syntax error in $GENERATE crashed all nameservers

Lightner, Jeff JLightner at water.com
Thu Aug 18 14:28:59 UTC 2011 

It was certainly a typo and a user error in that regard.

However, he was suggesting it was bug because it should have rejected input of negative numbers and I'll have to say I agree with that viewpoint.   If I typed "las" instead of "ls" on a command line and found out that "las" meant "lose all systems" I'd certainly feel whoever had created such a program should have put some safeguards in to keep it from doing something so ridiculous.





-----Original Message-----
From: bind-users-bounces+jlightner=water.com at lists.isc.org [mailto:bind-users-bounces+jlightner=water.com at lists.isc.org] On Behalf Of /dev/rob0
Sent: Wednesday, August 17, 2011 8:59 PM
To: bind-users at lists.isc.org
Subject: Re: syntax error in $GENERATE crashed all nameservers

On Wed, Aug 17, 2011 at 04:45:38PM -0400, bl ton wrote:
> We had a syntax error in our inverse zone file using GENERATE and
> extra dash were added to the scope so '199--222' instead of
> '199-222':
>
> $GENERATE 199--222 $ PTR 10-100-60-$.dhcp-bl.indiana.edu.

Ouch! Sorry to hear this!

> I would assume named will check the syntax error and refuse to load
> this zone just like it normally does, but instead it tries to
> generate millions of erroneous entry because it scanned '-222' to
> the stop which created a huge number for the named to loop through
> and the CPU at 100% and locked up 15 of our nameservers, some of
> those need power recycle to respond to console.
>
> This is the first bug of that type we have seen, it's my 12th year
> of running BIND for large site, another team member has nearly 20
> years experience with BIND and we're surprised named doesn't catch
> the syntax error.
>
> Should a syntax error in inverse zone file cause named to locking
> up the machine?

You're calling this a bug and a syntax error. I disagree. I'd call
this a typo and a user error.

> But there is checking in forward file and same syntax error were
> caught:
>
> Aug 16 19:09:19 named named[4169]: 16-Aug-2011 19:09:19.609
> general: error: dns_rdata_fromtext: buffer-0x42200470 : near
> '10.100.60.256': bad dotted quad
> Aug 16 20:00:02 named named[4169]: 16-Aug-2011 22:00:02.649
> general: error: $GENERATE: Domain/test.example.edu:1496: bad
> dotted quad
> Aug 16 20:00:02 named named[4169]: 16-Aug-2011 22:00:02.649
> general: error: zone test.example.edu/IN: loading from master
> file Domain/test.example.edufailed: bad dotted quad

It's not the same error. You can create PTR names and values of
anything you want. But the value for an A record is limited to the
set of valid IPv4 addresses. Note that your A $GENERATE was quite
happy until it reached 256.

4294967295.60.100.10.in-addr.arpa.      IN      PTR     10-100-60-4294967295.dhcp-bl.indiana.edu.
-222.60.100.10.in-addr.arpa.            IN      PTR     10-100-60--222.dhcp-bl.indiana.edu.

Those are both valid, as was the entire $GENERATE range.

10-100-60-255.dhcp-bl.indiana.edu.      IN      A       10.100.60.255
10-100-60-256.dhcp-bl.indiana.edu.      IN      A       10.100.60.256

First one is valid, second one is not.

That said, I wouldn't have thought that a $GENERATE range could go
"over the top" like that, so to speak. I could see calling that a
possible bug.
--
    Offlist mail to this address is discarded unless
    "/dev/rob0" or "not-spam" is in Subject: header
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users



Proud partner. Susan G. Komen for the Cure.


Please consider our environment before printing this e-mail or attachments.

----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------

More information about the bind-users mailing list