In trying to do the work requested for the report, it took a different turn. General sequence is still correct, with the following caveat:
- our DNS server added a CNAME record to the truncated UDP reply, bringing the size to over 512 bytes The response is well formed, just too big. Since getaddrinfo never asks with EDNS, this is not correct and we must fix it - but getaddrifo shouldn't core on it. The crash happens downstream of this when the TCP replies come in, but only sometimes. I suspect a buffer overrun of some sort. If you don't see it through inspection, I will add a pcap. Might be possible to replay it or something. The query which gives such a large truncated reply is dig www.iiflstatements.com +ignore +notcp +noedns +qr which comes in at 502 bytes. We add a CNAME as the first record in the answer section, which brings it to 636 bytes. We will try to do a little more work to see if we can make it repeatable. Recap: - getaddrinfo makes two requests, A and AAAA, using UDP and no EDNS - At least one of the replies to the two requests is truncated - The truncated reply has a size greater than 512 bytes, otherwise error-free - getaddrinfo makes two additional requests, A and AAAA, using TCP - At least one of the the replies to the two TCP requests has an empty answer section - For example, the response comes back with a REFUSED or SERVFAIL -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1945072 Title: getaddrinfo crashes on negative answers after Truncated retry To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1945072/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
