[Dnsmasq-discuss] DNSSEC validation causes SIGSEGV by strcpy from 0x0

Simon Kelley simon at thekelleys.org.uk
Wed Mar 26 12:27:25 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 25/03/14 23:03, Alex Xu wrote:

>> 
> 
> Poor wording on my part. I meant that `dig isc.org @74.82.42.42
> +dnssec` returns no results, but `dig isc.org rrsig @74.82.42.42`
> does.
> 

That's no good as an upstream server: you need the RRSIGs in the
answer, which is what a DNS server with DNSSEC support does.
(Otherwise, every query which got an answer without RRSIGS would need
another query to see if they exist or not, that would be very slow.)#

I just pushed the fix to your crash bug.


Cheers,


Simon.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlMyx6QACgkQKPyGmiibgrdOkgCePbTDGLF8v9/YwdoYVlhtWYnV
TiMAnjDe5BCS7kfEpKfF82Isbe96pu+t
=w/Uj
-----END PGP SIGNATURE-----



More information about the Dnsmasq-discuss mailing list