Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Default -trace-max-recursion causes a server crash #707

Closed
pdelteil opened this issue Jul 26, 2024 · 1 comment · Fixed by #740
Closed

Default -trace-max-recursion causes a server crash #707

pdelteil opened this issue Jul 26, 2024 · 1 comment · Fixed by #740
Assignees
@Mzack9999
Labels
Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.

Comments

@pdelteil
Copy link

pdelteil commented Jul 26, 2024
edited
Loading

dnsx version:

1.2.1

Current Behavior:

Running dnsx with 200 threads and 2 MM domains crashed my server several times, using a total of 14
GB of RAM + 10 GB of swap. When the SWAP was filled completely, the server entered in an unrecoverable state. I couldn't find the reason for around a week, but today I found a domain with infinite recursion.

This domain gives SERVFAIL and the CNAME definition was recursive. The trace keeps running until 32767 steps in the recursion are completed or until the RAM and SWAP gets to 100%. I think the default value is too high:

-trace-max-recursion int Max recursion for dns trace (default 32767)

I haven't found cases that are not recursive that have more than 10 steps in the trace recursion.

Expected Behavior:

With a considerable lower default max recursion value is very unlikely a server resources will be exhausted.

Steps To Reproduce:

  1. Run dnsx:

echo lb.devicemanager.central.arubanetworks.com|dnsx -rc servfail -r 1.1.1.1 -trace -j -debug

It keeps running for a long time. No debug info is shown.

  1. Run with -trace-max-recursion set to 10.

echo lb.devicemanager.central.arubanetworks.com|dnsx -rc servfail -r 1.1.1.1 -trace -j -debug -trace-max-recursion 10

The second case returns in a couple of seconds.
@pdelteil pdelteil added the Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors. label Jul 26, 2024
@Mzack9999 Mzack9999 mentioned this issue Sep 2, 2024
Closed
@Mzack9999 Mzack9999 linked a pull request Sep 2, 2024 that will close this issue
Limiting max trace #740
Merged
@Mzack9999
Copy link
Member

@pdelteil Thanks for reporting this, I found the same indirectly while during long running dnsx. It should be fixed in #740

@Mzack9999 Mzack9999 self-assigned this Sep 2, 2024
@Mzack9999 Mzack9999 added the Status: Completed Nothing further to be done with this issue. Awaiting to be closed. label Sep 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Mzack9999 Mzack9999

Labels
Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Limiting max trace projectdiscovery/dnsx
2 participants
@Mzack9999 @pdelteil