Bug 15040 - dwTimestamp not set when updating via dns update
Summary: dwTimestamp not set when updating via dns update
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: DNS plugin (BIND DLZ) (show other bugs)
Version: 4.15.6
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Amitay Isaacs
QA Contact: Samba QA Contact
URL: https://gitlab.com/samba-team/samba/-...
Depends on:
Reported: 2022-04-04 11:04 UTC by Michael Saxl
Modified: 2023-01-19 23:26 UTC (History)
0 users

See Also:

patch (1.63 KB, patch)
2022-04-04 13:42 UTC, Michael Saxl
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Saxl 2022-04-04 11:04:36 UTC
when using nsupdate to add records the new record is added as static record.

as far as I understand this is because in source4/dns_server/dlz_bind9.c b9_parse does not set rec->dwTimeStamp. This results in rec->dwTimeStamp being 0. 0 means "static"

somewhere later there is a call to dns_name_is_static that would suggest that dwTimestamp is set if it is not a static record, but since dns_name_is_static only checks if ONE record has a dwTimeStamp that is 0 (there will always be one if it is a new record, the b9_parse'd one) or it is a SOA record, this will always return true

I think this can be fixed by replacing

if (dns_name_is_static(recs, num_recs)) {
        rec->dwTimeStamp = 0;
} else {
        rec->dwTimeStamp = unix_to_dns_timestamp(time(NULL));


rec->dwTimeStamp = unix_to_dns_timestamp(time(NULL));
if (dns_name_is_static(recs, num_recs)) {
        rec->dwTimeStamp = 0;

if recs is really static there will be a rec that has dwTimeStamp==0 and the new rec->dwTimeStamp will be also set to 0 (=static).
Comment 1 Michael Saxl 2022-04-04 11:51:02 UTC
sorry, the bug report is not precise and I was fooled a bit

the issue can be triggered by:
update add rec.domain.test 300 IN A
-> now a dynamic record is added
update delete rec.domain.test
-> now the record is deleted
update add rec.domain.test 300 IN A
-> now the record is static

the proposed changes would fix this issue. I am currently not sure why this happens
I think there is a tombstoned entry, but this should be ignored explicitly by dns_name_is_static
Comment 2 Michael Saxl 2022-04-04 13:07:21 UTC
I think I found the issue.

dns_name_is_static(recs, num_recs) is called with the incremented num_recs but the new record is not appended yet. This means the memory is probably not initiallized (talloc_realloc does not zero the memory, else it would probably work since wType would be 0 =DNS_TYPE_TOMBSTONE)
Comment 3 Michael Saxl 2022-04-04 13:42:40 UTC
Created attachment 17262 [details]
Comment 4 Douglas Bagnall 2022-04-21 01:04:58 UTC
The current meege request is https://gitlab.com/samba-team/samba/-/merge_requests/2491 which includes Michael Saxl's patch attached here, along with tests, a related fix for the case where a record is being replaced.
Comment 5 Samba QA Contact 2022-06-17 02:19:11 UTC
This bug was referenced in samba master:

Comment 6 Douglas Bagnall 2023-01-19 23:26:14 UTC
Closing, as it seems neither I nor anybody else felt enough urgency to backport. The fix is now in 4.17 and 4.18rc1, and the window for a 4.16 port is narrowing daily.