Closed rcgraves closed 8 years ago
..and yes, removing "xs" (logging just -X 46CPr) eliminates the crash. But I do want to log NXDOMAINs.
Sorry, should have tried this first. Problem is only in the very latest commit; previous c7fdf72bf5f9bcb60973b9eab4fa0822c613ccc7 does not crash.
Strange, since I'm not actually printing "p"...
I managed to reproduce the crash. I'll fix it as soon as I get the chance.
This issue should be fixed by 32015b2. Please let me know if this is true or not.
This appears to be a regression. A binary compiled on November 25 does not crash.
Encountered on a test CentOS 7 DNS server. Valid queries are recorded in /var/log/passivedns.log, but NXDOMAIN and SERVFAIL cause passivedns freshly compiled from git HEAD with default options to crash.
(gdb) run -P 5 -u 990 -g 990 -i eth0 -T /var/empty -X 46CPxsr Starting program: /usr/local/bin/passivedns -P 5 -u 990 -g 990 -i eth0 -T /var/empty -X 46CPxsr
[] PassiveDNS 1.2.0 [] By Edward Bjarte Fjellskål edward.fjellskaal@gmail.com [] Using libpcap version 1.5.3 [] Using ldns version 1.6.16 [] Device: eth0 [] Chrooting to dir '/var/empty'.. [] Dropping privs... [] Sniffing...
Program received signal SIGSEGV, Segmentation fault. 0x0000000000405922 in print_passet () (gdb) backtrace
0 0x0000000000405922 in print_passet ()
1 0x00000000004072a1 in cache_dns_objects ()
2 0x0000000000407bb8 in dns_parser ()
3 0x0000000000404f12 in got_packet ()
4 0x00007ffff7ba299e in pcap_handle_packet_mmap (handle=handle@entry=0x695250,
5 0x00007ffff7ba6ae1 in pcap_read_linux_mmap_v2 (handle=0x695250, max_packets=-1, callback=0x404b10,
6 0x00007ffff7bab19d in pcap_loop (p=0x695250, cnt=-1, callback=0x404b10, user=0x0) at ./pcap.c:862
7 0x0000000000402683 in main ()
(tcpdump sample)
21:19:46.276349 IP (tos 0x0, ttl 63, id 16935, offset 0, flags [none], proto UDP (17), length 131) 137.22.198.40.domain > 137.22.1.38.41158: [udp sum ok] 49202 NXDomain* q: A? ww424.google.com.carleton.edu. 0/1/0 ns: carleton.edu. [1h] SOA ns.carleton.edu. nic-tech-contact.carleton.edu. 1453345202 1500 600 1209600 7200 (103) 21:19:46.276645 IP (tos 0x0, ttl 64, id 15894, offset 0, flags [none], proto UDP (17), length 79) 137.22.1.38.56286 > 137.22.198.40.domain: [bad udp cksum 0xd9c7 -> 0x861a!] 6205+ A? ww424.google.com.ads.carleton.edu. (51) 21:19:46.276859 IP (tos 0x0, ttl 63, id 16936, offset 0, flags [none], proto UDP (17), length 79) 137.22.198.40.domain > 137.22.1.38.56286: [udp sum ok] 6205 ServFail q: A? ww424.google.com.ads.carleton.edu. 0/0/0 (51)