From krb5-bugs-incoming-bounces@mit.edu Tue Nov 2 13:29:01 2004
Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (8.9.3p2) with ESMTP
id NAA01452; Tue, 2 Nov 2004 13:29:01 -0500 (EST)
Received: from pch.mit.edu (localhost [127.0.0.1])
by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id iA2IT1Xn026901
for <krb5-send-pr@krbdev.mit.edu>; Tue, 2 Nov 2004 13:29:01 -0500 (EST)
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU
[18.7.7.76])
by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id iA20QoXn001189
for <krb5-bugs-incoming@PCH.mit.edu>;
Mon, 1 Nov 2004 19:26:50 -0500 (EST)
Received: from mx1.redhat.com (mx1.redhat.com [66.187.233.31])
iA20QnfS011246
for <krb5-bugs@mit.edu>; Mon, 1 Nov 2004 19:26:49 -0500 (EST)
Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com
[172.16.52.254])
by mx1.redhat.com (8.12.11/8.12.11) with ESMTP id iA20Qm2W022293
for <krb5-bugs@mit.edu>; Mon, 1 Nov 2004 19:26:48 -0500
Received: from devserv.devel.redhat.com (devserv.devel.redhat.com
[172.16.58.1])
by int-mx1.corp.redhat.com (8.11.6/8.11.6) with ESMTP id iA20Qhr03050
for <krb5-bugs@mit.edu>; Mon, 1 Nov 2004 19:26:43 -0500
Received: from axe.boston.redhat.com (axe.boston.redhat.com [172.16.80.51])
iA20QeT5000611
for <krb5-bugs@mit.edu>; Mon, 1 Nov 2004 19:26:40 -0500
Received: from axe.boston.redhat.com (localhost.localdomain [127.0.0.1])
by axe.boston.redhat.com (8.13.1/8.13.1) with ESMTP id iA20F3Yp015843
for <krb5-bugs@mit.edu>; Mon, 1 Nov 2004 19:15:03 -0500
Received: (from nalin@localhost)
by axe.boston.redhat.com (8.13.1/8.13.1/Submit) id iA20F3xD015842;
Mon, 1 Nov 2004 19:15:03 -0500
Date: Mon, 1 Nov 2004 19:15:03 -0500
Message-Id: <200411020015.iA20F3xD015842@axe.boston.redhat.com>
To: krb5-bugs@mit.edu
From: nalin@redhat.com
X-send-pr-version: 3.99
X-Scanned-By: MIMEDefang 2.42
X-Mailman-Approved-At: Tue, 02 Nov 2004 13:29:00 -0500
Subject: error checking result of gethostbyname_r
X-BeenThere: krb5-bugs-incoming@mit.edu
X-Mailman-Version: 2.1
Precedence: list
Reply-To: nalin@redhat.com
Sender: krb5-bugs-incoming-bounces@mit.edu
Errors-To: krb5-bugs-incoming-bounces@mit.edu
System: Linux axe.boston.redhat.com 2.6.8-1.624smp #1 SMP Thu Oct 14 21:16:29 EDT 2004 i686 i686 i386 GNU/Linux
Architecture: i686
implementation of GET_HOST_BY_NAME checks for errors from
gethostbyname_r by checking its result code. An error has also
occurred if my_hp has not been set to point to my_h_ent.
/etc/hosts was enough to trigger the bug.
