-
-
Notifications
You must be signed in to change notification settings - Fork 62
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Diagnostic tool can be used to kill the UDP listener #42
Comments
Note that this appears to be possible to (naively) handle by adding a try..catch to https://github.com/song940/node-dns/blob/master/server/udp.js#L21 I have no idea if just not handling the message has and adverse effect elsewhere.
|
Hi, @webprofusion-chrisc , what “Diagnostic tool” you are used? Give me some information about dns client request details like dig command line arguments or wireshark packets. |
Hi, I wasn't sure if this represented a denial of service vulnerability which is why I was being vague. It nmap using the DNS fuzz script: https://nmap.org/nsedoc/scripts/dns-fuzz.html I think the issue is the message size is smaller than expected but it gets parsed anyway, so we run out of buffer to read. |
i have the same problem with this error |
Subscribing in since this sounds like it needs to be fixed |
This would be a great concern for me as well. |
Fixed in #57 |
Hi, so without specifying too much detail yet, I can use a standard tool to test my DNS server which in turn causes a buffer overrun which by default will cause the listener to throw an exception and stop responding.
Should I report the details somewhere specific? I haven't investigated a fix yet as this is just a prototype I'm working on.
Perhaps there is a standard way (in this library) to just catch this and continue?
Example exception (server created with dns2.createUDPServer):
The text was updated successfully, but these errors were encountered: