FYI: a bug report from a user. i have not been able to reproduce the issues.
----- Forwarded message from Hannah Schroeter <[email protected]> ----- Date: Mon, 01 Feb 2010 16:44:13 +0100 From: Hannah Schroeter <[email protected]> To: Debian Bug Tracking System <[email protected]> Subject: Bug#567976: libunbound-dev: libunbound crashes when trying to resolve syntactically invalid domain names X-Mailer: reportbug 4.10.2 Message-ID: <[email protected]> Package: libunbound-dev Version: 1.0.2-1+lenny1 Severity: important This is in fact a bug with two facets: 1. If I try to resolve a domain such as aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.com (That's *64* times the letter a) using ub_resolve_async, libunbound crashes (Segmentation fault in the asynchronous resolver thread). This does *not* occur with the synchronous API ub_resolve. This particular issue seems to be fixed in the more current version of libunbound such as that shipped with Debian unstable. Maybe it might be warranted to backport a bugfix. 2. If I try to resolve a domain such as aa.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa (That's 64 times the letter a in the *last* label of the domain name!), libunbound crashes with *both* the asynchronous API ub_resolve_async, *and* the synchronous API ub_resolve. So one can reproduce *this* problem with unbound-host, too! This issue probably stems from a different source than issue 1, namely a missing validation in the underlying ldns code. I believe this issue is *not* fixed even in the current ldns subversion trunk, as checked now (2010-02-01 16:17 +0100). 3. Another issue that's in upstream code is: *If* the upstream library checks for syntax correctly (or rather semi-correctly, that is in unbound 1.4.1, as included in Debian unstable, which fixed issue 1), the caller can't distinguish that error from other errors because the error codes aren't exposed in the unbound library interface. So the caller can't decide whether the issue was a temporary problem, like for example being short of memory, or a permanent problem like wrong domain syntax. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-trunk-amd64 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages libunbound-dev depends on: ii libunbound0 1.0.2-1+lenny1 library implementing DNS resolutio libunbound-dev recommends no packages. libunbound-dev suggests no packages. -- no debconf information ----- End forwarded message ----- -- Robert Edmonds [email protected] _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
