[Dnsmasq-discuss] [BUG] dnsmasq rewriting NXDOMAIN to NOERROR
Simon Kelley
simon at thekelleys.org.uk
Mon Jul 5 20:06:00 UTC 2021
On 05/07/2021 16:53, Dominik DL6ER wrote:
> Hey Simon,
>
> the current dnsmasq master version contains a bug rewriting all
> NXDOMAIN replies from upstream with NOERROR.
>
> The error has been introduced in commit
> d0ae3f5a4dc094e8fe2a3c607028c1c59f42f473 (see attached diff) and is
> ultimately caused by
>
>> lookup_domain(daemon->namebuff, F_CONFIG, NULL, NULL)
>
> at line 668/669 returning 1 when it shouldn't.
>
> How to reproduce:
>
> 1. Start dnsmasq
> 2. Query a non-existing domain such as "google.comxxx".
>
> dnsmasq 6860cf932baeaf1c2f09c2a58e38be189ae394de (and older) replies
> with NXDOMAN (as expected)
> dnsmasq d0ae3f5a4dc094e8fe2a3c607028c1c59f42f473 (and newer) replies
> incorrectly with NOERROR and sets the AA bit.
>
> Let me know if you need any further information.
>
Nice catch, thanks. I believe that
df25f204ba822c9c00bc9372c85da58e9aff6e86
should fix this.
Cheers,
Simon.
More information about the Dnsmasq-discuss
mailing list