Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. exim>
  3. dev
[Bug 2911] New: setting dns_again_means_nonexist to a list containing @mx_ lookups causes segfault
exim-dev at exim
Aug 19, 2022, 7:04 AM
Post #1 of 3 (270 views)
Permalink
https://bugs.exim.org/show_bug.cgi?id=2911

Bug ID: 2911
Summary: setting dns_again_means_nonexist to a list containing
@mx_ lookups causes segfault
Product: Exim
Version: 4.96
Hardware: x86
OS: Linux
Status: NEW
Severity: bug
Priority: medium
Component: List matching
Assignee: unallocated@exim.org
Reporter: thomasm-exim@wupper.com
CC: exim-dev@exim.org

Not sure whether this is a bug or a case of "never do such a stupid
configuration"... :-)

I happened to set a domain list using @mx_any and used this list in
dns_again_means_nonexist .

Test case:
domainlist local_domains = @ : @mx_any/ignore=127.0.0.1
dns_again_means_nonexist = !+local_domains

Now if a DNS lookup for a MX gives TRY_AGAIN, exim will check whether the name
MX name is in dns_again_means_nonexist . To do this, it does a MX lookup on the
name, which gives TRY_AGAIN. This leads to an endless loop (debug repeatedly
outputs "DNS lookup of exchange.zenit.de (MX) gave TRY_AGAIN"), until exim
crashes with a Segmentation fault.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
Re: [Bug 2911] New: setting dns_again_means_nonexist to a list containing @mx_ lookups causes segfault [ In reply to ]
exim-dev at exim
Aug 23, 2022, 12:12 PM
Post #2 of 3 (270 views)
Permalink
On Fri, Aug 19, 2022 at 02:04:06PM +0000, admin--- via Exim-dev wrote:

> https://bugs.exim.org/show_bug.cgi?id=2911
>
> Bug ID: 2911
> Summary: setting dns_again_means_nonexist to a list containing
> @mx_ lookups causes segfault
> Product: Exim
> Version: 4.96
> Hardware: x86
> OS: Linux
> Status: NEW
> Severity: bug
> Priority: medium
> Component: List matching
> Assignee: unallocated@exim.org
> Reporter: thomasm-exim@wupper.com
> CC: exim-dev@exim.org
>
> Now if a DNS lookup for a MX gives TRY_AGAIN, exim will check whether the name
> MX name is in dns_again_means_nonexist. [...]

Note that if this also potentially applies to TLSA lookups, then
downgrading SRVFAIL (try again) to NXDOMAIN breaks the downgrade
resistance of DANE.

This is of course also likely to trigger bounces in the presence of
transient errors, and is basically a really bad idea.

--
Viktor.

--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
Re: [Bug 2911] New: setting dns_again_means_nonexist to a list containing @mx_ lookups causes segfault [ In reply to ]
exim-dev at exim
Jan 5, 2023, 10:25 AM
Post #3 of 3 (168 views)
Permalink
On 23/08/2022 20:12, Viktor Dukhovni via Exim-dev wrote:
> Note that if this also potentially applies to TLSA lookups, then
> downgrading SRVFAIL (try again) to NXDOMAIN breaks the downgrade
> resistance of DANE.

Yup, it would be too easy to write a configuration that did that.
I'll add code to ignore that option for TLSA lookups.
--
Thanks,
Jeremy


--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal