Fix use of half-initialized result in getaddrinfo when using nscd (bug 16743)

This fixes a bug in the way the results from __nscd_getai are collected:
for every returned result a new entry is first added to the
gaih_addrtuple list, but if that result doesn't match the request this
entry remains uninitialized.  So for this non-matching result an extra
result with uninitialized content is returned.

To reproduce (with nscd running):

	$ getent ahostsv4 localhost
	127.0.0.1       STREAM localhost
	127.0.0.1       DGRAM
	127.0.0.1       RAW
	(null)          STREAM
	(null)          DGRAM
	(null)          RAW

ChangeLog

@@ -1,3 +1,9 @@
+2014-03-20  Andreas Schwab  <schwab@suse.de>
+
+	[BZ #16743]
+	* sysdeps/posix/getaddrinfo.c (gaih_inet): Properly skip over
+	non-matching result from nscd.
+
 2014-03-24  Siddhesh Poyarekar  <siddhesh@redhat.com>
 
 	* scripts/bench.py: Moved to ...

NEWS

@@ -11,7 +11,8 @@ Version 2.20
 
   15347, 15804, 15894, 16002, 16284, 16447, 16532, 16545, 16574, 16600,
   16609, 16610, 16611, 16613, 16623, 16632, 16639, 16642, 16649, 16670,
-  16674, 16677, 16680, 16683, 16689, 16695, 16701, 16706, 16707, 16731.
+  16674, 16677, 16680, 16683, 16689, 16695, 16701, 16706, 16707, 16731,
+  16743.
 
 * Running the testsuite no longer terminates as soon as a test fails.
   Instead, a file tests.sum (xtests.sum from "make xcheck") is generated,

sysdeps/posix/getaddrinfo.c

@@ -710,6 +710,14 @@ gaih_inet (const char *name, const struct gaih_service *service,
 		  struct gaih_addrtuple *addrfree = addrmem;
 		  for (int i = 0; i < air->naddrs; ++i)
 		    {
+		      if (!((air->family[i] == AF_INET
+			     && req->ai_family == AF_INET6
+			     && (req->ai_flags & AI_V4MAPPED) != 0)
+			    || req->ai_family == AF_UNSPEC
+			    || air->family[i] == req->ai_family))
+			/* Skip over non-matching result.  */
+			continue;
+
 		      socklen_t size = (air->family[i] == AF_INET
 					? INADDRSZ : IN6ADDRSZ);
 		      if (*pat == NULL)