[Pdns-dev] Got bad packet: extra input data with bind backend

[Peter van Dijk]

Hello Ben,

On May 30, 2012, at 20:26 , Ben C. wrote:

> all.zone:
> $ORIGIN .
> @ 0 SOA ...
> @ 0 NS ...
> * 0 A 1.2.3.4
> 
> Yeah, .. It's a pretty weird to do thing but I just-happened to copy
> and paste it from a website and got this:
> 
> dig @127.0.0.2 anything.here
> ;; Got bad packet: extra input data
> 78 bytes
> d5 85 85 03 00 01 00 00 00 01 00 00 08 61 6e 79          .............any
> 74 68 69 6e 67 04 68 65 72 65 00 00 01 00 01 00          thing.here......
> 00 06 00 01 00 00 00 00 00 24 00 00 00 00 0a 68          .........$.....h
> 6f 73 74 6d 61 73 74 65 72 00 00 00 00 00 00 00          ostmaster.......
> 2a 30 00 00 0e 10 00 09 3a 80 00 00 0e 10                *0......:.....
> 
> I don't see it as a big deal, but potentially a bug being that it
> returns nasty packets.


Please file a ticket next time, we don't normally go through pdns-dev backlog!

There are multiple bugs at play here. 

First, http://wiki.powerdns.com/trac/ticket/444 is making the wildcard lookup fail (the patch on that ticket fixes that for your example zone too). Then, PowerDNS tries to generate an NXDOMAIN with the SOA in it, and it generates a bad packet because it encodes '...' as three empty labels, which is invalid - this is what dig rightfully complains about.

SVN revision 2972 changes behaviour to generate SERVFAIL in these cases. It's the best we can do - garbage in, error out is better than garbage in, garbage out.

Kind regards,
-- 
Peter van Dijk
Netherlabs Computer Consulting BV - http://www.netherlabs.nl/