On Thu, Apr 15, 2021 at 05:46:29PM +1000, Mark Andrews wrote:
> > On 15 Apr 2021, at 17:28, Paul Vixie <p...@redbarn.org> wrote:
> > so, freebsd was unfairly maligned in the forescout report on this event;
> > the bug was in their dhcp client, not their dns or "tcp/ip stack", and
> > had been fixed 20 years late but still six months ago.
> The freebsd code still isn't correct "if (0xc0 & len) {" !=
> "if ((0xc0 & len) == 0xc0) {"
> which is the correct test for a compression pointer.
this certainly is not correct, but doesn't seem related to the forescout
report.
> The frustrating part is that it could have all been done safely with
> libresolv rather than reinventing the wheel. The pain had already
> been taken with libresolv.
as you know, this was discussed internally at the time. when dhclient
took its copy of libresolv, these bugs were still present. i muchly
regret not releasing libresolv independent of BIND so that projects
who needed the code could add it as a dependency not a copy. "oops."
--
Paul Vixie
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
