syntax error in $GENERATE crashed all nameservers
Evan Hunt
each at isc.org
Thu Aug 18 18:09:53 UTC 2011
> No but you're missing the point. I don't think the OP was and I
> certainly wasn't suggesting it should have done what he "meant" to do.
> However, I DO think it should have errored out because it was invalid
> input. (That is to say unless you think negative numbers should be
> considered valid input for this command? Please don't respond that
> negative numbers are integers and therefore valid - that would be pure
> sophistry.)
Yes, it's a bug. It's already in our ticketing system and we will fix it.
The problem is in sscanf(), actually -- I hadn't realized this until now,
but according to C99, the %u (unsigned integer) conversion format will
accept a minus sign in the input without any complaint, and silently
convert the result to a large positive number. This strikes me as
rather bizarre; I would have expected the conversion to fail, but,
shrug.
We'll be adding a better formatting check. Meantime: exercise caution.
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list