public inbox for glibc-cvs@sourceware.org help / color / mirror / Atom feed
From: Siddhesh Poyarekar <siddhesh@sourceware.org> To: glibc-cvs@sourceware.org Subject: [glibc/siddhesh/gai-cleanup2] getaddrinfo: Fix leak with AI_ALL [BZ #28852] Date: Tue, 8 Mar 2022 14:09:39 +0000 (GMT) [thread overview] Message-ID: <20220308140939.02674385C40E@sourceware.org> (raw) https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3c990fc87d25981e5e8ffee492490e121b3c2743 commit 3c990fc87d25981e5e8ffee492490e121b3c2743 Author: Siddhesh Poyarekar <siddhesh@sourceware.org> Date: Thu Mar 3 23:07:42 2022 +0530 getaddrinfo: Fix leak with AI_ALL [BZ #28852] Use realloc in convert_hostent_to_gaih_addrtuple and fix up pointers in the result list so that a single block is maintained for hostbyname3_r/hostbyname2_r and freed in gaih_inet. This result is never merged with any other results, since the hosts database does not permit merging. Resolves BZ #28852. Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org> Diff: --- sysdeps/posix/getaddrinfo.c | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c index df164a3e96..b0a64ead0e 100644 --- a/sysdeps/posix/getaddrinfo.c +++ b/sysdeps/posix/getaddrinfo.c @@ -199,9 +199,6 @@ convert_hostent_to_gaih_addrtuple (const struct addrinfo *req, struct hostent *h, struct gaih_addrtuple **result) { - while (*result) - result = &(*result)->next; - /* Count the number of addresses in h->h_addr_list. */ size_t count = 0; for (char **p = h->h_addr_list; *p != NULL; ++p) @@ -212,10 +209,30 @@ convert_hostent_to_gaih_addrtuple (const struct addrinfo *req, if (count == 0 || h->h_length > sizeof (((struct gaih_addrtuple) {}).addr)) return true; - struct gaih_addrtuple *array = calloc (count, sizeof (*array)); + struct gaih_addrtuple *array = *result; + size_t old = 0; + + while (array != NULL) + { + old++; + array = array->next; + } + + array = realloc (*result, (old + count) * sizeof (*array)); + if (array == NULL) return false; + *result = array; + + /* Update the next pointers on reallocation. */ + for (size_t i = 0; i < old; i++) + array[i].next = array + i + 1; + + array += old; + + memset (array, 0, count * sizeof (*array)); + for (size_t i = 0; i < count; ++i) { if (family == AF_INET && req->ai_family == AF_INET6) @@ -235,7 +252,6 @@ convert_hostent_to_gaih_addrtuple (const struct addrinfo *req, array[0].name = h->h_name; array[count - 1].next = NULL; - *result = array; return true; }
next reply other threads:[~2022-03-08 14:09 UTC|newest] Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-03-08 14:09 Siddhesh Poyarekar [this message] -- strict thread matches above, loose matches on Subject: below -- 2022-03-14 14:16 Siddhesh Poyarekar 2022-03-07 16:55 Siddhesh Poyarekar
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20220308140939.02674385C40E@sourceware.org \ --to=siddhesh@sourceware.org \ --cc=glibc-cvs@sourceware.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).