Mantis Bugtracker

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0000003 [MyDNS-NG] Global minor always 2008-02-13 17:27 2008-02-20 10:06
Reporter mluich View Status public  
Assigned To howardwilkinson
Priority normal Resolution fixed  
Status closed   Product Version Trunk
Summary 0000003: Large TXT Field crash's mydns
Description create a TXT field with a large amount of data, 256 is enough.

run a dig against the field. Mydns will crash with the attached errors.
dig @localhost smg.example.tld TXT


+----+------+------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----+-------+------+
| id | zone | name | data | aux | ttl | type |
+----+------+------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----+-------+------+
| 9 | 1 | smg | 0629923744934100403592108692821018325695277948552343020704819002409806642382603112274888696724163662580078038999538030276979471114134034304826832009530229492153860600520022803076297046700817121980799158081170413737727245903020650644230103892597221694240918 | 0 | 86400 | TXT |
+----+------+------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----+-------+------+
Additional Information [root@mluich ~]# /usr/local/sbin/mydns -v
mydns[12198]: mydns 1.2.6 started Wed Feb 13 12:18:43 2008 (listening on 3 addresses)
*** glibc detected *** /usr/local/sbin/mydns: realloc(): invalid next size: 0x0a026ab8 ***
======= Backtrace: =========
/lib/libc.so.6[0x72b6ff]
/lib/libc.so.6(realloc+0x1a7)[0x72d3f7]
/usr/local/sbin/mydns[0x8059e67]
======= Memory map: ========
mydns[12198]: pid 12201 exited due to signal 6
mydns[12198]: pid 12201 died
mydns[12198]: 13-Feb-2008 12:18:47+728500 #0 0 UDP Address Unknown 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[12198]: pid 0 exited due to signal 6
*** glibc detected *** /usr/local/sbin/mydns: realloc(): invalid next size: 0x0a026ab8 ***
======= Backtrace: =========
/lib/libc.so.6[0x72b6ff]
/lib/libc.so.6(realloc+0x1a7)[0x72d3f7]
/usr/local/sbin/mydns[0x8059e67]
======= Memory map: ========
mydns[12198]: pid 12204 exited due to signal 6
mydns[12198]: pid 12204 died
mydns[12198]: 13-Feb-2008 12:18:52+726663 0000001 0 UDP Address Unknown 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[12198]: pid 0 exited due to signal 6
*** glibc detected *** /usr/local/sbin/mydns: realloc(): invalid next size: 0x0a026ab8 ***
======= Backtrace: =========
/lib/libc.so.6[0x72b6ff]
/lib/libc.so.6(realloc+0x1a7)[0x72d3f7]
/usr/local/sbin/mydns[0x8059e67]
======= Memory map: ========
mydns[12198]: pid 12210 exited due to signal 6
mydns[12198]: pid 12210 died
mydns[12198]: 13-Feb-2008 12:18:57+727639 0000002 0 UDP Address Unknown 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[12198]: pid 0 exited due to signal 6
                                             
Tags No tags attached.
Attached Files

- Relationships

-  Notes
(0000004)
howardwilkinson (administrator)
2008-02-16 12:56

This is obviously a coding error ;-( However, a TXT field cannot contain a single string of greater than 255 characters according to the standards. So I will put in place a check to ignore records that break this rule and add an error status to the checking code.

I have also put an arbitrary limit of 2048 characters on the entire TXT record. So you can have at most 8 strings of 255 characters in the record.

Will be fixed with release 1.2.7!
(0000008)
jorge (administrator)
2008-02-19 17:16

Howard, can this be closed sinse you announced it's fix to the mailing list?
(0000009)
howardwilkinson (administrator)
2008-02-20 10:05

1.2.7 SHOULD fix this so I am closing this entry.
(0000010)
howardwilkinson (administrator)
2008-02-20 10:06

Use the new edata column to set data beyond that held in the widht of the data column.

TXT is now limited to 255 characters per element and 2048 characters in total

- Issue History
Date Modified Username Field Change
2008-02-13 17:27 mluich New Issue
2008-02-13 19:16 jorge Issue Monitored: jorge
2008-02-16 12:56 howardwilkinson Note Added: 0000004
2008-02-16 12:56 howardwilkinson Status new => assigned
2008-02-16 12:56 howardwilkinson Assigned To => howardwilkinson
2008-02-19 17:16 jorge Note Added: 0000008
2008-02-20 10:05 howardwilkinson Note Added: 0000009
2008-02-20 10:06 howardwilkinson Status assigned => closed
2008-02-20 10:06 howardwilkinson Note Added: 0000010
2008-02-20 10:06 howardwilkinson Resolution open => fixed
2008-02-20 10:06 howardwilkinson Fixed in Version => 1.2.7


Mantis 1.1.6[^]
Copyright © 2000 - 2008 Mantis Group
Powered by Mantis Bugtracker