This fixes a bug in the way the results from __nscd_getai are collected:
for every returned result a new entry is first added to the
gaih_addrtuple list, but if that result doesn't match the request this
entry remains uninitialized. So for this non-matching result an extra
result with uninitialized content is returned.
To reproduce (with nscd running):
$ getent ahostsv4 localhost
127.0.0.1 STREAM localhost
127.0.0.1 DGRAM
127.0.0.1 RAW
(null) STREAM
(null) DGRAM
(null) RAW
Only gaih_inet() and gaih_inet_serv() use a special bit flag denoted
by the GAIH_OKIFUNSPEC macro. Only the return value of
gaih_inet_serv() is actively checked for the bit flag which is
redundant because it just copies the nonzero property of the value
otherwise returned. The return value of gaih_inet() is only checked
for being zero and then the bit flag is filtered out. As the bit flag
is set only for otherwise nonzero return values, it doesn't affect the
zero comparison. GAIH_EAI just an alias to ~GAIH_OKIFUNSPEC.
Resolves#16072 (CVE-2013-4458).
This patch fixes another stack overflow in getaddrinfo when it is
called with AF_INET6. The AF_UNSPEC case was fixed as CVE-2013-1914,
but the AF_INET6 case went undetected back then.
[BZ #9954]
With the following /etc/hosts:
127.0.0.1 www.my-domain.es
127.0.1.1 www.my-domain.es
192.168.0.1 www.my-domain.es
Using getaddrinfo() on www.my-domain.es, trigger the following assertion:
../sysdeps/posix/getaddrinfo.c:1473: rfc3484_sort: Assertion
`src->results[i].native == -1 || src->results[i].native == a1_native' failed.
This is due to two different bugs:
- In rfc3484_sort() rule 7, src->results[i].native is assigned even if
src->results[i].index is -1, meaning that no interface is associated.
- In getaddrinfo() the source IP address used with the lo interface needs a
special case, as it can be any IP within 127.X.Y.Z.
Fixes BZ #15339.
NSS_STATUS_UNAVAIL may mean that a necessary input resource is not
available. This could occur in a number of cases including when the
network is down, system runs out of file descriptors, etc. The
correct differentiator in such a case is the h_errno, which gives the
nature of failure. In case of failures other than a simple 'not
found', we set h_errno as NETDB_INTERNAL and let errno be the
identifier for the exact error.
When glibc is built with --enable-static-nss, the warning that
using NSS symbols requires the nss shared objects to be present
is no longer true, as those symbols are built into libc. Suppress
the warning for those symbols by providing a new macro
(nss_interface_function) for the NSS functions that is defined as
static_link_warning in the normal case, and empty for static NSS.
* sysdeps/posix/getaddrinfo.c (default_scopes): Map RFC 1918
* addresses
to global scope.
* posix/tst-rfc3484.c: Verify 10/8, 172.16/12 and 196.128/16
addresses are in the same scope as 192.0.2/24.
* posix/gai.conf: Document new scope table defaults.
limit
[BZ #14307]
* sysdeps/posix/getaddrinfo.c (gaih_inet): Increase the size of
the temporary buffer used to invoke __gethostbyname2_r,
__gethostbyaddr_r and gethostbyname4_r to make room for struct
host_data / struct gaih_addrtuple.
* resolv/nss_dns/dns-host.c (global scope): Move definition of
implementation constants MAX_NR_ALIASES and MAX_NR_ADDRS to
header file nss/nsswitch.h.
* nss/nsswitch.h (global scope): Add definition of implementation
constants MAX_NR_ALIASES and MAX_NR_ADDRS (moved from
resolv/nss_dns/dns-host.c).
Whenever getaddrinfo needed network interface information it used the
netlink interface to read the information every single time. The
problem is that this information can change at any time.
The patch implements monitoring of the network interfaces through
nscd. If no change is detected the previously read information can
be reused (which is the norm). This timestamp information is also
made available to other processes using the shared memory segment
between nscd and those processes.
getaddrinfo works around the resolver functionality to avoid automatic
IPv6 lookups. The restoring didn't allow for the resolver to set
additional bits in _res.
When not using gethostbyname4 methods we immediately aborted the loop
over the nss modules on the first successful lookup. While this is
almost always what is wanted the nsswitch.conf file allows to select
something different.
ESRCH return value.
(_nss_dns_gethostbyname4_r): Likewise.
* resolv/res_init.c (__res_vinit): Initialize nscount to zero.
