Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bad custom AXFR query causes crash #2306

Closed
moseleymark opened this issue Mar 3, 2015 · 2 comments
Closed

Bad custom AXFR query causes crash #2306

moseleymark opened this issue Mar 3, 2015 · 2 comments
Labels
auth enhancement
Milestone
auth-4.0.0

Comments

@moseleymark
Copy link

I was trying to make a 2.9.22-era database work for AXFRs on a 3.4 server (like to make it work on the old schema). I gave up on that but forgot to remove the custom queries. Setup is Ubuntu precise, 64-bit, powerdns 3.4 authoritative.

When an AXFR is attempted with this silly setup, it causes powerdns to shut down and restart.

Here's the busted query (again, this was me just trying to get it to work with the old schema, so it's silly):

gmysql-list-query=SELECT content,ttl,prio,type,domain_id,name FROM records WHERE 0=%d and domain_id='%d' order by name, type

Here's the logs:

gmysql Connection successful. Connected to database 'dns' on '127.0.0.1'.
AXFR of domain 'example2.com' initiated by 127.0.0.1
AXFR of domain 'example2.com' allowed: client IP 127.0.0.1 is in allow-axfr-ips
gmysql Connection successful. Connected to database 'dns' on '127.0.0.1'.
gmysql Connection successful. Connected to database 'dns' on '127.0.0.1'.
Got a signal 11, attempting to print trace:
/usr/sbin/pdns_server-instance() [0x65c4d0]
/lib/x86_64-linux-gnu/libc.so.6(+0x36150) [0x6c3d088cd150]
/usr/sbin/pdns_server-instance(_ZNSs6assignERKSs+0x24) [0xa68424]
/usr/sbin/pdns_server-instance(_ZN11GSQLBackend3getER17DNSResourceRecord+0x1d2) [0x6aaea2]
/usr/sbin/pdns_server-instance(_ZN13TCPNameserver6doAXFRERKSsN5boost10shared_ptrI9DNSPacketEEi+0xe4d) [0x611ced]
/usr/sbin/pdns_server-instance(_ZN13TCPNameserver12doConnectionEPv+0xacd) [0x6181ad]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x7e9a) [0x6c3d08c5de9a]
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d) [0x6c3d0898a8bd]
Our pdns instance (11029) exited after signal 6
Respawning
Guardian is launching an instance
Reading random entropy from '/dev/urandom'
This is a guarded instance of pdns
Listening on controlsocket on '0.0.0.0:53000'
Only allowing TCP control from: 127.0.0.0/8, 10.0.0.0/8
UDP server bound to 0.0.0.0:53
TCP server bound to 0.0.0.0:53
PowerDNS Authoritative Server 3.4.2 (jenkins@autotest.powerdns.com) (C) 2001-2015 PowerDNS.COM BV
Using 64-bits mode. Built on 20150203085343 by root@autotest.powerdns.com, gcc 4.7.2.

Attaching to gdb yields this:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x6a376dc97700 (LWP 4618)]
0x0000000000654087 in endsOn(std::string const&, std::string const&) ()
(gdb) bt
#0  0x0000000000654087 in endsOn(std::string const&, std::string const&) ()
#1  0x0000000000611d07 in TCPNameserver::doAXFR(std::string const&, boost::shared_ptr<DNSPacket>, int) ()
#2  0x00000000006181ad in TCPNameserver::doConnection(void*) ()
#3  0x00006a3897018e9a in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
#4  0x00006a3896d458bd in clone () from /lib/x86_64-linux-gnu/libc.so.6
#5  0x0000000000000000 in ?? ()
@Habbie
Copy link
Member

Habbie commented Dec 4, 2015

I think master is more robust against this. Care to test?

@pieterlexis pieterlexis modified the milestones: auth-4.1.0, auth-4.0.0 Dec 15, 2015
@pieterlexis
Copy link
Contributor

Closing for lack of response

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auth enhancement
Projects
None yet
Milestone
auth-4.0.0
Development

No branches or pull requests
3 participants
@Habbie @pieterlexis @moseleymark