OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Ben Greenbaum (bgreenbaumSECURITYFOCUS.COM)
Date: Tue Feb 06 2001 - 12:26:33 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    This appears to not be as big a problem as it might have seemed, based
    on the original report.

    -------------------------------------------
    From: Jonas Thambert <JonasTguld.spray.se>

    I wasnt able to replicate this error on a
    fully patched RH 7.0 with BIND 9.1.0.

    ----------------------------------------------
    From: Stephen Clouse <stephenctheiqgroup.com>

    No effect on bind-9.1.0 built from source on linux (slackware-7.0, kernel
    2.4.0).

    -------------------------------------------
    From: Ian Gulliver <ianpenguinhosting.net>

    I can't reproduce this using bind 9.1.0 on Linux 2.2.16/glibc 2.1.3 against
    nmap 2.54BETA1. The source line listed would trigger if a socket family
    other than AF_INET or AF_INET6 was being used. A quick grep through the
    nmap source, however, shows nothing other than AF_INET passed to socket().

    ------------------------------------------------
    From: "Smith, John" <john.smithminolta-qms.com>

            I cannot duplicate this with Bind 9.1.0 running on a Solaris 7 box.
    The Bind install is plain vanilla (configure, make, make install).

    ------------------------------------------------
    From: Phil Brutsche <pbrutschtux.creighton.edu>

    I haven't been able to reproduce this so far.

    I'm using BIND 9.1.0 on Debian "potato", with Linux kernel 2.4.0, and nmap
    2.53 to scan the server.

    Hrm... looking at the source, I think there may be other issues with your
    crash. From lib/isc/netaddr.c (offending INSIST(0) is underlined):

    void
    isc_netaddr_fromsockaddr(isc_netaddr_t *t, const isc_sockaddr_t *s) {
            int family = s->type.sa.sa_family;
            t->family = family;
            switch (family) {
            case AF_INET:
                    t->type.in = s->type.sin.sin_addr;
                    break;
            case AF_INET6:
                    memcpy(&t->type.in6, &s->type.sin6.sin6_addr, 16);
                    break;
            default:
                    INSIST(0);
                    ^^^^^^^^^
            }
    }

    ------------------------------------------
    From: Lucian Hudin <luciwarp.transart.ro>

    the "problem" lies in file netaddr.c in bind 9.1.0 , line 231 with
    "INSIST(0);"

    this is not a bug, imho. You can compile named without asserts.
    (#define ISC_CHECK_NONE in include/isc/assertions.h).

    void
    isc_netaddr_fromsockaddr(isc_netaddr_t *t, const isc_sockaddr_t *s) {
            int family = s->type.sa.sa_family;
            t->family = family;
            switch (family) {
            case AF_INET:
                    t->type.in = s->type.sin.sin_addr;
                    break;
            case AF_INET6:
                    memcpy(&t->type.in6, &s->type.sin6.sin6_addr, 16);
                    break;
            default:
                    INSIST(0);
            }
    }

    searching for INSIST in source code tree also reveals this :
    in "bin/tests/system/resolver/tests.sh"

    "# If the server has the "INSIST(!external)" bug, this query will kill it.
    $DIG +tcp www.example.com. a 10.53.0.1 -p 5300 >/dev/null || status=1"

    Ben Greenbaum
    Director of Site Content
    SecurityFocus
    http://www.securityfocus.com