oss-security - Re: PowerDNS Security Advisory 2014-02

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Date: Tue, 9 Dec 2014 08:54:15 +0100
From: Peter van Dijk <peter.van.dijk@...herlabs.nl>
To: oss-security@...ts.openwall.com
Subject: Re: PowerDNS Security Advisory 2014-02

Hello,

On 09 Dec 2014, at 8:16 , Peter van Dijk <peter.van.dijk@...herlabs.nl> wrote:

> Somebody asked me to (help him) check djbdns today, which we’ll do. Any other implementations you are interested in?

Vanilla djbdns 1.05 manages a counter called ‘loop’ (look for ‘z->loop’ in the code); if this counter hits 100, it simply aborts the current query. This is similar to the fixes now present in PowerDNS, BIND and Unbound.

Breakpoint 4, doit (z=0x611660 <u>, state=1) at query.c:452
452	  if (++z->loop == 100) goto DIE;
1: z->loop = 99
(gdb) cont
Continuing.

It then logs 'drop 1 input/output error’ and aborts resolution of this query. Note that it actually drops the query, the client will eventually timeout; PowerDNS Recursor sends a SERVFAIL, and I presume so do BIND and Unbound.

Kind regards,
-- 
Peter van Dijk
Netherlabs Computer Consulting BV - http://www.netherlabs.nl/

Download attachment "signature.asc" of type "application/pgp-signature" (842 bytes)

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.