Maintained by: NLnet Labs

[Unbound-users] SOLVED: unbound fail to resolve a PTR

Yuri Schaeffer
Fri Jun 27 13:56:49 CEST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> $ dig @pns.dtag.de. 165.160.113.149.80.in-addr.arpa. PTR
> +norecurse ;; Question section mismatch: got
> 245.160.113.149.in-addr.arpa/PTR/IN

Wow, it responds with a label less, and another mangled.

Our hypothesis:
The Cisco device parses the message and saves PTR records in a 4 byte
buffer. It iterates all labels and stores it in the buffer* using
modulo 4 to prevent buffer overflows. It then forwards the parsed
packet instead of the original.

* either with 'add' or 'or':
  165+80 = 245
  165|80 = 245

Which is all of course, madness.

//Yuri
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iEYEARECAAYFAlOtXAEACgkQI3PTR4mhavio5wCgwOWiOURej1ezRwfiInctS3PN
NacAoL6V6Dw7Fsh4XvN/1HcHV6xjgPxI
=Lnu6
-----END PGP SIGNATURE-----