Sam Trenholme's webpage
Support this website

Deadwood update


March 20 2013

I have updated Deadwood to fix a long-standing bug resolving host names that only pops up once in a blue moon.

I discovered that the host name “” was not resolving with Deadwood. After spending an hour or so looking at the issue, I discovered an off-by-one bug.

One of the sanity tests performed when making an incomplete CNAME chain has a subtle bug. The sanity test in question makes sure a CNAME referral has records in the AN section of the reply before gluing together incomplete CNAME referrals with the records the CNAMEs point to.

The bug only manifested itself when an incomplete CNAME chain has its last DNS record start 256 (or 512, or 768—at this point in the code, we’re looking at the uncompressed form of the packet) bytes in to the packet, and would cause the sanity test to incorrectly fail.

Since this test otherwise incorrectly passed, it remains an open question whether this bug fix will cause other hostnames to not correctly resolve. I will continue to perform dogfood testing with Deadwood to see if any other problems pop up.

The fix is a one-byte change to the code.

It can be downloaded here:

Note that I found and fixed this bug before the 20th; while I normally do not work on MaraDNS or Deadwood before the 20th, this particular bug was annoying me enough that I fixed it right away.

I plan to work on MaraDNS/Deadwood again one day next month, after the 20th, unless a critical security bug with a CVE number is found.

As an aside, I am not a big fan of Scalzi’s writings. His “An Incomplete Guide to Not Creeping” article creeps me out, and has the same issues as those “Creeper cards” I recently blogged about.

2016 update: Keep in mind that a lot of stuff Pick up artists / misogynists say to justify their predatory behavior towards women is pure BS

To post a comment about an entry, send me an email and I may or may not post your comment (with or without editing)