On Wed, 13 Jul 2005, Luigi Gangitano wrote:
> Hi,
> I packaged an update squid 2.4.STABLE6 for Debian woody with the
> backported squid-2.5.STABLE9-dns_query from RedHat RHSA-2005-489, which
> is quite straight.
>
> With this patch squid fails[1] with
>
> rfc1035.c:410: rfc1035RRUnpack: Assertion `(*off) <= sz' failed
>
> which can be reproduced accessing
>
> http://62.26.121.2:80/dat/bgf/trpix.gif
>
> This seems to happen on SuSE squid-2.5.STABLE1[2] too.
>
> I cannot understand the RFC1035 code enough to debug it, can you please
> help?
The interactions between lib/rfc1035.c and src/dns_internal.c has changed
many times to address issues with decoding of malformed packets. The
following list of patches is relevant:
squid-2.5.STABLE2-dns_root_label.patch
squid-2.5.STABLE5-rfc1035NameUnpack.patch
squid-2.5.STABLE7-fqdn_truncated.patch
squid-2.5.STABLE9-dns_query-5.patch
Also as can be seen in the list the dns_query patch was updated many times
after the initial release so you'd better make sure it is the current
revision you are backporting.
Regards
Henrik
Received on Wed Aug 03 2005 - 09:32:02 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Aug 31 2005 - 12:00:06 MDT
