[Pdns-users] Authoritative server (v4.1.3) crashes on zone creation via API when too many rrsets included
Remi Gacogne
remi.gacogne at powerdns.com
Tue Jul 31 14:16:17 UTC 2018
Hello Jordan,
On 07/19/2018 08:33 PM, Jordan Rieger wrote:
> Since upgrading our authoritative name servers from 4.0.x to 4.1.3,
> we’ve been experiencing strange server crashes when creating zones from
> scratch. After some trial and error, it seems that the trigger is not
> the content of the zones being created, but rather their size. Below,
> I’ve crafted a zone creation command with some meaningless hosts and IPs
> that will always cause the server to crash. The symptom of the crash
> from the API client’s perspective is usually an abrupt socket
> disconnection with no response, but sometimes I will see a HTTP 500
> error with no details. If I remove any one of the A rrsets from my
> crafted zone – it doesn’t really matter which one – it succeeds.
[ ...]
> Any ideas what this could be? It feels like some sort of resource/buffer
> size exhaustion leading to an overflow somewhere deep in the code. Note
> that once the zone size is cut down and it is created successfully,
> PATCH updates will succeed and leave the zone as large as requested. It
> seems to only affect the initial zone creation.
Thanks for reporting this! It is indeed a bug in the API code in 4.1.x,
actually not related to the number of rrsets but to their ordering. A
small mistake in the code checking for duplicates records is causing a
crash because the comparison function does not provide strict weak
ordering, which is a requirement to use std::sort().
I just opened a pull request [1] fixing the issue, and a second one [2]
to backport the fix to the 4.1.x branch so it will be fixed in the
upcoming 4.1.4 release.
[1]: https://github.com/PowerDNS/pdns/pull/6816
[2]: https://github.com/PowerDNS/pdns/pull/6817
Best regards,
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20180731/c66e1a41/attachment.sig>
More information about the Pdns-users
mailing list