[COMMITTED 2.19] Fix use of half-initialized result in getaddrinfo when using nscd (bug 16743)
Aurelien Jarno
aurelien@aurel32.net
Thu Sep 10 10:13:00 GMT 2015
From: Andreas Schwab <schwab@suse.de>
This fixes a bug in the way the results from __nscd_getai are collected:
for every returned result a new entry is first added to the
gaih_addrtuple list, but if that result doesn't match the request this
entry remains uninitialized. So for this non-matching result an extra
result with uninitialized content is returned.
To reproduce (with nscd running):
$ getent ahostsv4 localhost
127.0.0.1 STREAM localhost
127.0.0.1 DGRAM
127.0.0.1 RAW
(null) STREAM
(null) DGRAM
(null) RAW
(cherry picked from commit a071766ebfd853179ac39f9773f894029bf86d36)
Conflicts:
ChangeLog
NEWS
---
ChangeLog | 6 ++++++
NEWS | 6 +++---
sysdeps/posix/getaddrinfo.c | 8 ++++++++
3 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 0eb6c3f..3964305 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2014-03-20 Andreas Schwab <schwab@suse.de>
+
+ [BZ #16743]
+ * sysdeps/posix/getaddrinfo.c (gaih_inet): Properly skip over
+ non-matching result from nscd.
+
2015-04-21 Arjun Shankar <arjun.is@lostca.se>
[BZ #18287]
diff --git a/NEWS b/NEWS
index 7f9388f..be59ead 100644
--- a/NEWS
+++ b/NEWS
@@ -9,9 +9,9 @@ Version 2.19.1
* The following bugs are resolved with this release:
- 15946, 16545, 16574, 16623, 16657, 16695, 16878, 16882, 16885, 16916,
- 16932, 16943, 16958, 17048, 17069, 17137, 17213, 17263, 17325, 17555,
- 18287.
+ 15946, 16545, 16574, 16623, 16657, 16695, 16743, 16878, 16882, 16885,
+ 16916, 16932, 16943, 16958, 17048, 17069, 17137, 17213, 17263, 17325,
+ 17555, 18287.
* A buffer overflow in gethostbyname_r and related functions performing DNS
requests has been fixed. If the NSS functions were called with a
diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c
index 8218237..b3cc124 100644
--- a/sysdeps/posix/getaddrinfo.c
+++ b/sysdeps/posix/getaddrinfo.c
@@ -710,6 +710,14 @@ gaih_inet (const char *name, const struct gaih_service *service,
struct gaih_addrtuple *addrfree = addrmem;
for (int i = 0; i < air->naddrs; ++i)
{
+ if (!((air->family[i] == AF_INET
+ && req->ai_family == AF_INET6
+ && (req->ai_flags & AI_V4MAPPED) != 0)
+ || req->ai_family == AF_UNSPEC
+ || air->family[i] == req->ai_family))
+ /* Skip over non-matching result. */
+ continue;
+
socklen_t size = (air->family[i] == AF_INET
? INADDRSZ : IN6ADDRSZ);
if (*pat == NULL)
--
2.1.4
More information about the Libc-alpha
mailing list