[Dnsmasq-discuss] DNSSEC validation causes SIGSEGV by strcpy from 0x0

Alex Xu alex_y_xu at yahoo.ca
Tue Mar 25 23:03:14 UTC 2014

On 25/03/14 06:59 PM, Simon Kelley wrote:
> On 25/03/14 22:46, Alex Xu wrote:
>> I am using the Firefox DNSSEC Validator addon, so perhaps that
>> queries in a peculiar fashion.
>> Dnsmasq is installed locally, only handles DNS, and has servers
>> configured through resolvconf. Servers are and
>> Note that the former is DNSSEC-compliant, whereas the latter passes
>> through DNSSEC records but does not support DNSSEC itself.
> At least from here, does not include DNSSEC records in
> answers, and is therefore not suitable for use with dnsmasq in DNSSEC
> validation mode.
> That certainly explains the observations, the answer is coming back
> unsigned, and dnsmasq (with --dnssec-check-unsigned) is searching in
> vain for DS records indicating that's OK. The bug is that it doesn't
> stop when it gets back to the root.
> I'll push some fixes for this tomorrow.
> Cheers,
> Simon.

Poor wording on my part. I meant that `dig isc.org @ +dnssec`
returns no results, but `dig isc.org rrsig @` does.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20140325/d7e5607f/attachment.sig>

More information about the Dnsmasq-discuss mailing list