13 +0100
From: Hannah Schroeter <hannah at schlund.de>
To: Debian Bug Tracking System <submit at bugs.debian.org>
Subject: Bug#567976: libunbound-dev: libunbound crashes when trying to resolve syntactically
invalid domain names
X-Mailer: reportbug 4.10.2
Message-ID: <20100201154413.7394.40602.reportbug at c3po.ue.schlund.de>
This is in fact a bug with two facets:
1. If I try to resolve a domain such as
(That's *64* times the letter a)
using ub_resolve_async, libunbound crashes (Segmentation fault in the
asynchronous resolver thread). This does *not* occur with the
synchronous API ub_resolve.
This particular issue seems to be fixed in the more current
version of libunbound such as that shipped with Debian unstable.
Maybe it might be warranted to backport a bugfix.
2. If I try to resolve a domain such as
(That's 64 times the letter a in the *last* label of the domain name!),
libunbound crashes with *both* the asynchronous API ub_resolve_async,
*and* the synchronous API ub_resolve. So one can reproduce *this*
problem with unbound-host, too! This issue probably stems from a different
source than issue 1, namely a missing validation in the underlying
ldns code. I believe this issue is *not* fixed even in the current
ldns subversion trunk, as checked now (2010-02-01 16:17 +0100).
3. Another issue that's in upstream code is: *If* the upstream library
checks for syntax correctly (or rather semi-correctly, that is in
unbound 1.4.1, as included in Debian unstable, which fixed issue 1),
the caller can't distinguish that error from other errors because
the error codes aren't exposed in the unbound library interface.
So the caller can't decide whether the issue was a temporary problem,
like for example being short of memory, or a permanent problem like
wrong domain syntax.
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-trunk-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages libunbound-dev depends on:
ii libunbound0 1.0.2-1+lenny1 library implementing DNS resolutio
libunbound-dev recommends no packages.
libunbound-dev suggests no packages.
-- no debconf information
----- End forwarded message -----
edmonds at debian.org
More information about the Unbound-users