gethostbyname_r is non-zero, check that my_hp has been set to
point to my_h_ent. Suggested patch:
--- src/include/fake-addrinfo.h 2004-09-02 18:59:42.000000000 -0400
+++ src/include/fake-addrinfo.h 2004-11-01 19:17:30.127252336 -0500
@@ -187,24 +187,27 @@ extern /*@dependent@*/ char *gai_strerro
#ifdef GETHOSTBYNAME_R_RETURNS_INT
#define GET_HOST_BY_NAME(NAME, HP, ERR) \
{ \
- struct hostent my_h_ent, *my_hp; \
- int my_h_err; \
+ struct hostent my_h_ent, *my_hp = NULL; \
+ int my_h_err, my_ret; \
char my_h_buf[8192]; \
- (HP) = (gethostbyname_r((NAME), &my_h_ent, \
- my_h_buf, sizeof (my_h_buf), &my_hp, \
- &my_h_err) \
+ my_ret = (gethostbyname_r((NAME), &my_h_ent, \
+ my_h_buf, sizeof (my_h_buf), &my_hp, \
+ &my_h_err)); \
+ (HP) = (((my_ret != 0) || (my_hp != &my_h_ent)) \
? 0 \
: &my_h_ent); \
(ERR) = my_h_err; \
}
#define GET_HOST_BY_ADDR(ADDR, ADDRLEN, FAMILY, HP, ERR) \
{ \
- struct hostent my_h_ent, *my_hp; \
- int my_h_err; \
+ struct hostent my_h_ent, *my_hp = NULL; \
+ int my_h_err, my_ret; \
char my_h_buf[8192]; \
- (HP) = (gethostbyaddr_r((ADDR), (ADDRLEN), (FAMILY), &my_h_ent, \
- my_h_buf, sizeof (my_h_buf), &my_hp, \
- &my_h_err) \
+ my_ret = (gethostbyaddr_r((ADDR), (ADDRLEN), (FAMILY), \
+ &my_h_ent, \
+ my_h_buf, sizeof (my_h_buf), &my_hp, \
+ &my_h_err)); \
+ (HP) = (((my_ret != 0) || (my_hp != &my_h_ent)) \
? 0 \
: &my_h_ent); \
(ERR) = my_h_err; \
Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (8.9.3p2) with ESMTP
id NAA01452; Tue, 2 Nov 2004 13:29:01 -0500 (EST)
Received: from pch.mit.edu (localhost [127.0.0.1])
by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id iA2IT1Xn026901
for <krb5-send-pr@krbdev.mit.edu>; Tue, 2 Nov 2004 13:29:01 -0500 (EST)
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU
[18.7.7.76])
by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id iA20QoXn001189
for <krb5-bugs-incoming@PCH.mit.edu>;
Mon, 1 Nov 2004 19:26:50 -0500 (EST)
Received: from mx1.redhat.com (mx1.redhat.com [66.187.233.31])
iA20QnfS011246
for <krb5-bugs@mit.edu>; Mon, 1 Nov 2004 19:26:49 -0500 (EST)
Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com
[172.16.52.254])
by mx1.redhat.com (8.12.11/8.12.11) with ESMTP id iA20Qm2W022293
for <krb5-bugs@mit.edu>; Mon, 1 Nov 2004 19:26:48 -0500
Received: from devserv.devel.redhat.com (devserv.devel.redhat.com
[172.16.58.1])
by int-mx1.corp.redhat.com (8.11.6/8.11.6) with ESMTP id iA20Qhr03050
for <krb5-bugs@mit.edu>; Mon, 1 Nov 2004 19:26:43 -0500
Received: from axe.boston.redhat.com (axe.boston.redhat.com [172.16.80.51])
iA20QeT5000611
for <krb5-bugs@mit.edu>; Mon, 1 Nov 2004 19:26:40 -0500
Received: from axe.boston.redhat.com (localhost.localdomain [127.0.0.1])
by axe.boston.redhat.com (8.13.1/8.13.1) with ESMTP id iA20F3Yp015843
for <krb5-bugs@mit.edu>; Mon, 1 Nov 2004 19:15:03 -0500
Received: (from nalin@localhost)
by axe.boston.redhat.com (8.13.1/8.13.1/Submit) id iA20F3xD015842;
Mon, 1 Nov 2004 19:15:03 -0500
Date: Mon, 1 Nov 2004 19:15:03 -0500
