Bug 528 - Segfault with non-recursive query on stub-zone (via allow_snoop)
Segfault with non-recursive query on stub-zone (via allow_snoop)
Status: RESOLVED FIXED
Product: unbound
Classification: Unclassified
Component: server
1.4.17
i386 Linux
: P5 major
Assigned To: unbound team
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-10-18 22:56 CEST by Pieter Ennes
Modified: 2013-10-22 14:22 CEST (History)
1 user (show)

See Also:


Attachments
unbound.log (2.23 KB, text/x-log)
2013-10-18 22:56 CEST, Pieter Ennes
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Pieter Ennes 2013-10-18 22:56:26 CEST
Created attachment 239 [details]
unbound.log

I see a segfault on Debian 7.0 (Unbound 1.4.17):

Oct 18 22:48:01 pooh kernel: [43090.846666] unbound[8298]: segfault at c ip 080a9398 sp bf964830 error 4 in unbound[8048000+b3000]

when issuing a non-recursive query:

  $ dig -4 +norecurse test.com._tldns.dnsben.ch PTR @1.2.3.4

  ; <<>> DiG 9.9.2-P1 <<>> -4 +norecurse test.com._tldns.dnsben.ch PTR @1.2.3.4
  ;; global options: +cmd
  ;; connection timed out; no servers could be reached

to Unbound when using the following config:

server:
        access-control: 0.0.0.0/0 allow_snoop

        # allow only our zone
        local-zone: "." deny
        local-zone: "_tldns.dnsben.ch." transparent

stub-zone:
        name: "_tldns.dnsben.ch"
        stub-addr: 127.0.0.1@53053
        stub-prime: no
        stub-first: no

The segfault is NOT seen when either changing:

- the stub-zone to a similar forward-zone
- the query flags to include RD
- allow_snoop to allow (which then correctly returns REFUSED)

Log is attached, I can email the entire config privately if needed.
Comment 1 Yuri Schaeffer 2013-10-22 14:22:26 CEST
Thank you for reporting. The bug has been fixed in svn r2994 and will be part of next release. As a workaround you can set Unbound's loglevel <= 2.