On Thu, 18 Dec 2003, Harald Schueler wrote:
> If you take a closer look I think you will find that the list is
> incomplete, as the DNS answer was truncated, because it did not fit in
> the provided buffer (1024 bytes). I noticed the same behaviour with Exim
> 4.20 on AIX. On 4.30/AIX this condition crashes Exim. I have a
> workaround, which solves my immediate problem and makes Exim behave as
> before:
Thanks for the patch. I will take a look at it in due course (probably
not till at least February now, I'm afraid).
> I have not been able to find complete documentation for res_search and
> friends (only manpages), but I think what happens when the answer is
> truncated is highly implementation specific. In any case it does not
> seem safe to ignore the error code from dh_expand (although from looking
> at the code I thought this case was already handled by dns_next_rr()).
I will do some research and try to find out more about what goes on,
even if I have to read the source for dn_expand() in the end.
> Anyway, this does not solve the problem of the truncated response in
> general. I think the buffer size should be increased, although I don't
> know to what size, or how to find out the size. res_search on AIX
> returns the buffer size (contrary to the comment in Exim's source), when
> the buffer is too small. Maybe one could simply retry res_search with
> the buffer size doubled, if answerlen >= buffersize? But even then one
> would have to set an upper limit, to avoid DOS attacks.
I've made a note to check this all out. That particular bit of code has
not been revisited for some years.
Philip
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book: http://www.uit.co.uk/exim-book
