Skip to content

GitLab

Closed
Created by Tom@scip

dig sends \0 to itself on every run via udp/v6

Summary

Dig sends a UDP v6 packet with the payload \0 to itself (as it seems) every time it is being executed. The packets are being dropped and are flooding our logs. Dig works anyway so I suspect this is a bug.

Truss output:

getsockname(6,{ AF_INET6 [2a02:c00:8000::ac11:9438]:53121 },0x7fff7fffd9e8) = 0 (0x0)
sendmsg(6,{{ AF_INET6 [2a02:c00:8000::ac11:9438]:53121 },28,[{"\0",1}],1, \
{{level=IPPROTO_IPV6,type=IPV6_TCLASS,data={0xb8,0x00,0x00,0x00}}},24,0},0) = 1 (0x1)

Source and destination ports are always the same but random:

11:20:13.119122 IP6 2a02:c00:8000::ac11:9438.14634 > 2a02:c00:8000::ac11:9438.14634: UDP, length 1

BIND version used

named -V
BIND 9.11.7 (Extended Support Version) <id:084ef47>
running on FreeBSD amd64 11.2-RELEASE-p4 FreeBSD 11.2-RELEASE-p4 #0: Thu Sep 27 08:16:24 UTC 2018     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC
built by make with '--localstatedir=/var' '--disable-linux-caps' '--with-randomdev=/dev/random' '--with-libxml2=/usr/local' '--with-readline=-L/usr/local/lib -ledit' '--with-dlopen=yes' '--with-gost=no' '--without-python' '--sysconfdir=/usr/local/etc/namedb' '--with-dlz-filesystem=yes' '--disable-dnstap' '--disable-filter-aaaa' '--disable-fixed-rrset' '--without-gssapi' '--with-libidn2=/usr/local' '--enable-ipv6' '--without-libjson' '--disable-largefile' '--without-lmdb' '--disable-native-pkcs11' '--disable-querytrace' '--enable-rpz-nsdname' '--enable-rpz-nsip' 'STD_CDEFINES=-DDIG_SIGCHASE=1' '--with-openssl=/usr/local' '--enable-threads' '--with-tuning=default' '--disable-symtable' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/share/info/' '--build=amd64-portbld-freebsd11.2' 'build_alias=amd64-portbld-freebsd11.2' 'CC=cc' 'CFLAGS=-O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing ' 'LDFLAGS= -Wl,-rpath,/usr/local/lib -fstack-protector-strong ' 'LIBS=-L/usr/local/lib' 'CPPFLAGS=-DLIBICONV_PLUG -isystem /usr/local/include' 'CPP=cpp'
compiled by CLANG 4.2.1 Compatible FreeBSD Clang 6.0.0 (tags/RELEASE_600/final 326565)
compiled with OpenSSL version: OpenSSL 1.0.2r  26 Feb 2019
linked to OpenSSL version: OpenSSL 1.0.2r  26 Feb 2019
compiled with libxml2 version: 2.9.8
linked to libxml2 version: 20908
compiled with zlib version: 1.2.11
linked to zlib version: 1.2.11
threads support is enabled

Steps to reproduce

Execute some random dns query with dig.

What is the current bug behavior?

Dig issues suspicious packets.

What is the expected correct behavior?

It should only send dns queries.

Edited by Mark Andrews