BTW: nslookup can't grok big DNS responses and often crashes when it gets one because it *reads* (1) beyond the end of its buffer. Just a little funny excerpt from GetAnswer (getinfo.c): status = SendRequest(nsAddrPtr, msg, msglen, (char *) &answer, sizeof(answer), &n); ... eom = (u_char *) &answer + n; (n is the FULL size of the response, n > sizeof(answer) if the response was truncated because it did not fit into the buffer, which is 1kB long in nslookup) Moreover, a lot of code in getinfo.c and debug.c does not care much about the end of the buffer (even if it gets it right). Check the diffs between bind 4.9.6 and bind 4.9.7 and you'll see they have fixed lots of bugs of this kind in named. (Hmm, I should look at bind 8.) This is the software supposed to keep Internet running. It's scary. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "You can't be truly paranoid unless you're sure they have already got you." (1) I don't guarantee it is impossible to abuse it
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:14:47 PDT