I'm using dhcp to get my IP address. Pump runs, gets my IP address, generates a resolv.conf with the correct 4 nameservers followed by almost 3000 junk nameserver entries, then crashes. It also looks like the dhcp lease for my IP address isn't being renewed (since pump crashes and doesn't stick around to renew it in a few hours).
Does this happen with the latest pump update available from ftp://updates.redhat.com? ------- Additional Comments From 06/04/99 17:59 ------- Yes, it happens with pump-0.6.7-1. Sorry, I should have put that in the initial bug report. The same crash happens to my friend. We are both using Road Runner in Austin, TX. A wild guess: perhaps something to do with it getting 4 valid nameserver ips via dhcp (too many)?
Pump only permits 3 name servers. ------- Email Received From Larry Ewing <lewing.org> 06/10/99 16:22 -------
Verified and checked. This is an _exploitable_ hole. The risk is probably low, but its exploitable off the same LAN. Erik: there is a pump-0.6.7-2 in my SRPMS dir, please read and review the changes and send a lab dude to test them a bit. Others: email me if you want a test rpm. Emphasis -test- -unofficial- -own risk- 8) Alan ------- Additional Comments From 06/13/99 10:11 ------- The test rpm (pump-0.6.7-2) still appears to do the same thing on my machine. Pump runs, grabs my ip address and writes out a mungled resolv.conf. Afterward pump does not exist in the process listing, so it probably won't be renewing my dhcp lease. Here is a snippet from the generated resolv.conf (the first five lines of it are correct): bash# ls -al resolv.conf -rw-r--r-- 1 root root 65536 Jun 13 09:01 resolv.conf bash# head -30 resolv.conf search austin.rr.com rr.com nameserver 24.93.35.65 nameserver 24.93.35.64 nameserver 24.93.35.33 nameserver 25.93.35.32 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 nameserver 0.0.0.0 bash# tail -30 resolv.conf nameserver 120.116.101.114 nameserver 109.0.72.79 nameserver 83.84.84.89 nameserver 80.69.61.105 nameserver 51.56.54.0 nameserver 80.65.84.72 nameserver 61.47.115.98 nameserver 105.110.58.47 nameserver 117.115.114.47 nameserver 115.98.105.110 nameserver 58.47.98.105 nameserver 110.58.47.117 nameserver 115.114.47.98 nameserver 105.110.0.67 nameserver 79.78.83.79 nameserver 76.69.61.47 nameserver 100.101.118.47 nameserver 99.111.110.115 nameserver 111.108.101.0 nameserver 75.68.69.68 nameserver 73.82.61.47 nameserver 117.115.114.0 nameserver 72.79.77.69 nameserver 61.47.114.111 nameserver 111.116.0.73 nameserver 78.80.85.84 nameserver 82.67.61.47 nameserver 101.116.99.47 nameserver 105.110.112.117 nameserver 116.bash#
The -2 rpm I did somehow lost a patch. I've put the correct -2 rpm on ftp.linux.org.uk:/pub/linux/alan. This one is the same thing but seems to have come out of the other end intact. You may need to use --force to make it update this over the last one ------- Additional Comments From 06/21/99 01:30 ------- Just tried out the new test rpm. Got 3 nameservers and pump didn't crash. It only kept 3 of the 4 nameserver IP addresses the dhcp server returned.
I've integrated this patch into pump's CVS tree, and there should be a new pump release later this week or early next.
This was fixed in the errata announced last week.
Fixed in pump 0.7.