This is the mail archive of the glibc-cvs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

GNU C Library master sources branch master updated. glibc-2.28.9000-569-g6ca53a2

From: fw at sourceware dot org
To: glibc-cvs at sourceware dot org
Date: 21 Jan 2019 08:59:02 -0000
Subject: GNU C Library master sources branch master updated. glibc-2.28.9000-569-g6ca53a2

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  6ca53a2453598804a2559a548a08424fca96434a (commit)
      from  5e30b8ef0758763effa115634e0ed7d8938e4bc0 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=6ca53a2453598804a2559a548a08424fca96434a

commit 6ca53a2453598804a2559a548a08424fca96434a
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon Jan 21 09:26:41 2019 +0100

    resolv: Do not send queries for non-host-names in nss_dns [BZ #24112]
    
    Before this commit, nss_dns would send a query which did not contain a
    host name as the query name (such as invalid\032name.example.com) and
    then reject the answer in getanswer_r and gaih_getanswer_slice, using
    a check based on res_hnok.  With this commit, no query is sent, and a
    host-not-found error is returned to NSS without network interaction.

diff --git a/ChangeLog b/ChangeLog
index 9aa70d4..d2d6185 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+2019-01-18  Florian Weimer  <fweimer@redhat.com>
+
+	[BZ #24112]
+	resolv: Do not send queries for non-host-names in nss_dns.
+	* resolv/nss_dns/dns-host.c (check_name): New function.
+	(_nss_dns_gethostbyname2_r): Use it.
+	(_nss_dns_gethostbyname_r): Likewise.
+	(_nss_dns_gethostbyname4_r): Likewise.
+
 2019-01-21  Florian Weimer  <fweimer@redhat.com>
 
 	* resolv/inet_addr.c: Reformat to GNU style.
diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
index d5210c1..a18b8a6 100644
--- a/resolv/nss_dns/dns-host.c
+++ b/resolv/nss_dns/dns-host.c
@@ -274,11 +274,26 @@ gethostbyname3_context (struct resolv_context *ctx,
   return status;
 }
 
+/* Verify that the name looks like a host name.  There is no point in
+   sending a query which will not produce a usable name in the
+   response.  */
+static enum nss_status
+check_name (const char *name, int *h_errnop)
+{
+  if (res_hnok (name))
+    return NSS_STATUS_SUCCESS;
+  *h_errnop = HOST_NOT_FOUND;
+  return NSS_STATUS_NOTFOUND;
+}
+
 enum nss_status
 _nss_dns_gethostbyname2_r (const char *name, int af, struct hostent *result,
 			   char *buffer, size_t buflen, int *errnop,
 			   int *h_errnop)
 {
+  enum nss_status status = check_name (name, h_errnop);
+  if (status != NSS_STATUS_SUCCESS)
+    return status;
   return _nss_dns_gethostbyname3_r (name, af, result, buffer, buflen, errnop,
 				    h_errnop, NULL, NULL);
 }
@@ -289,6 +304,9 @@ _nss_dns_gethostbyname_r (const char *name, struct hostent *result,
 			  char *buffer, size_t buflen, int *errnop,
 			  int *h_errnop)
 {
+  enum nss_status status = check_name (name, h_errnop);
+  if (status != NSS_STATUS_SUCCESS)
+    return status;
   struct resolv_context *ctx = __resolv_context_get ();
   if (ctx == NULL)
     {
@@ -296,7 +314,7 @@ _nss_dns_gethostbyname_r (const char *name, struct hostent *result,
       *h_errnop = NETDB_INTERNAL;
       return NSS_STATUS_UNAVAIL;
     }
-  enum nss_status status = NSS_STATUS_NOTFOUND;
+  status = NSS_STATUS_NOTFOUND;
   if (res_use_inet6 ())
     status = gethostbyname3_context (ctx, name, AF_INET6, result, buffer,
 				     buflen, errnop, h_errnop, NULL, NULL);
@@ -313,6 +331,9 @@ _nss_dns_gethostbyname4_r (const char *name, struct gaih_addrtuple **pat,
 			   char *buffer, size_t buflen, int *errnop,
 			   int *herrnop, int32_t *ttlp)
 {
+  enum nss_status status = check_name (name, herrnop);
+  if (status != NSS_STATUS_SUCCESS)
+    return status;
   struct resolv_context *ctx = __resolv_context_get ();
   if (ctx == NULL)
     {
@@ -347,7 +368,6 @@ _nss_dns_gethostbyname4_r (const char *name, struct gaih_addrtuple **pat,
   int ans2p_malloced = 0;
 
   int olderr = errno;
-  enum nss_status status;
   int n = __res_context_search (ctx, name, C_IN, T_QUERY_A_AND_AAAA,
 				host_buffer.buf->buf, 2048, &host_buffer.ptr,
 				&ans2p, &nans2p, &resplen2, &ans2p_malloced);

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                 |    9 +++++++++
 resolv/nss_dns/dns-host.c |   24 ++++++++++++++++++++++--
 2 files changed, 31 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
GNU C Library master sources

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]