Mantis Bugtracker

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0000045 [MyDNS-NG] Global crash have not tried 2010-02-04 21:31 2014-08-07 19:01
Reporter jasb View Status public  
Assigned To jameno123
Priority normal Resolution open  
Status assigned   Product Version 1.2.8.31
Summary 0000045: Crash when the MX record point (wrong) to a SRV record
Description When having a zone with the MX record configured as:

domain.pt. IN MX 10 mail
mail IN SRV mail.otherdomain.pt.

when querying the domain for the MX record, it crashes!
Additional Information gdb trace:

(gdb) run -c /etc/mydns.conf
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /usr/local/sbin/mydns -c /etc/mydns.conf
[Thread debugging using libthread_db enabled]
[New Thread 0xb747d6c0 (LWP 18854)]
mydns[18854]: mydns 1.2.8.30 started Thu Feb 4 21:20:21 2010 (listening on 1 address)
^C
Program received signal SIGINT, Interrupt.
[Switching to Thread 0xb747d6c0 (LWP 18854)]
0xb786a424 in __kernel_vsyscall ()
(gdb) quit
The program is running. Exit anyway? (y or n) ^[[Ay
Please answer y or n.
The program is running. Exit anyway? (y or n) y
cisne:/var/log# gdb /usr/local/sbin/mydns
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> [^]
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...
(gdb) run -c /etc/mydns.conf
Starting program: /usr/local/sbin/mydns -c /etc/mydns.conf
[Thread debugging using libthread_db enabled]
[New Thread 0xb74386c0 (LWP 18857)]
mydns[18857]: mydns 1.2.8.30 started Thu Feb 4 21:20:32 2010 (listening on 1 address)

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb74386c0 (LWP 18857)]
0xb74ac9f3 in strlen () from /lib/i686/cmov/libc.so.6
(gdb) bt
#0 0xb74ac9f3 in strlen () from /lib/i686/cmov/libc.so.6
0000001 0x0806b98e in mydns_rr_build (id=1351, zone=147, type=DNS_QTYPE_SRV, class=DNS_CLASS_IN, aux=10, ttl=86400,
    active=0x0, stamp=0x0, serial=0, name=0x9a6dd15 "mail", data=0x9a6dd1a "smtp.decimal.pt.",
    datalen=<value optimized out>, origin=0x9a699d4 "reierei.pt.") at rr.c:278
0000002 0x0806c7b1 in __mydns_rr_do_load (sqlConn=<value optimized out>, rptr=<value optimized out>,
    query=<value optimized out>, origin=0x9a699d4 "reierei.pt.") at rr.c:607
0000003 0x0806d394 in mydns_rr_load_active (sqlConn=0x99f9cb8, rptr=0xbfd14a08, zone=147, type=DNS_QTYPE_ANY,
    name=0x9a692b8 "mail", origin=0x9a699d4 "reierei.pt.") at rr.c:1002
0000004 0x0804bf62 in zone_cache_find (t=0x9a603e8, zone=147, origin=0x9a699d4 "reierei.pt.", type=DNS_QTYPE_ANY,
    name=0x9a692b8 "mail", namelen=4, errflag=0xbfd14a5c, parent=0x9a699d0) at cache.c:573
0000005 0x0804ca40 in find_rr (t=0x9a603e8, soa=0x9a699d0, type=DNS_QTYPE_ANY, name=0x9a692b8 "mail") at data.c:142
0000006 0x0805c24a in resolve (t=0x9a603e8, section=ADDITIONAL, qtype=DNS_QTYPE_A,
    fqdn=0x9a692a0 "mail.reierei.pt.", level=0) at resolve.c:303
0000007 0x0805b727 in build_reply (t=0x9a603e8, want_additional=1) at reply.c:69
0000008 0x080607f4 in task_process (t=0x9a603e8, rfd=0, wfd=0, efd=0) at task.c:834
0000009 0x08051ec3 in run_tasks (items=<value optimized out>, numfds=1) at main.c:1022
0000010 0x08052784 in server_loop (initial_tasks=<value optimized out>, serverfd=<value optimized out>)
    at main.c:1263
0000011 0x08053e0f in main (argc=3, argv=0xbfd15614) at main.c:1618
(gdb) fd 0
Undefined command: "fd". Try "help".
(gdb) f 0
#0 0xb74ac9f3 in strlen () from /lib/i686/cmov/libc.so.6
(gdb) f 1
0000001 0x0806b98e in mydns_rr_build (id=1351, zone=147, type=DNS_QTYPE_SRV, class=DNS_CLASS_IN, aux=10, ttl=86400,
    active=0x0, stamp=0x0, serial=0, name=0x9a6dd15 "mail", data=0x9a6dd1a "smtp.decimal.pt.",
    datalen=<value optimized out>, origin=0x9a699d4 "reierei.pt.") at rr.c:278
278 memmove(__MYDNS_RR_DATA_VALUE(rr), target, strlen(target)+1);
(gdb) f 2
0000002 0x0806c7b1 in __mydns_rr_do_load (sqlConn=<value optimized out>, rptr=<value optimized out>,
    query=<value optimized out>, origin=0x9a699d4 "reierei.pt.") at rr.c:607
607 rr = mydns_rr_build(atou(row[0]),
(gdb) f 3
0000003 0x0806d394 in mydns_rr_load_active (sqlConn=0x99f9cb8, rptr=0xbfd14a08, zone=147, type=DNS_QTYPE_ANY,
    name=0x9a692b8 "mail", origin=0x9a699d4 "reierei.pt.") at rr.c:1002
1002 res = __mydns_rr_do_load(sqlConn, rptr, query, origin);
(gdb) f 4
0000004 0x0804bf62 in zone_cache_find (t=0x9a603e8, zone=147, origin=0x9a699d4 "reierei.pt.", type=DNS_QTYPE_ANY,
    name=0x9a692b8 "mail", namelen=4, errflag=0xbfd14a5c, parent=0x9a699d0) at cache.c:573
573 if (mydns_rr_load_active(sql, &rr, zone, type, name, origin) != 0) {
(gdb) f 5
0000005 0x0804ca40 in find_rr (t=0x9a603e8, soa=0x9a699d0, type=DNS_QTYPE_ANY, name=0x9a692b8 "mail") at data.c:142
142 rr = zone_cache_find(t, soa->id, soa->origin, type, name, strlen(name), &errflag, soa);
(gdb) f 6
0000006 0x0805c24a in resolve (t=0x9a603e8, section=ADDITIONAL, qtype=DNS_QTYPE_A,
    fqdn=0x9a692a0 "mail.reierei.pt.", level=0) at resolve.c:303
303 rr = find_rr(t, soa, DNS_QTYPE_ANY, label);
(gdb) f 7
0000007 0x0805b727 in build_reply (t=0x9a603e8, want_additional=1) at reply.c:69
69 (void)resolve(t, ADDITIONAL, DNS_QTYPE_A, MYDNS_RR_DATA_VALUE(rr), 0);
(gdb) f 8
0000008 0x080607f4 in task_process (t=0x9a603e8, rfd=0, wfd=0, efd=0) at task.c:834
834 build_reply(t, 1);
(gdb) f 9
0000009 0x08051ec3 in run_tasks (items=<value optimized out>, numfds=1) at main.c:1022
1022 tasks_executed += task_process(t, rfd, wfd, efd);
(gdb) f 10
0000010 0x08052784 in server_loop (initial_tasks=<value optimized out>, serverfd=<value optimized out>)
    at main.c:1263
1263 run_tasks(items, numfds);
(gdb) f 11
0000011 0x08053e0f in main (argc=3, argv=0xbfd15614) at main.c:1618
1618 server_loop(primary_initial_tasks, -1);
(gdb)
Tags No tags attached.
Attached Files

