bind-9.8.1: INSIST(! dns_rdataset _isassociated(sigrdataset)) failed

John Wobus jw354 at
Thu Nov 17 14:32:12 UTC 2011

I assume ISC does not deliberately insert aborts
triggerable by bad data in DNS queries and answers.
Much more likel,y they do it when something happens
that is supposed to be logically impossible whatever the
incoming data, and implies continuing to run is
potentially insecure and/or will just create a
subsequent, more obscure crash.  I assume the fact
that bad data triggered an abort is due to a bug.

That said, in this case they might be changing this
specific abort to a warning, fixing up what state
they can and crossing their fingers.


On Nov 16, 2011, at 7:35 AM, David Ford wrote:

> can we have a paradigm shift from ISC please?  instead of falling over
> dead with insist/assert, please bleat a warning and drop the  
> problematic
> issue on the floor instead and press on with business.  many BIND DoS
> attacks (and zone typos) are very effective for just this reason.
> :)
> _______________________________________________
> Please visit to  
> unsubscribe from this list
> bind-users mailing list
> bind-users at

More information about the bind-users mailing list