* sysdeps/posix/getaddrinfo.c (gaih_inet): In case we use
gethostbyname4_r, we don't have a separate IPv6 status, so copy
the no_data variable.
prototypes.
* include/arpa/nameser_compat.h: Define T_UNSPEC.
* nis/Versions (libnss_nis): Export _nss_nis_gethostbyname4_r.
(libnss_nisplus): Export _nss_nisplus_gethostbyname4_r.
* nis/nss_nis/nis-hosts.c (LINE_PARSER): Change to also handle
af==AF_UNSPEC.
(_nss_nis_gethostbyname4_r): New function.
* nis/nss_nisplus/nisplus-hosts.c (_nss_nisplus_parse_hostent):
Change to also handle af==AF_UNSPEC.
(get_tablename): New function. Use it to avoid duplication.
(_nss_nisplus_gethostbyname4_r): New function.
* nscd/aicache.c (addhstaiX): Use gethostbyname4_r function is
available.
* nss/Versions (libnss_files): Export _nss_files_gethostbyname4_r.
* nss/nss.h: Define struct gaih_addrtuple.
* nss/nss_files/files-hosts.c (LINE_PARSER): Change to also handle
af==AF_UNSPEC.
(_nss_files_gethostbyname4_r): New function.
* resolv/Versions (libnss_dns): Export _nss_dns_gethostbyname4_r.
* resolv/gethnmaddr.c: Adjust __libc_res_nsearch and __libc_res_nquery
calls.
* resolv/res_query.c (__libc_res_nquery): Take two additional
parameters for second answer buffer. Handle type=T_UNSPEC to mean
look up IPv4 and IPv6.
Change all callers.
* resolv/res_send.c (__libc_res_nsend): Take five aditional parameters
for an additional query and answer buffer. Pass to send_vc and
send_dg.
(send_vc): Send possibly two requests and receive two answers.
(send_dg): Likewise.
* resolv/nss_dns/dns-host.c: Adjust calls to __libc_res_nsearch and
__libc_res_nquery.
(_nss_dns_gethostbyname4_r): New function.
(gaih_getanswer_slice): Likewise.
(gaih_getanswer): Likewise.
* resolv/nss_dns/dns-canon.c (_nss_dns_getcanonname_r): Adjust
__libc_res_nquery call.
* resolv/nss_dns/dns-network.c (_nss_dns_getnetbyaddr_r): Likewise.
(_nss_dns_getnetbyname_r): Adjust __libc_res_nsearch call.
* sysdeps/posix/getaddrinfo.c: Use gethostbyname4_r function is
available.
field. Use sockaddr_in6 for source_addr.
(get_scope): Change type of parameter to sockaddr_in6. Adjust.
(match_prefix): Likewise.
(get_label): Likewise.
(get_precedence): Likewise.
(rfc3484_sort): Change to use indirect access to results array.
Adjust to use of sockaddr_in6. Replace service_order test with
simple index comparison.
(getaddrinfo): Define order array. Initialize it. Don't initialize
service_order field. Adjust qsort_t calls. Access sorted result
array indirectly through order array.
* posix/tst-rfc3484.c: Adjust for change of rfc3484_sort.
* posix/tst-rfc3484-2.c: Likewise.
* posix/tst-rfc3484-3.c: Likewise.
(struct in6addrinfo): Add index element.
Declare __check_native.
* inet/Makefile (aux): Add check_native.
* sysdeps/unix/sysv/linux/check_native.c: New file.
* sysdeps/unix/sysv/linux/check_pf.c: No need to recognize
IFA_F_TEMPORARY. Pass back ifa_index.
* sysdeps/posix/getaddrinfo.c: Remove netlink compatibility code.
(rfc3484_sort): Add new parameter. Implement rule 7 correctly:
call __check_native if necessary.
(getaddrinfo): Fill in index field. Use qsort_r instead of qsort
to sort addresses. Pass information about the results.
* posix/tst-rfc3484.c: Adjust for addition of index field and change
of rfc3484_sort interface.
* posix/tst-rfc3484-2.c: Likewise.
* sysdeps/unix/sysv/linux/check_pf.c (make_request): Always return
list of interfaces. Also store prefix length.
* sysdeps/posix/getaddrinfo.c (sort_result): Add prefixlen element.
(rfc3484_sort): In rule 9, for IPv4 addresses count only matching
prefix if source and destination address are in the same subnet.
(getaddrinfo): Always call __check_pf. Fill in prefixlen field.
