auth-zone leads to segfaults

Wed Aug 15 09:33:41 UTC 2018

Hi Simon,


On 14/08/18 23:59, Simon Deziel via Unbound-users wrote:
> Hi *,
>
> When using the auth-zone feature, unbound 1.7.3 crashes when trying to
> XFR one of my private zone. Other zones are OK. I've attached the
> aggregated config, the gdb full backtrace and the verb 4 logs. If
> needed, I could also share the private zone via direct email.

Thank you for the debug information.  The read and reorder of RRSIGs
failed. Patch below and fix is in the code repository.

If the problem persists, please report what happens with the patch
enabled.  That certainly fixes a problem in that part of the code.

Best regards, Wouter


Index: services/authzone.c
===================================================================

--- services/authzone.c  (revision 4851)
+++ services/authzone.c  (working copy)
@@ -1014,7 +1014,8 @@
         }
         /* copy base values */
         memcpy(sigd, sigold, sizeof(struct packed_rrset_data));
-        sigd->rrsig_count -= sigs;
+        /* in sigd the RRSIGs are stored in the base of the RR, in count */
+        sigd->count -= sigs;
         /* setup rr_len */
         sigd->rr_len = (size_t*)((uint8_t*)sigd +
                 sizeof(struct packed_rrset_data));


>
> Regards,
> Simon

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20180815/dbc5f09c/attachment.bin>
