Skip to content

Reproducer for CVE-2023-2911

Tom Krizek requested to merge 4089-stale-query-loop-test into main

The conditions that trigger the crash:

  • a stale record is in cache
  • stale-answer-client-timeout is 0
  • multiple clients query for the stale record, enough of them to exceed the recursive-clients quota
  • the response from the authoritative is sufficiently delayed so that recursive-clients quota is exceeded first

The reproducer attempts to simulate this situation. However, it hasn't proven to be 100 % reproducible, especially in CI. When reproducing locally, the priming query also seems to sometimes interfere and prevent the crash. When the reproducer is ran twice, it appears to be more reliable in reproducing the issue.

Closes #4089 (closed)

Merge request reports