* nscd and getxxxxx_r () are all screwed up.
@ 1999-08-09 18:48 H.J. Lu
1999-08-09 22:30 ` Ulrich Drepper
0 siblings, 1 reply; 3+ messages in thread
From: H.J. Lu @ 1999-08-09 18:48 UTC (permalink / raw)
To: GNU C Library
nscd and getxxxxx_r () in glibc 2.1.2 are all screwed up. hstcache.c
in nscd has:
while (__gethostbyname2_r (key, AF_INET, &resultbuf, buffer, buflen,
&hst, &h_errno) != 0
&& h_errno == NETDB_INTERNAL
&& errno == ERANGE)
{
errno = 0;
buflen += 256;
buffer = alloca (buflen);
}
However, when getanswer_r in resolve/nss_dns/dns-host.c runs out of
buffer around line 619, it never bothers to set errno nor h_errno. It
does that with
if (result->h_name == NULL)
{
....
}
It is incorrect since getanswer_r can run out of memory after
result->h_name is set. It looks like a mess to me. I hope someone
will fix it soon.
--
H.J. Lu (hjl@gnu.org)
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: nscd and getxxxxx_r () are all screwed up.
1999-08-09 18:48 nscd and getxxxxx_r () are all screwed up H.J. Lu
@ 1999-08-09 22:30 ` Ulrich Drepper
1999-08-10 8:02 ` H.J. Lu
0 siblings, 1 reply; 3+ messages in thread
From: Ulrich Drepper @ 1999-08-09 22:30 UTC (permalink / raw)
To: H.J. Lu; +Cc: GNU C Library
hjl@varesearch.com (H.J. Lu) writes:
> nscd and getxxxxx_r () in glibc 2.1.2 are all screwed up. hstcache.c
> in nscd has:
First, you are getting extremely on my nerves with your constant
"everything is screwed up, nothing works". If *always* is wrong.
Second, I have not the slightest idea what you are talking about. I
just wasted some minutes looking through the code finding no problem
since errno and h_errno are always set correctly in the file you
mentioned. Thanks a lot. I really should go back to my mode where I
ignore your mails if you do not give detailed explanations.
--
---------------. drepper at gnu.org ,-. 1325 Chesapeake Terrace
Ulrich Drepper \ ,-------------------' \ Sunnyvale, CA 94089 USA
Cygnus Solutions `--' drepper at cygnus.com `------------------------
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: nscd and getxxxxx_r () are all screwed up.
1999-08-09 22:30 ` Ulrich Drepper
@ 1999-08-10 8:02 ` H.J. Lu
0 siblings, 0 replies; 3+ messages in thread
From: H.J. Lu @ 1999-08-10 8:02 UTC (permalink / raw)
To: drepper; +Cc: GNU C Library
>
> hjl@varesearch.com (H.J. Lu) writes:
>
> > nscd and getxxxxx_r () in glibc 2.1.2 are all screwed up. hstcache.c
> > in nscd has:
>
> First, you are getting extremely on my nerves with your constant
> "everything is screwed up, nothing works". If *always* is wrong.
>
> Second, I have not the slightest idea what you are talking about. I
> just wasted some minutes looking through the code finding no problem
> since errno and h_errno are always set correctly in the file you
> mentioned. Thanks a lot. I really should go back to my mode where I
> ignore your mails if you do not give detailed explanations.
>
I shouldn't have sent out my bug report without a patch. The code
may be hard to understand. Here is my patch. Let me know if you have
any questions on the patch. I will fix other similar bugs if I
encounter them later.
Sorry for that. Thanks.
H.J.
----
Tue Aug 10 07:54:44 1999 H.J. Lu <hjl@gnu.org>
* resolv/nss_dns/dns-host.c (getanswer_r): Cleanup out-of-
buffer handling.
Index: resolv/nss_dns/dns-host.c
===================================================================
RCS file: /work/cvs/gnu/glibc-2.1/resolv/nss_dns/dns-host.c,v
retrieving revision 1.1.1.11
diff -u -p -r1.1.1.11 dns-host.c
--- resolv/nss_dns/dns-host.c 1999/06/17 15:38:20 1.1.1.11
+++ resolv/nss_dns/dns-host.c 1999/08/10 14:32:58
@@ -422,11 +422,7 @@ getanswer_r (const querybuf *answer, int
if (n != -1 && __ns_name_ntop (packtmp, bp, linebuflen) == -1)
{
if (errno == EMSGSIZE)
- {
- *errnop = ERANGE;
- *h_errnop = NETDB_INTERNAL;
- return NSS_STATUS_TRYAGAIN;
- }
+ goto too_small;
n = -1;
}
@@ -473,7 +469,9 @@ getanswer_r (const querybuf *answer, int
linebuflen -= n;
/* Get canonical name. */
n = strlen (tbuf) + 1; /* For the \0. */
- if ((size_t) n > buflen || n >= MAXHOSTNAMELEN)
+ if ((size_t) n > linebuflen)
+ goto too_small;
+ if (n >= MAXHOSTNAMELEN)
{
++had_error;
continue;
@@ -495,7 +493,9 @@ getanswer_r (const querybuf *answer, int
cp += n;
/* Get canonical name. */
n = strlen (tbuf) + 1; /* For the \0. */
- if ((size_t) n > buflen || n >= MAXHOSTNAMELEN)
+ if ((size_t) n > linebuflen)
+ goto too_small;
+ if (n >= MAXHOSTNAMELEN)
{
++had_error;
continue;
@@ -539,11 +539,7 @@ getanswer_r (const querybuf *answer, int
if (n != -1 && __ns_name_ntop (packtmp, bp, linebuflen) == -1)
{
if (errno == EMSGSIZE)
- {
- *errnop = ERANGE;
- *h_errnop = NETDB_INTERNAL;
- return NSS_STATUS_TRYAGAIN;
- }
+ goto too_small;
n = -1;
}
@@ -616,11 +612,8 @@ getanswer_r (const querybuf *answer, int
linebuflen -= sizeof (align) - ((u_long) bp % sizeof (align));
bp += sizeof (align) - ((u_long) bp % sizeof (align));
- if (n >= linebuflen)
- {
- ++had_error;
- continue;
- }
+ if (n > linebuflen)
+ goto too_small;
if (hap >= &host_data->h_addr_ptrs[MAX_NR_ADDRS-1])
{
cp += n;
@@ -655,11 +648,7 @@ getanswer_r (const querybuf *answer, int
{
n = strlen (qname) + 1; /* For the \0. */
if (n > linebuflen)
- {
- *errnop = ERANGE;
- *h_errnop = NETDB_INTERNAL;
- return NSS_STATUS_TRYAGAIN;
- }
+ goto too_small;
if (n >= MAXHOSTNAMELEN)
goto no_recovery;
result->h_name = bp;
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~1999-08-10 8:02 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
1999-08-09 18:48 nscd and getxxxxx_r () are all screwed up H.J. Lu
1999-08-09 22:30 ` Ulrich Drepper
1999-08-10 8:02 ` H.J. Lu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).