facebookarchive/doh-proxy

ValueError: IPv6 addresses are 16 bytes long

appliedprivacy opened this issue · 2 comments

appliedprivacy commented

We've got lots of these in the logs:

 ERROR: Exception in callback _SelectorDatagramTransport._read_ready()
 handle: <Handle _SelectorDatagramTransport._read_ready()>
 Traceback (most recent call last):
   File "/usr/lib/python3.7/asyncio/events.py", line 88, in _run
     self._context.run(self._callback, *self._args)
   File "/usr/lib/python3.7/asyncio/selector_events.py", line 962, in _read_ready
     self._protocol.datagram_received(data, addr)
   File "/usr/local/lib/python3.7/dist-packages/dohproxy/server_protocol.py", line 143, in datagram_received
     dnsr = dns.message.from_wire(data)
   File "/usr/local/lib/python3.7/dist-packages/dns/message.py", line 823, in from_wire
     reader.read()
   File "/usr/local/lib/python3.7/dist-packages/dns/message.py", line 749, in read
     self._get_section(self.message.answer, ancount)
   File "/usr/local/lib/python3.7/dist-packages/dns/message.py", line 723, in _get_section
     self.message.origin)
   File "/usr/local/lib/python3.7/dist-packages/dns/rdata.py", line 424, in from_wire
     return cls.from_wire(rdclass, rdtype, wire, current, rdlen, origin)
   File "/usr/local/lib/python3.7/dist-packages/dns/rdtypes/IN/AAAA.py", line 54, in from_wire
     wire[current: current + rdlen])
   File "/usr/local/lib/python3.7/dist-packages/dns/inet.py", line 78, in inet_ntop
     return dns.ipv6.inet_ntoa(address)
   File "/usr/local/lib/python3.7/dist-packages/dns/ipv6.py", line 39, in inet_ntoa
     raise ValueError("IPv6 addresses are 16 bytes long")
chantra commented

Hi @appliedprivacy do you have any ways to reproduce this? What query/response triggered this?
Could you try to add some logging in https://github.com/facebookexperimental/doh-proxy/blob/master/dohproxy/server_protocol.py#L143
catch the exception and dump the content of data (using hexlify could be useful https://docs.python.org/2/library/binascii.html#binascii.hexlify )

Unless there is a way to repro, or an example packet that causes the exception to raise, it is going to be hard to do anything.

As much as what the exception tells us so far, we are receiving what seems to be a dns response, at least to the point that dnspython start unpacking the packet, gets a AAAA resource record, but the content is != 16 bytes long.

Probably something in the same vein of rthalley/dnspython#336

chantra commented

@appliedprivacy do you still see those errors? Any chances you can correlated that to a specific query/answer ? Based on rthalley/dnspython#336 (comment) this would be due to a bogus response in the first place. I think this is good to close as the service will still operate even though this exception happens.