[Dnsmasq-discuss] Got bad packet: bad compression pointer

Dave Taht dave.taht at gmail.com
Wed Jan 18 20:49:17 GMT 2017


The offputting part of your outline of what to check for was "some
hairy pointer code". :) I'm in the middle of some crash bugs
elsewhere, and I didn't realize how fast I could get you data without
thinking about the "hairy" parts.


dnssec and dnssec-check-unsigned are enabled, and I'm using cachesize
9999 (what's the limit nowadays?)

I put packet captures of the external interface on the router (comcast
upstream) and captures taken at the client, a log, and conf file,
here:

http://www.taht.net/~d/dnssecbug/

Basically hammering on nslookup for the two internal and internal
captures there.

Hammering on "dig" later, I was unable to trigger it on A, or AAAA
requests. Was able to easily trigger it on a MX request.

flent-freemont does not exist, btw. Flent-fremont, does. It will go
boom on both.



root at dancer:~/dnssecbug# dig flent-freemont.bufferbloat.net MX
;; Got bad packet: bad compression pointer
123 bytes
a5 c9 81 a0 00 01 00 00 00 01 00 01 0e 66 6c 65          .............fle
6e 74 2d 66 72 65 65 6d 6f 6e 74 0b 62 75 66 66          nt-freemont.buff
65 72 62 6c 6f 61 74 03 6e 65 74 00 00 0f 00 01          erbloat.net.....
c0 1b 00 06 00 01 00 00 0e 10 00 34 06 61 72 6e          ...........4.arn
6f 6c 64 02 6e 73 0a 63 6c 6f 75 64 66 6c 61 72          old.ns.cloudflar
65 03 63 6f 6d 00 03 64 6e 73 c0 eb 78 9d d7 47          e.com..dns..x..G
00 00 27 10 00 00 09 60 00 09 3a 80 00 00 0e 10          ..'....`..:.....
00 00 29 02 00 00 00 00 00 00 00                         ..)........
root at dancer:~/dnssecbug# dig flent-freemont.bufferbloat.net MX

; <<>> DiG 9.10.3-P4-Ubuntu <<>> flent-freemont.bufferbloat.net MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34631
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;flent-freemont.bufferbloat.net.    IN    MX

;; AUTHORITY SECTION:
bufferbloat.net.    3600    IN    SOA    arnold.ns.cloudflare.com.
dns.cloudflare.com. 2023610183 10000 2400 604800 3600

;; Query time: 72 msec
;; SERVER: 172.26.16.1#53(172.26.16.1)
;; WHEN: Wed Jan 18 12:42:02 PST 2017
;; MSG SIZE  rcvd: 123



On Wed, Jan 18, 2017 at 12:01 PM, Dave Taht <dave.taht at gmail.com> wrote:
> On Wed, Jan 18, 2017 at 11:48 AM, Simon Kelley <simon at thekelleys.org.uk> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>> I won't have access to a MIPS system 'till the weekend.
>>
>> I assume you're using the git head code?
>
> No. Lede-project head. package claims to be dnsmasq-2.76-6. libc is musl.
>
> Box under test was an archer c7v2. Can go try a few other mips boxes
> like the wndr3800, but I've seen it there too. The arm box (that is
> working) is an linksys-1200ac. (overall it's looking like a fine
> release of lede)....
>
>> Did you manage to see a dump of the upstream reply?
>
> Not yet. I'll touch bases with you later in the week.
>
>>
>>
>> Simon.
>>
>>
>>
>> On 18/01/17 07:31, Dave Taht wrote:
>>> so far I can only make it happen on mips. Doesn't happen on arm.
>>> Haven't tried harder yet.
>>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v2.0.22 (GNU/Linux)
>>
>> iQIcBAEBCAAGBQJYf8aDAAoJEBXN2mrhkTWiN9UP/2E9D6j/nd3RsubzHgZSvzB/
>> CJPNyk32jnAqZdIa9D3DOH2L9gN5GyBiAtv4iCz5KuzDnB9twBtQWOdzde5sZWWd
>> 4t8tSsvJkr0pRZhhRQKelF2oW0k7Y0UM4mD90ZoabX9ytQG4ceTFkHKlwwPLvvTc
>> Osh9RmCpX1tsJoE/y+lMpEdT+GlhOe4z2Z9FZlTN7ke/uO9nIarekSIvnxgOnyac
>> vrHvgnjyyEHbfr0BNaupdwZz9d/dVABYkFTDUk4dg4tn6MW99AsbD2DaL9alx8U/
>> MsvbFarQe/w8fJkmBJOThWkLMvpO1854XAysc8/m5ldIEwcV4Yge29nYrmDhn9kH
>> Evo7wbKSH4AYGskYTiWnssczu1RhQOX9jCD31gv5CVOeTY4Dt7NR3WFCsAH2RYpR
>> jcstckC5R1fqfKtQt9B0l2SWmmLukRcMbGM1hiJbqGrZcb++gZ2RYl80AD0iQhkD
>> GjLNQAUKwlDwzB7JYXX+Fn0AVvP/G4qrmYBFlcxloddtrCiNqu4icTYIAb1zv0Lo
>> opM+0fFcfg1PPPobTQ7FLJQR/uAO93MWZJ43Ht90YEdk6aaBCf7Ego1fU0G6TjCV
>> iphmOqvhs96GFfhaBMYwFxvHb1tHNDT+Xzlsvkvk+S8SKyhNOg5GJOL2Dz78vlB/
>> fcImILW4vRf4rIkMDZKL
>> =kPYg
>> -----END PGP SIGNATURE-----
>
>
>
> --
> Dave Täht
> Let's go make home routers and wifi faster! With better software!
> http://blog.cerowrt.org



-- 
Dave Täht
Let's go make home routers and wifi faster! With better software!
http://blog.cerowrt.org



More information about the Dnsmasq-discuss mailing list