knot-resolver 2.2.0 crashes when malformed response, which include SIG record in authority section, is received.
Knot-resolver crashes when malformed response is received from a malicious authoritative server in my test environment.
response from authoritative server.
;; QUESTION SECTION: ;www.example.com. IN A ;; AUTHORITY SECTION: www.example.com. 600 CH SIG A 1 3 3600 19700102034640 19700101135320 174 www.example.com. AQE.... snip ....
message at crach.
# /usr/local/sbin/kresd -c /usr/local/etc/knot-resolver/kresd.conf [system] interactive mode > kresd: lib/cache/api.c:254: key_exact_type_maypkt: Assertion `!knot_rrtype_is_metatype(type)' failed. Aborted
Please read README.md whichi includes reproduce steps.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information