Always look for matching record in in6ai list.
Correct source_addr_len value for IPv6->IPv4 converted records.
service_order.
(rfc3484_sort): Make sure that even of qsort doesn't support
stable sorting it is stable by comparing service_order.
(getaddrinfo): Initialize service_order.
close_not_cancel_no_status instead of close.
2007-09-24 Jakub Jelinek <jakub@redhat.com>
* sysdeps/posix/getaddrinfo.c (getaddrinfo): Use
close_not_cancel_no_status instead of close.
RFC3484 precedence table for fec0::/10 and fc00::/7 (site-local
and ULA respectively). Set precedence for IPv4 address to 10 as
defined in RFC3484 for preferring IPv6.
* posix/gai.conf: Update to match the new default tables.
was allocated here. [Coverity CID 219]
* posix/getconf.c (print_all): Free confstr data after printing.
[Coverity CID 218]
* sysdeps/posix/getaddrinfo.c (gaih_inet): Free canon string if
list allocation fails. [Coverity CID 215]
* nss/nsswitch.c (__nss_configure_lookup): Fix loop end condition.
[Coverity CID 213]
* argp/argp-help.c (hol_entry_cmp): Don't call canon_doc_option if
string is NULL. [Coverity CID 212]
* argp/Makefile: Add rules to build and run bug-argp1.
* argp/bug-argp1.c: New file.
* io/ftw.c (ftw_dir): Use __rawmemchr instead of strchr to find
end of string.
* stdlib/canonicalize.c (__realpath): Likewise.
* locale/programs/ld-time.c (time_finish): Don't dereference NULL
pointer. [Coverity CID 206]
* elf/dl-dst.h (DL_DST_REQUIRED): Be prepared for missing link map
in statically linked code.
* elf/dl-load.c (_dl_dst_substitute): When replacing ORIGIN in
statically built code, be prepared to have no link map.
[Coverity CID 205]
* argp/argp-help.c (fill_in_uparams): Handle STATE==NULL in
dgettext calls. [Coverity CID 204]
* argp/argp-help.c (struct uparams): Remove valid member. Change
the one user.
(uparam_names): Reduce size. Avoid relative relocations.
Moved to read-only segment.
(fill_in_uparams): Update for new layout.
* sysdeps/unix/sysv/linux/ifaddrs.c (getifaddrs): Parameter can be
assumed to always be != NULL. [Coverity CID 202]
* argp/argp-help.c (hol_entry_help): Remove some dead code
[Coverity CID 200].
* nis/nss_nis/nis-service.c (_nss_nis_getservbyport_r): Optimize
away a few more unconditional yperr2nss calls.
(_nss_nis_getservbyname_r): Likewise.
handling. /etc/gai.conf can contain replacements for the label
and precedence table. Fix byte order of default label and
precedence table.
* posix/gai.conf: New file.
* posix/tst-rfc3484.c: Adjust for changes to getaddrinfo.c.
* posix/tst-rfc3484-2.c: Likewise.
Add two more parameters to __check_pf.
* sysdeps/unix/sysv/linux/check_pf.c: When using the netlink
interface, determine whether IPv6 addresses are deprecated or
temporary. Create array of those addresses.
* inet/check_pf.c: Always tell caller there are no depracated
and temporary addresses.
* sysdeps/posix/getaddrinfo.c: Pretty printing.
(struct sort_result): Add source_addr_flags field.
(rfc3484_sort): Implement rule 3 and 7.
(in6aicmp): New function.
(getaddrinfo): Call __check_pf also when we need info about IPv6
source addresses. When creating array for sorting addresses,
look up deprecated and temporary addresses returned by __check_pf
and add flag if necessary.
2005-11-03 Ulrich Drepper <drepper@redhat.com>
[BZ #1774]
* sysdeps/posix/getaddrinfo.c (gaih_inet): Don't use simple
gethostbyname2 lookup if AI_V4MAPPED|AI_ALL is set.
* sysdeps/posix/getaddrinfo.c (gaih_inet): Avoid alloca when possible
while looking for scope delimiter.
Some pretty printing.
* intl/dcigettext.c (_nl_find_msg): Add a cast.
* nis/nis_clone_dir.c (nis_clone_directory): Use char * for ADDR.
* nis/nis_clone_obj.c (nis_clone_object): Likewise.
* nis/nis_clone_res.c (nis_clone_result): Likewise.
