Hello all, One of our engineers discovered some interesting behavior while testing bad EDNS RRs in Unbound. He discovered that Unbound properly checks and identifies a truncated OPT RR as a FORMERR, but then returns the truncated OPT RR, resulting in a malformed response to a malformed request. I have attached a PCAP file that should contain the malformed requests/responses.
Has anyone observed this behavior, and if so, had issues from it? I'd also like to hear some opinions about this behavior. Thanks, -- Ian Cohee | Software Engineer Secure64 Software Corporation [email protected]
Unbound-EDNS
Description: Binary data
