Opened 6 years ago

Closed 6 years ago

Last modified 4 years ago

#10249 closed defect (fixed)

unbound crashes on first validation attempt

Reported by: Ondrej Caletka <ondrej.caletka@…> Owned by: developers
Priority: normal Milestone: Barrier Breaker 14.07
Component: packages Version: Trunk
Keywords: unbound dnssec Cc:


I just compiled SVN trunk (r28490) for my tl-wr1043nd router. When I install and run the unbound recursive and validating DNS resolver, it crashes right after run, when it tries to update root DNSKEY file. There is a record about crash in syslog:

Oct 19 21:46:33 OpenWrt unbound: [2696:0] info: resolving . DNSKEY IN
Oct 19 21:46:33 OpenWrt daemon.debug unbound: [2696:0] debug: request has dependency depth of 0
Oct 19 21:46:33 OpenWrt daemon.crit unbound: [2696:0] fatal error: util/storage/lruhash.c:359: lruhash_lookup: pointer whitelist fptr_whitelist_hash_compfunc(table->compfunc) failed

Same crash happen to the snapshot version of OpenWRT.

Attachments (2)

unbound-1.4.14rc1.diff (3.5 KB) - added by Cybjit <cybjit@…> 6 years ago.
unbound 1.4.14rc1
unbound-1.4.14.diff (3.5 KB) - added by Cybjit <cybjit@…> 6 years ago.
unbound 1.4.14

Download all attachments as: .zip

Change History (9)

comment:1 follow-up: Changed 6 years ago by earendil_fr@…

After some tests, I've found that the problems appears with the version 1.4.11 (no problems with version 1.4.10).

If you see the change log of this version, we have the flag -flto activated.
Perhaps the source of the problem...

OpenWRT :

  • Arch : ar71xx
  • equipment : WZR-HP-300NH
  • version : snapshot
  • libldns : trunk version

comment:2 in reply to: ↑ 1 Changed 6 years ago by Cybjit <cybjit@…>

I just upgraded to trunk and see the same thing (ldns 1.6.11, unbound 1.4.13).
Arch ar71xx, latest trunk.

Backfire worked fine with the same versions (ldns 1.6.11, unbound 1.4.13).

comment:3 Changed 6 years ago by Cybjit <cybjit@…>

After installing my old packages from Backfire, it works fine (libopenssl, libldns, libunbound, unbound).


comment:4 Changed 6 years ago by Cybjit <cybjit@…>

Upgrading to 1.4.14rc1 fixes this for me.

Changed 6 years ago by Cybjit <cybjit@…>

unbound 1.4.14rc1

comment:5 Changed 6 years ago by anonymous

1.4.14 is released, from release notes:

Fix --enable-allsymbols, it depended on link specifics of the target platform, or fptr_wlist assertion failures could occur. The feature is disabled on windows.

Also fixes a DOS:

Fix for VU#209659 CVE-2011-4528: Unbound denial of service vulnerabilities from nonstandard redirection and denial of existence

Changed 6 years ago by Cybjit <cybjit@…>

unbound 1.4.14

comment:6 Changed 6 years ago by swalker

  • Resolution set to fixed
  • Status changed from new to closed

Thanks for the patch, fixed in r29796.

comment:7 Changed 4 years ago by jow

  • Milestone changed from Attitude Adjustment 12.09 to Barrier Breaker 14.07

Milestone Attitude Adjustment 12.09 deleted

Add Comment

Modify Ticket

as closed .
The resolution will be deleted. Next status will be 'reopened'.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.