Bug 528 - Segfault with non-recursive query on stub-zone (via allow_snoop)
Segfault with non-recursive query on stub-zone (via allow_snoop)
Product: unbound
Classification: Unclassified
Component: server
i386 Linux
: P5 major
Assigned To: unbound team
Depends on:
  Show dependency treegraph
Reported: 2013-10-18 22:56 CEST by Pieter Ennes
Modified: 2013-10-22 14:22 CEST (History)
1 user (show)

See Also:

unbound.log (2.23 KB, text/x-log)
2013-10-18 22:56 CEST, Pieter Ennes

Note You need to log in before you can comment on or make changes to this bug.
Description Pieter Ennes 2013-10-18 22:56:26 CEST
Created attachment 239 [details]

I see a segfault on Debian 7.0 (Unbound 1.4.17):

Oct 18 22:48:01 pooh kernel: [43090.846666] unbound[8298]: segfault at c ip 080a9398 sp bf964830 error 4 in unbound[8048000+b3000]

when issuing a non-recursive query:

  $ dig -4 +norecurse test.com._tldns.dnsben.ch PTR @

  ; <<>> DiG 9.9.2-P1 <<>> -4 +norecurse test.com._tldns.dnsben.ch PTR @
  ;; global options: +cmd
  ;; connection timed out; no servers could be reached

to Unbound when using the following config:

        access-control: allow_snoop

        # allow only our zone
        local-zone: "." deny
        local-zone: "_tldns.dnsben.ch." transparent

        name: "_tldns.dnsben.ch"
        stub-prime: no
        stub-first: no

The segfault is NOT seen when either changing:

- the stub-zone to a similar forward-zone
- the query flags to include RD
- allow_snoop to allow (which then correctly returns REFUSED)

Log is attached, I can email the entire config privately if needed.
Comment 1 Yuri Schaeffer 2013-10-22 14:22:26 CEST
Thank you for reporting. The bug has been fixed in svn r2994 and will be part of next release. As a workaround you can set Unbound's loglevel <= 2.