brendan@cs.widener.edu (Brendan Kehoe) (12/21/90)
Howdy .. I just came across something strange. I'd like to verify it before
letting Sun know about it (in case it's a site-specific problem, rather
than a system problem).
Whenever I try to do any operation on the name
kfps-roble6-dynamic.stanford.edu
with ping, telnet, ftp, etc, I get "Segmentation fault".
But this also happens with other things .. dig bitches about a
truncated answer & says "connection refused"; host sits there staring.
Only nslookup has ever been able to deal with it.
I'd say it's being snagged by MAXHOSTNAMELEN, but that doesn't make
sense; foo.bar.baz.mix.me.a.good.drink is dealable -- only when one
particular part of a FQDN is really long does it die.
Whatcha think?
--
Brendan Kehoe - Widener Sun Network Manager - brendan@cs.widener.edu
Get ``Red Hot & Blue'', songs by Cole Porter sung by U2, Sinead O'Connor,
The Neville Brothers, Tom Waits, & many more. Proceeds benefit AIDS research.subbarao@phoenix.Princeton.EDU (Kartik Subbarao) (12/21/90)
In article <1990Dec20.203518.24899@cs.widener.edu> brendan@cs.widener.edu (Brendan Kehoe) writes: > > Howdy .. I just came across something strange. I'd like to verify it before >letting Sun know about it (in case it's a site-specific problem, rather >than a system problem). > Whenever I try to do any operation on the name > kfps-roble6-dynamic.stanford.edu > with ping, telnet, ftp, etc, I get "Segmentation fault". Hmm - I tried this too and the same thing happened. (I'm also running on a Sun, but at least its not site - specific) > But this also happens with other things .. dig bitches about a >truncated answer & says "connection refused"; host sits there staring. >Only nslookup has ever been able to deal with it. > I'd say it's being snagged by MAXHOSTNAMELEN, but that doesn't make >sense; foo.bar.baz.mix.me.a.good.drink is dealable -- only when one >particular part of a FQDN is really long does it die. > Whatcha think? > I thought it was something similar to that too (i.e MAXHOSTNAMELEN). So to find out, I compiled telnet with symbols and gdb'd the sucker. As it turns out, the segmentation fault occurs in bcopy(), which is called by memcopy(). the memcopy in the telnet code goes like this: memcpy((caddr_t)&sin.sin_addr, host->h_addr_list[0], host->h_length); The segfault comes from h_addr_list pointing to some illegitimate place. (So when you dereference the pointer via h_addr_list[0], boom!) And how did it get to be pointing there, you might ask? Amazing place. gethostbyname(). host = gethostbyname(hostp) is called, with hostp being "kfps-roble6-dynamic.stanford.edu". gethostbyname here returns a struct hostent * which has really confused fields in it. They simply don't make sense. I wish I had symbols for wherever that source is. It would be nice to find out why. But I suspect that it has something to do with the length of the name. If you used the specific example "foo.bar.baz.mix.me.a.good.drink", then things go okay (well it doesnt segfault) because the gethostbyname returns NULL on that name, and telnet can tell the errors. And since gethostbyname() is used universally in telnet, ftp, etc. they all segfault. Okay, someone who has the source to all this -- Why is gethostbyname returning bad things? -Kartik -- internet# ls -alR | grep *.c subbarao@{phoenix or gauguin}.Princeton.EDU -|Internet kartik@silvertone.Princeton.EDU (NeXT mail) -| SUBBARAO@PUCC.BITNET - Bitnet
philip@beeblebrox.dle.dg.com (Philip Gladstone) (12/22/90)
>>>>> On 20 Dec 90 20:35:18 GMT, brendan@cs.widener.edu (Brendan Kehoe) said:
Brendan> But this also happens with other things .. dig bitches about a
Brendan> truncated answer & says "connection refused"; host sits there staring.
Brendan> Only nslookup has ever been able to deal with it.
The response that I got from dig seems to point at a potential
problem. This host has a *LOT* (26) of address records. Unfortunately I
can't test this hypothesis as my ftp doesn't crash when trying to call it.
Philip
--
Philip Gladstone Dev Lab Europe, Data General, Cambridge, UK
Listen three eyes, don't you try and outweird me, I get
stranger things than you free with my breakfast cereal.emv@ox.com (Ed Vielmetti) (12/22/90)
In article <1990Dec20.203518.24899@cs.widener.edu> brendan@cs.widener.edu (Brendan Kehoe) writes:
Whenever I try to do any operation on the name
kfps-roble6-dynamic.stanford.edu
with ping, telnet, ftp, etc, I get "Segmentation fault".
It's segmentation faulting in the dn_expand routine under ultrix 4.1.
I used to sit in front of an Apollo called
"starbarlounge.cc.umich.edu", but that long name was still only 13
characters per part. kfps-roble6-dynamic is 19 characters. the way I
read RFC 1123 it requires it be able to handle 63 character host
names. the way I read rfc 952 it says any part can be up to 24 characters.
allegedly there was a machine called
"car-crash-set-to-music.lcs.mit.edu", which should still be legal.
nothing in the multi-homed hosts discussion suggests that there is a
limit on the number of A records per host, but I might have missed
something. kfps...6 has at least 26. there's a kfps...7 for which
things seem to work, nice test case.
--Ed
emv@ox.com
(note short snappy domain name)
(at least until namedroppers or the bind list mangles it)