Red Hat Bugzilla – Bug 419251
resolver's gethostbyname fails if DNS reply is over 1024 bytes
Last modified: 2007-12-12 04:43:28 EST
Description of problem:
If the glibc resolver receives a DNS reply that exceeds 1024 bytes,
gethostbyname will return failure, even if the host actually exists.
Version-Release number of selected component (if applicable):
RHEL 3.9 named
Query a DNS A record using gethostbyname which returns a large answer. This is
usually caused by a large amount of A records (round-robin), a long CNAME chain,
or a large amount of additional NS records returned by the nameserver
Resolver says that host does not exist.
Resolver should match the output of host, dig, and nslookup, which say that the
hosts exists and return the proper IP address.
Packet size may have been limited way back in RH 7.2 to prevent buffer
overflows, but the may have broken some functionality. Since "additional
nameserver" information is thrown away and gethosthostbyname only return address
info, this should be safe.
The problem was observed on a zone with a large number of authoritative name
servers that had very long FQDNs. DNS request/response was over TCP due to
RHEL3 is already in Maitanance phase and this isn't a security problem, nor
selected mission critical bug. See https://www.redhat.com/security/updates/errata/
I believe we have fixed this problem in RHEL4 or RHEL5; if you can reproduce it
with later RHEL releases, please reopen.