postfix/dnsblog: panic: dns_query: bad length -1 (h_errno=Unknown error 0)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

postfix/dnsblog: panic: dns_query: bad length -1 (h_errno=Unknown error 0)

triaxx
Hi,

I get a panic in my logs:
postfix/master[22933]: daemon started -- version 3.2.2, configuration
/etc/postfix
postfix/postscreen[22945]: CONNECT from [A.B.C.D]:XXXXX to [E.F.G.H]:25
postfix/dnsblog[22947]: panic: dns_query: bad length -1 (h_errno=Unknown
error 0)
postfix/dnsblog[22946]: panic: dns_query: bad length -1 (h_errno=Unknown
error 0)
postfix/master[22933]: warning: process /libexec/postfix/dnsblog pid
22947 killed by signal 6
postfix/master[22933]: warning: /libexec/postfix/dnsblog: bad command
startup -- throttling
postfix/master[22933]: warning: process /libexec/postfix/dnsblog pid
22946 killed by signal 6
postfix/postscreen[22945]: PASS OLD [A.B.C.D]:XXXXX

The system is:
$ uname -a
FreeBSD foo.triaxx.org 11.1-RELEASE-p4 FreeBSD 11.1-RELEASE-p4 #0: Tue
Nov 14 06:12:40 UTC 2017    
[hidden email]:/usr/obj/usr/src/sys/GENERIC  amd64

postconf -M gives the following:
smtp       inet  n       -       n       -       1       postscreen
smtpd      pass  -       -       n       -       -       smtpd
submission inet  n       -       n       -       1       smtpd
pickup     unix  n       -       n       60      1       pickup
cleanup    unix  n       -       n       -       0       cleanup
qmgr       unix  n       -       n       300     1       qmgr
tlsmgr     unix  -       -       n       1000?   1       tlsmgr
tlsproxy   unix  -       -       n       -       0       tlsproxy
dnsblog    unix  -       -       n       -       0       dnsblog
rewrite    unix  -       -       n       -       -       trivial-rewrite
bounce     unix  -       -       n       -       0       bounce
defer      unix  -       -       n       -       0       bounce
trace      unix  -       -       n       -       0       bounce
verify     unix  -       -       n       -       1       verify
flush      unix  n       -       n       1000?   0       flush
proxymap   unix  -       -       n       -       -       proxymap
proxywrite unix  -       -       n       -       1       proxymap
smtp       unix  -       -       n       -       -       smtp
relay      unix  -       -       n       -       -       smtp
showq      unix  n       -       n       -       -       showq
error      unix  -       -       n       -       -       error
retry      unix  -       -       n       -       -       error
discard    unix  -       -       n       -       -       discard
local      unix  -       n       n       -       -       local
virtual    unix  -       n       n       -       -       virtual
lmtp       unix  -       -       n       -       -       lmtp
anvil      unix  -       -       n       -       1       anvil
scache     unix  -       -       n       -       1       scache

The main.cf line that causes this message is:
postscreen_dnsbl_sites = zen.spamhaus.org, b.barracudacentral.org

The problem also occurs with 3.2.4. Since I can read this comment, I
suppose a bug:
     /*
      * Future proofing. If this reaches the panic call, then some code
change
      * introduced a bug.
      */
     if (len < 0)
   msg_panic("dns_query: bad length %d (h_errno=%s)",
       len, dns_strerror(h_errno));

Reply | Threaded
Open this post in threaded view
|

Re: postfix/dnsblog: panic: dns_query: bad length -1 (h_errno=Unknown error 0)

Wietse Venema
triaxx:

> postfix/postscreen[22945]: CONNECT from [A.B.C.D]:XXXXX to [E.F.G.H]:25
> postfix/dnsblog[22947]: panic: dns_query: bad length -1 (h_errno=Unknown
> error 0)
> ...
> The problem also occurs with 3.2.4. Since I can read this comment, I
> suppose a bug:
>      /*
>       * Future proofing. If this reaches the panic call, then some code change
>       * introduced a bug.
>       */
>      if (len < 0)
>    msg_panic("dns_query: bad length %d (h_errno=%s)",
>        len, dns_strerror(h_errno));

This means that the FreeBSD library function res_query() has
changed, and that it now returns a negative result value (-1) while
leaving h_errno at zero (i.e. without specifying the error type).

Maybe this workaround will help. Sorry, no time for diffs. This is
for dns_res_search() in dns_lookup.c.

     if (keep_notfound)
          /* Prepare for returning a null-padded server reply. */
          memset(answer, 0, anslen);
     len = res_query(name, class, type, answer, anslen);
+    if (len < 0 && h_errno == 0) {
+        h_errno = HOST_NOT_FOUND;
+        msg_warn("res_query(%s, ...) returns -1 with h_errno==0", name);
+    }
     if (len > 0) {
          SET_H_ERRNO(0);
     } else if (keep_notfound && NOT_FOUND_H_ERRNO(h_errno)) {
 

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: postfix/dnsblog: panic: dns_query: bad length -1 (h_errno=Unknown error 0)

Wietse Venema
Wietse Venema:

> triaxx:
> > postfix/postscreen[22945]: CONNECT from [A.B.C.D]:XXXXX to [E.F.G.H]:25
> > postfix/dnsblog[22947]: panic: dns_query: bad length -1 (h_errno=Unknown
> > error 0)
> > ...
> > The problem also occurs with 3.2.4. Since I can read this comment, I
> > suppose a bug:
> >      /*
> >       * Future proofing. If this reaches the panic call, then some code change
> >       * introduced a bug.
> >       */
> >      if (len < 0)
> >    msg_panic("dns_query: bad length %d (h_errno=%s)",
> >        len, dns_strerror(h_errno));
>
> This means that the FreeBSD library function res_query() has
> changed, and that it now returns a negative result value (-1) while
> leaving h_errno at zero (i.e. without specifying the error type).
>
> Maybe this workaround will help. Sorry, no time for diffs. This is
> for dns_res_search() in dns_lookup.c.

Second shot, more portable, nicer error message, and more conservative
action. I'd be interested in any warnings that this will log.

        Wietse

diff --exclude=man --exclude=html --exclude=README_FILES --exclude=INSTALL --exclude=.indent.pro --exclude=Makefile.in -r -ur /var/tmp/postfix-3.3-20171028/src/dns/dns_lookup.c src/dns/dns_lookup.c
--- /var/tmp/postfix-3.3-20171028/src/dns/dns_lookup.c 2016-02-23 11:21:41.000000000 -0500
+++ src/dns/dns_lookup.c 2017-12-18 19:22:22.000000000 -0500
@@ -397,6 +397,14 @@
  /* Prepare for returning a null-padded server reply. */
  memset(answer, 0, anslen);
     len = res_query(name, class, type, answer, anslen);
+    /* Begin FreeBSD 11.1 workaround. */
+    if (len < 0 && h_errno == 0) {
+ SET_H_ERRNO(TRY_AGAIN);
+ msg_warn("res_query(\"%s\", %d, %d, %p, %d) returns %d with h_errno==0"
+ " -- setting h_errno=TRY_AGAIN",
+ name, class, type, answer, anslen, len);
+    }
+    /* End FreeBSD 11.1 workaround. */
     if (len > 0) {
  SET_H_ERRNO(0);
     } else if (keep_notfound && NOT_FOUND_H_ERRNO(h_errno)) {