Skip to content

[CVE-2022-3924] Add a reproducer for the serve-stale crash when recursive clients soft quota is reached

Nicki Křížek requested to merge 3619-serve-stale-client-timeout-crash-test into main

Reproduce the assertion by configuring a 'named' resolver with 'recursive-clients 10;' configuration option and running 20 queries is parallel.

Also tweak the 'ans2/ans.pl' to simulate a 50ms network latency when qname starts with "latency". This makes sure that queries running in parallel don't get served immediately, thus allowing the configured recursive clients quota limitation to be activated.

Originally https://gitlab.isc.org/isc-private/bind9/-/merge_requests/474

Closes #3619 (closed)

Merge request reports