-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Robert,
1. Fixed already in the current ldns and unbound packages. 2. This is a bug in ldns, fixed in libldns. 3. But this does work? There is an error from libunbound, not a DNS error, and this prints out as 'syntax error'. Best regards, Wouter On 02/01/2010 08:40 PM, Robert Edmonds wrote: > FYI: a bug report from a user. i have not been able to reproduce the > issues. > > ----- Forwarded message from Hannah Schroeter <[email protected]> ----- > > Date: Mon, 01 Feb 2010 16:44:13 +0100 > From: Hannah Schroeter <[email protected]> > To: Debian Bug Tracking System <[email protected]> > Subject: Bug#567976: libunbound-dev: libunbound crashes when trying to > resolve syntactically > invalid domain names > X-Mailer: reportbug 4.10.2 > Message-ID: <[email protected]> > > Package: libunbound-dev > Version: 1.0.2-1+lenny1 > Severity: important > > > This is in fact a bug with two facets: > > 1. If I try to resolve a domain such as > aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.com > (That's *64* times the letter a) > using ub_resolve_async, libunbound crashes (Segmentation fault in the > asynchronous resolver thread). This does *not* occur with the > synchronous API ub_resolve. > This particular issue seems to be fixed in the more current > version of libunbound such as that shipped with Debian unstable. > Maybe it might be warranted to backport a bugfix. > > 2. If I try to resolve a domain such as > aa.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa > (That's 64 times the letter a in the *last* label of the domain name!), > libunbound crashes with *both* the asynchronous API ub_resolve_async, > *and* the synchronous API ub_resolve. So one can reproduce *this* > problem with unbound-host, too! This issue probably stems from a different > source than issue 1, namely a missing validation in the underlying > ldns code. I believe this issue is *not* fixed even in the current > ldns subversion trunk, as checked now (2010-02-01 16:17 +0100). > > 3. Another issue that's in upstream code is: *If* the upstream library > checks for syntax correctly (or rather semi-correctly, that is in > unbound 1.4.1, as included in Debian unstable, which fixed issue 1), > the caller can't distinguish that error from other errors because > the error codes aren't exposed in the unbound library interface. > So the caller can't decide whether the issue was a temporary problem, > like for example being short of memory, or a permanent problem like > wrong domain syntax. > > -- System Information: > Debian Release: squeeze/sid > APT prefers unstable > APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, > 'experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 2.6.32-trunk-amd64 (SMP w/2 CPU cores) > Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) > Shell: /bin/sh linked to /bin/bash > > Versions of packages libunbound-dev depends on: > ii libunbound0 1.0.2-1+lenny1 library implementing DNS > resolutio > > libunbound-dev recommends no packages. > > libunbound-dev suggests no packages. > > -- no debconf information > > > > ----- End forwarded message ----- > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAktz14oACgkQkDLqNwOhpPiUEACfYDFlZWG0pNQeQllodLc9esvt wgUAmwbdFL+1MP2zpFqz45FA8CRFniA8 =Sk7A -----END PGP SIGNATURE----- _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