* resolv/nss_dns/dns-network.c (getanswer_r): Use const unsigned char *
for END_OF_MESSAGE and CP.
* resolv/res_send.c (send_dg): Add else branch for case impossible
unless `poll' is buggy.
* crypt/crypt_util.c (__setkey_r): Add a cast.
* locale/programs/linereader.c (get_toplvl_escape): Use size_t for
NBYTES, and unsigned char * for BYTES.
* locale/programs/charmap.c (charmap_new_char): Use size_t and
unsighed char * for NBYTES, BYTES parameters.
* sysdeps/generic/dl-hash.h (_dl_elf_hash): Take const char * argument
and cast it.
* sysdeps/i386/i686/dl-hash.h (_dl_elf_hash): Likewise.
* sunrpc/create_xid.c (_create_xid): Don't use unsigned long for RES.
* sunrpc/svcauth_des.c (_svcauth_des): Fix cast type.
* sunrpc/auth_des.c (authdes_create): Don't use u_char for PKEY_DATA.
(authdes_marshal): Don't use unsigned int for LEN.
* sunrpc/xdr.c (xdr_hyper): Don't use unsigned long for T2.
(xdr_u_hyper): Likewise.
(xdr_u_short): Don't use u_long for L.
* sunrpc/xdr_intXX_t.c (xdr_int64_t): Don't use uint32_t for T2.
* inet/rexec.c (rexec_af): Use socklen_t.
* sunrpc/key_call.c (getkeyserv_handle): Likewise.
* sunrpc/rtime.c (rtime): Likewise.
* resolv/res_send.c (send_vc, send_dg): Likewise.
* nis/nis_callback.c (__nis_create_callback): Likewise.
* sysdeps/generic/libc-start.c: Use unsigned int for nthreads ptr.
* sysdeps/posix/getaddrinfo.c (gaih_inet): Fix type of ADDR local.
* libio/libio.h (_IO_BE): Add parenthesis around EXPR.
* intl/dcigettext.c (INTVARDEF, INTUSE): Macros removed.
(_nl_default_dirname): Use libc_hidden_data_def instead of INTVARDEF.
(libc_freeres_fn, DCIGETTEXT): Don't use INTUSE.
* intl/bindtextdom.c (INTUSE): Macro removed.
(_nl_default_dirname): Use libc_hidden_proto.
(set_binding_values): Don't use INTUSE.
* include/libintl.h (_libc_intl_domainname_internal): Decl removed.
(_libc_intl_domainname): Use libc_hidden_proto.
* posix/regex_internal.h (gettext): Remove INTUSE on it.
* locale/SYS_libc.c (_libc_intl_domainname): Use libc_hidden_data_def
rather than INTDEF.
* include/libintl.h (_): Don't use *_internal name.
* ctype/ctype-extn.c (__ctype_tolower, __ctype_toupper): Use int32_t,
not uint32_t.
* locale/lc-ctype.c (_nl_postload_ctype): Likewise for assignments.
* iconv/gconv_open.c (__gconv_open): Remove useless cast.
[BZ #721]
* sysdeps/i386/dl-machine.h (ELF_MACHINE_NO_RELA): Define this outside
of [RESOLVE_MAP].
* sysdeps/sh/dl-machine.h (ELF_MACHINE_NO_REL): Likewise.
* sysdeps/powerpc/powerpc32/dl-machine.h
(elf_machine_rel, elf_machine_rel_relative): Removed.
* sysdeps/powerpc/powerpc64/dl-machine.h
(elf_machine_rel, elf_machine_rel_relative): Removed.
2005-02-03 Alexandre Oliva <aoliva@redhat.com>
[BZ #721]
* elf/dynamic-link.h: Don't declare nested auto functions that are
not going to be defined.
2004-07-23 Jakub Jelinek <jakub@redhat.com>
[BZ #284]
* include/features.h (_POSIX_SOURCE, _POSIX_C_SOURCE): Define
if _XOPEN_SOURCE >= 500 even if __STRICT_ANSI__ is defined.
2005-02-16 Roland McGrath <roland@redhat.com>
Update.
2004-09-26 Ulrich Drepper <drepper@redhat.com>
* sysdeps/posix/getaddrinfo.c (getaddrinfo): Remove incorrect
requirement on socktype and protocol.
(gaih_inet): If numeric port number is given, return records for all
possible socket types.
* posix/tst-getaddrinfo2.c: New file.
* posix/Makefile (tests): Add tst-getaddrinfo2. [BZ #358]