This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug network/19791] res_query.c:262 asserts when dns contains unreachable entries
- From: "fweimer at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Thu, 10 Mar 2016 19:39:36 +0000
- Subject: [Bug network/19791] res_query.c:262 asserts when dns contains unreachable entries
- Auto-submitted: auto-generated
- References: <bug-19791-131 at http dot sourceware dot org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=19791
--- Comment #3 from Florian Weimer <fweimer at redhat dot com> ---
(In reply to priyesh from comment #2)
> (In reply to Florian Weimer from comment #1)
> > (In reply to priyesh from comment #0)
> >
> > > res_query.c:262: __libc_res_nquery: Assertion `(hp != ((void *)0)) && (hp2
> > > != ((void *)0))' failed.
> >
> > What's the exact glibc version you tested? Current master would print a
> > different assertion due to commit 8ba14398e629c1f63b9c91a59a47a713b3cce8bc.
>
> 2.23 with no patches
Just to be sure, I compiled 2.23 with no patches and assertions enabled, and
libresolv.so.2 does not contain the string quoted above:
$ strings resolv/libresolv.so.2 | grep '!='
(hp != NULL) && (hp2 != NULL)
anscp != NULL || ansp2 == NULL
The first of the two strings macro-expands to the assertion failure message you
see.
This means what you are testing is definitely not 2.23.
Can you run your test under strace or with LD_DEBUG=all, to check which DSOs
are opened?
If you get that unexpected assertion message, maybe a wrong version of
libresolv.so.2 is being loaded.
> > > This can be triggered by disabling ipv6, then adding an ipv6 dns and using
> > > the proof of concept here:
> > > https://github.com/fjserna/CVE-2015-7547/blob/master/CVE-2015-7547-client.c
> >
> > How did you disable IPv6? There multiple ways to do this (at least
> > partially).
> add the following to /etc/sysctl.conf and do sysctl -p
> net.ipv6.conf.all.disable_ipv6 = 1
> net.ipv6.conf.default.disable_ipv6 = 1
> net.ipv6.conf.lo.disable_ipv6 = 1
>
> make sure that dns has an ipv6 entry. in my test, ipv6 was the first entry
I have followed these steps, and I still cannot reproduce the assertion
failure.
--
You are receiving this mail because:
You are on the CC list for the bug.