Hello dnsmasqers,

I'm running dnsmasq 2.80 on FreeBSD 12-stable. It works perfectly when I have DNSSEC disabled. But when I enable it, I get crashes every hour or so. I haven't worked out what's happening exactly, but it looks like it's accessing past the end of a buffer. Running in lldb gives the following info:

Process 19920 stopped
* thread #1, name = 'dnsmasq', stop reason = signal SIGSEGV: invalid address (fault address: 0x8)     frame #0: 0x0000000000274802 dnsmasq`sort_rrset(header=0x0000000801a29000, plen=512, rr_desc=0x000000000027f474, rrsetidx=27430912, rrset=0x00000008013f87d0, buff1="mozilla.org", buff2="mozilla.org") at dnssec.c:304
   301            end1 = p1 + rdlen1;
   302
   303            p2 += 8; /* skip class, type, ttl */
-> 304            GETSHORT(rdlen2, p2);
   305            end2 = p2 + rdlen2;
   306
   307            dp1 = dp2 = rr_desc;
(lldb) bt
* thread #1, name = 'dnsmasq', stop reason = signal SIGSEGV: invalid address (fault address: 0x8)   * frame #0: 0x0000000000274802 dnsmasq`sort_rrset(header=0x0000000801a29000, plen=512, rr_desc=0x000000000027f474, rrsetidx=27430912, rrset=0x00000008013f87d0, buff1="mozilla.org", buff2="mozilla.org") at dnssec.c:304     frame #1: 0x00000000002714c1 dnsmasq`validate_rrset(now=1562977226, header=0x0000000801a29000, plen=512, class=1, type=5, sigidx=8, rrsetidx=27430912, name="incoming.telemetry.mozilla.org", keyname="mozilla.org", wildcard_out=0x00007fffffffe388, key=0x0000000000000000, keylen=0, algo_in=0, keytag_in=0) at dnssec.c:506     frame #2: 0x0000000000273479 dnsmasq`dnssec_validate_reply(now=1562977226, header=0x0000000801a29000, plen=512, name="incoming.telemetry.mozilla.org", keyname="mozilla.org", class=0x0000000801a1f248, check_unsigned=1, neganswer=0x0000000000000000, nons=0x0000000000000000) at dnssec.c:1920     frame #3: 0x000000000023306f dnsmasq`reply_query(fd=15, family=2, now=1562977226) at forward.c:1029     frame #4: 0x000000000024211c dnsmasq`check_dns_listeners(now=1562977226) at dnsmasq.c:1644     frame #5: 0x0000000000240bab dnsmasq`main(argc=6, argv=0x00007fffffffe9f8) at dnsmasq.c:1104     frame #6: 0x000000000021311b dnsmasq`_start(ap=<unavailable>, cleanup=<unavailable>) at crt1.c:76

My dnsmasq.conf is below.

Does anybody have any clues, please?

Thanks,
    Graham

conf-file=/etc/dnsmasq-conf.conf
resolv-file=/etc/dnsmasq-resolv.conf

server=8.8.8.8
server=8.8.4.4

# use DNSSEC
dnssec
trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D
dnssec-check-unsigned

# filter what we send upstream
domain-needed
bogus-priv
localise-queries

# allow /etc/hosts and dhcp lookups via *.lan
domain=menhennitt.com.au
expand-hosts
no-negcache

# enable dhcp (start,end,netmask,leasetime)
dhcp-authoritative
dhcp-range=re0,203.3.73.51,203.3.73.90,255.255.255.0,12h
# default route(s)
dhcp-option=3,203.3.73.1

# use /etc/ethers for static hosts; same format as --dhcp-host
# <hwaddr> <ipaddr>
read-ethers





_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Reply via email to