Message-Id: <200411020015.iA20F3xD015842@axe.boston.redhat.com>
To: krb5-bugs@mit.edu
From: nalin@redhat.com
X-send-pr-version: 3.99
X-Scanned-By: MIMEDefang 2.42
X-Mailman-Approved-At: Tue, 02 Nov 2004 13:29:00 -0500
Subject: error checking result of gethostbyname_r
X-BeenThere: krb5-bugs-incoming@mit.edu
X-Mailman-Version: 2.1
Precedence: list
Reply-To: nalin@redhat.com
Sender: krb5-bugs-incoming-bounces@mit.edu
Errors-To: krb5-bugs-incoming-bounces@mit.edu
Show quoted text
>Submitter-Id: net
>Originator: Nalin Dahyabhai
>Organization:
>Confidential: no
>Synopsis: fake-getaddrinfo.h incorrectly checks for gethostbyname_r errors
>Severity: serious
>Priority: medium
>Category: krb5-appl
>Class: sw-bug
>Release: krb5-1.3.4
>Environment:
>Originator: Nalin Dahyabhai
>Organization:
>Confidential: no
>Synopsis: fake-getaddrinfo.h incorrectly checks for gethostbyname_r errors
>Severity: serious
>Priority: medium
>Category: krb5-appl
>Class: sw-bug
>Release: krb5-1.3.4
>Environment:
System: Linux axe.boston.redhat.com 2.6.8-1.624smp #1 SMP Thu Oct 14 21:16:29 EDT 2004 i686 i686 i386 GNU/Linux
Architecture: i686
Show quoted text
>Description:
When GETHOSTBYNAME_R_RETURNS_INT is set by configure, the currentimplementation of GET_HOST_BY_NAME checks for errors from
gethostbyname_r by checking its result code. An error has also
occurred if my_hp has not been set to point to my_h_ent.
Show quoted text
>How-To-Repeat:
On my setup, configuring a host with only an IPv6 address in/etc/hosts was enough to trigger the bug.
Show quoted text
>Fix:
In addition to checking if the numeric result returned bygethostbyname_r is non-zero, check that my_hp has been set to
point to my_h_ent. Suggested patch:
--- src/include/fake-addrinfo.h 2004-09-02 18:59:42.000000000 -0400
+++ src/include/fake-addrinfo.h 2004-11-01 19:17:30.127252336 -0500
@@ -187,24 +187,27 @@ extern /*@dependent@*/ char *gai_strerro
#ifdef GETHOSTBYNAME_R_RETURNS_INT
#define GET_HOST_BY_NAME(NAME, HP, ERR) \
{ \
- struct hostent my_h_ent, *my_hp; \
- int my_h_err; \
+ struct hostent my_h_ent, *my_hp = NULL; \
+ int my_h_err, my_ret; \
char my_h_buf[8192]; \
- (HP) = (gethostbyname_r((NAME), &my_h_ent, \
- my_h_buf, sizeof (my_h_buf), &my_hp, \
- &my_h_err) \
+ my_ret = (gethostbyname_r((NAME), &my_h_ent, \
+ my_h_buf, sizeof (my_h_buf), &my_hp, \
+ &my_h_err)); \
+ (HP) = (((my_ret != 0) || (my_hp != &my_h_ent)) \
? 0 \
: &my_h_ent); \
(ERR) = my_h_err; \
}
#define GET_HOST_BY_ADDR(ADDR, ADDRLEN, FAMILY, HP, ERR) \
{ \
- struct hostent my_h_ent, *my_hp; \
- int my_h_err; \
+ struct hostent my_h_ent, *my_hp = NULL; \
+ int my_h_err, my_ret; \
char my_h_buf[8192]; \
- (HP) = (gethostbyaddr_r((ADDR), (ADDRLEN), (FAMILY), &my_h_ent, \
- my_h_buf, sizeof (my_h_buf), &my_hp, \
- &my_h_err) \
+ my_ret = (gethostbyaddr_r((ADDR), (ADDRLEN), (FAMILY), \
+ &my_h_ent, \
+ my_h_buf, sizeof (my_h_buf), &my_hp, \
+ &my_h_err)); \
+ (HP) = (((my_ret != 0) || (my_hp != &my_h_ent)) \
? 0 \
: &my_h_ent); \
(ERR) = my_h_err; \