[Dnsmasq-discuss] reproducible segmentation fault - bisected!
Christian Kujau
lists at nerdbynature.de
Sun Aug 27 08:18:39 BST 2017
OK, so I should have done this in the first place and used git bisect to
find out which commit in Dnsmasq introduced this behaviour:
fa78573778cb23337f67f5d0c9de723169919047 is the first bad commit
commit fa78573778cb23337f67f5d0c9de723169919047
Author: Simon Kelley <simon at thekelleys.org.uk>
Date: Fri Jul 22 20:56:01 2016 +0100
Zero packet buffers before building output, to reduce risk
of information leakage.
The whole commit cannot be reverted cleanly now, but in my case reverting
only the change to src/rfc1035.c did the trick (as it appears to have have
a problem there, see the GDB dump[0]). I've attached a patch as a
temporary (!) workaround to this email.
However, commenting out this section is clearly not the correct solution,
maybe somebody can have another look on what this routine was supposed to
do here and try again.
For completeness' sake, I was curious to see what exactly dnseval[1] was
sending to Dnsmasq and why it would crash the dnsmasq process in the
first place. So, this dnseval thingy is a Python script and in commit
efeccef[2] ("Fix text alignment") they not only changed the "text anlignment"
but switched to sending EDNS queries too. Their ENDS routine was later
modified again and its current version (v1.6.3) doesn't make dnsmasq crash
- but their v1.4.0 does and that's the version that made it to the Debian
distribution :-\
Thanks for listening,
Christian.
[0] https://paste.fedoraproject.org/paste/awbvnGEvj57ru1TtAuA3ag
[1] https://github.com/farrokhi/dnsdiag/blob/master/dnseval.py
[2] https://github.com/farrokhi/dnsdiag/commit/efeccef
--
BOFH excuse #72:
Satan did it
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: dnsmasq_rfc1035.diff.txt
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20170827/dc9d61ba/attachment.txt>
More information about the Dnsmasq-discuss
mailing list