- Relationships

-  Notes
(0000134)
jasb (reporter)
2010-02-04 21:46

Anyway, the second record is not right defined, but it should not crash, but give a REFUSED for example.
(0000135)
jorge (administrator)
2010-02-04 22:17

Found on sf.net something related, just two days ago.

http://sourceforge.net/tracker/index.php?func=detail&aid=2944671&group_id=209520&atid=1010042 [^]
(0000136)
tlamy (developer)
2010-02-05 08:07

Tracker is disabled, cna't even view it. But as this bug is "stable", i.e. it crashes constantly and in the same place, it should be easy to fix.

I hope to have some spare time at the weekend for this one.
(0000137)
jorge (administrator)
2010-02-05 11:14

My fault,
I'd like to disable it on the future, but 1st want to close all bugs inserted there, the problem is that people keep creating new ones.

I'll try to check this on the weekend also but no promise, if in case yes I'll let you know. The 1st one to see warn the other.

- Issue History
Date Modified Username Field Change
2010-02-04 21:31 jasb New Issue
2010-02-04 21:46 jasb Note Added: 0000134
2010-02-04 22:17 jorge Note Added: 0000135
2010-02-05 08:05 tlamy Status new => assigned
2010-02-05 08:05 tlamy Assigned To => tlamy
2010-02-05 08:07 tlamy Note Added: 0000136
2010-02-05 11:14 jorge Note Added: 0000137
2014-08-05 23:55 jameno123 Assigned To tlamy => jameno123
2014-08-07 19:01 jameno123 version => 1.2.8.31
2014-08-07 19:01 jameno123 Target Version => 1.2.8.32


Mantis 1.1.6[^]
Copyright © 2000 - 2008 Mantis Group
Powered by Mantis Bugtracker