Bug 733112

Summary: MyDNS is terminated after any lookup when listening on an IPv6 address
Product: [Fedora] Fedora EPEL Reporter: Stewart Adam <s.adam>
Component: mydnsAssignee: Itamar Reis Peixoto <itamar>
Status: CLOSED EOL QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: el6CC: itamar
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-30 15:01:46 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Stewart Adam 2011-08-24 19:27:41 UTC 
Description of problem:
When MyDNS is listening on any IPv6 address (such as ::1 on a stock installation), any DNS query the server receives will trigger a buffer overflow, crashing the server:
Aug 24 03:44:23 dns2 mydns[11494]: *** stack smashing detected ***: mydns terminated
Aug 24 03:44:23 dns2 mydns[11443]: pid 11494 exited due to signal 6
Aug 24 03:44:23 dns2 mydns[11443]: Server pid 11494 died

Having MyDNS bind to all addresses except ::1 in /etc/mydns.conf is a temporary work-around:
no-listen = ::1                	# Do not listen on these addresses

Version-Release number of selected component (if applicable):
mydns-1.2.8.31-1.el6

How reproducible:
Always

Steps to Reproduce:
1. Setup MyDNS
2. Listen on ::1
3. dig @localhost foobar.com
  
Actual results:
Stack smashing protection terminates the MyDNS server process.

Expected results:
No crash

Additional info:
Upstream report, incl. patch, here: http://bugs.mydns-ng.com/bug_view_advanced_page.php?bug_id=62
Comment 1 Ben Cotton 2020-11-05 16:50:37 UTC 
This message is a reminder that EPEL 6 is nearing its end of life. Fedora will stop maintaining and issuing updates for EPEL 6 on 2020-11-30. It is our policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a 'version' of 'el6'.

Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later EPEL version.

Thank you for reporting this issue and we are sorry that we were not able to fix it before EPEL 6 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged  change the 'version' to a later Fedora version prior this bug is closed as described in the policy above.
Comment 2 Ben Cotton 2020-11-30 15:01:46 UTC 
EPEL el6 changed to end-of-life (EOL) status on 2020-11-30. EPEL el6 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
EPEL please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.