Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SIGSEGV in rbtree_find_less_equal #387

Open
k0ekk0ek opened this issue Oct 8, 2024 · 1 comment
Open

SIGSEGV in rbtree_find_less_equal #387

k0ekk0ek opened this issue Oct 8, 2024 · 1 comment

Comments

@k0ekk0ek
Copy link
Contributor

k0ekk0ek commented Oct 8, 2024

As reported on nsd-users.

Reproducible seg fault with a DNSSEC signed zone and overlapping config. Running NSD 4.10.1. Here's how to reproduce.

2 zones in nsd.conf:

zone:
        name:     "foo.com."
        zonefile:     "/zones/foo.com.zone.signed"

zone:
        name:     "bar.foo.com."
        zonefile: "/zones/bar.foo.com.zone"

Zone files:
foo.com.zone.signed is DNSSEC signed with a record for a.bar (A record or anything)
bar.foo.com.zone doesn't exist (but it's in nsd.conf shown above)

Steps:

  1. Startup NSD
  2. touch foo.com.zone.signed
  3. reload NSD

nsd.log will say:

[2024-10-02 07:19:58.691] nsd[962739]: info: control cmd:  reload
[2024-10-02 07:19:58.845] nsd[962752]: error: handle_reload_cmd: reload closed cmd channel
[2024-10-02 07:19:58.845] nsd[962752]: warning: Reload process 962740 failed, continuing with old database

core dump says SIGSEGV in rbtree_find_less_equal
@k0ekk0ek
Copy link
Contributor Author

k0ekk0ek commented Oct 9, 2024

The issue can be successfully reproduced using a debug build and the attached configuration.
nsd.conf
foo.com.zone.signed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@k0ekk0ek