Unbound RPZ parsing limits (1.13.1-1)

Havard Eidnes he at uninett.no
Sat Apr 24 08:58:44 UTC 2021


> I have discovered that some long character domain names in RPZ
> file is causing Unbound to crash.

Crash or complain?

> ​Apr 23 18:35:55 unbound: [21240:0] error: parse error /zones/rpz.oisd.zone 1602:256: Domainname length overflow
...
> 111exe.yourcomputerhaveaseriousproblemcallon18662968997exe.yourcomputerhaveaseriousproblemcallon18662968997exe.yourcomputerhaveaseriousproblemcallon18662968997exe.yourcomputerhaveaseriousproblemcallon18662968997calltollfreenow.playnewgamesonline.com CNAME .

You did not specify the name of your RPZ zone.  The above domain
is a relative domain.  It is 248 characters long.  You need to
leave room for unbound to tack the current $ORIGIN at the end,
and I'm guessing there is no room to do this, causing unbound to
complain as shown.

> ​If you perform DIG on this domain it is valid and comes back NOERROR

With the caveat what is *this* domain...

Regards,

- Håvard


More information about the Unbound-users mailing list