Ubuntu
bind9 package

nslookup crashes when no suffix and type=any

Bug #1987682 reported by Chris Taylor
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
bind9 (Ubuntu)
Fix Released
Undecided
Unassigned
Jammy
Triaged
Undecided
Unassigned
Kinetic
Fix Released
Undecided
Unassigned

Bug Description

nslookup crashes when you query a name without a suffix and the record type is set to any. The BIND maintainers at ISC suggested pulling an updated version.

$ nslookup
> set type=any
> asdf
dighost.c:1683: INSIST(query->readhandle == ((void *)0)) failed, back trace
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1.1-Ubuntu.so(+0x32073)[0x7f8c75701073]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1.1-Ubuntu.so(isc_assertion_failed+0x10)[0x7f8c75700560]
nslookup(+0xe29e)[0x55d3ae59d29e]
nslookup(+0xe3e1)[0x55d3ae59d3e1]
nslookup(+0xedfd)[0x55d3ae59ddfd]
nslookup(+0x11e3f)[0x55d3ae5a0e3f]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1.1-Ubuntu.so(isc__nm_async_readcb+0xb1)[0x7f8c756efc31]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1.1-Ubuntu.so(isc__nm_readcb+0x9b)[0x7f8c756efd6b]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1.1-Ubuntu.so(isc__nm_tcpdns_processbuffer+0x11b)[0x7f8c756f7dcb]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1.1-Ubuntu.so(isc__nm_process_sock_buffer+0x25)[0x7f8c756ed205]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1.1-Ubuntu.so(isc__nm_tcpdns_read_cb+0xbc)[0x7f8c756f835c]
/lib/x86_64-linux-gnu/libuv.so.1(+0x1fe88)[0x7f8c751d9e88]
/lib/x86_64-linux-gnu/libuv.so.1(+0x204d8)[0x7f8c751da4d8]
/lib/x86_64-linux-gnu/libuv.so.1(+0x2511e)[0x7f8c751df11e]
/lib/x86_64-linux-gnu/libuv.so.1(uv_run+0x678)[0x7f8c751c8c88]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1.1-Ubuntu.so(+0x25e9e)[0x7f8c756f4e9e]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1.1-Ubuntu.so(isc__trampoline_run+0x1a)[0x7f8c757247aa]
/lib/x86_64-linux-gnu/libc.so.6(+0x94b43)[0x7f8c75280b43]
/lib/x86_64-linux-gnu/libc.so.6(+0x126a00)[0x7f8c75312a00]
Aborted (core dumped)

Additional Info:

$ lsb_release -rd
Description: Ubuntu 22.04.1 LTS
Release: 22.04

$ apt-cache policy bind9-dnsutils
bind9-dnsutils:
  Installed: 1:9.18.1-1ubuntu1.1
  Candidate: 1:9.18.1-1ubuntu1.1
  Version table:
 *** 1:9.18.1-1ubuntu1.1 500
        500 http://us.archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages
        100 /var/lib/dpkg/status
     1:9.18.1-1ubuntu1 500
        500 http://us.archive.ubuntu.com/ubuntu jammy/main amd64 Packages

What I expected:
$ nslookup
> set type=any
> asdf.asd
Server: 127.0.0.53
Address: 127.0.0.53#53

** server can't find asdf.asd: NXDOMAIN

ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: bind9-dnsutils 1:9.18.1-1ubuntu1.1
ProcVersionSignature: Ubuntu 5.15.0-46.49-generic 5.15.39
Uname: Linux 5.15.0-46-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia
ApportVersion: 2.20.11-0ubuntu82.1
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: ubuntu:GNOME
Date: Thu Aug 25 08:47:00 2022
InstallationDate: Installed on 2020-04-15 (862 days ago)
InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017)
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: bind9
UpgradeStatus: Upgraded to jammy on 2022-05-13 (103 days ago)

Revision history for this message
Chris Taylor (ctaylor-g) wrote :
Seth Arnold (seth-arnold)
information type: Private Security → Public
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Thank you for the bug report.

I am almost sure this is related to a few other bugs that are affecting "dig" and "host" as well. Unfortunately, the bind9 version shipped on Jammy ended up being affected by these issues, but we are working to bring a comprehensive fix that should address them.

For reference, these are the existing bugs I mentioned:

https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1258003

https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1970252

Since I'm not entirely sure whether this bug is related to them, I won't mark anything as duplicate for now.

Thank you.

Changed in bind9 (Ubuntu):
status: New → Triaged
Changed in bind9 (Ubuntu Kinetic):
status: Triaged → Fix Released
Changed in bind9 (Ubuntu Jammy):
status: New → Triaged
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.