From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <libc-hacker-return-6481-listarch-libc-hacker=sources.redhat.com@sources.redhat.com>
Received: (qmail 11990 invoked by alias); 23 Apr 2003 09:58:35 -0000
Mailing-List: contact libc-hacker-help@sources.redhat.com; run by ezmlm
Precedence: bulk
List-Subscribe: <mailto:libc-hacker-subscribe@sources.redhat.com>
List-Archive: <http://sources.redhat.com/ml/libc-hacker/>
List-Post: <mailto:libc-hacker@sources.redhat.com>
List-Help: <mailto:libc-hacker-help@sources.redhat.com>, <http://sources.redhat.com/ml/#faqs>
Sender: libc-hacker-owner@sources.redhat.com
Received: (qmail 11691 invoked from network); 23 Apr 2003 09:56:55 -0000
Received: from unknown (HELO localhost.localdomain) (195.113.19.66)
  by sources.redhat.com with SMTP; 23 Apr 2003 09:56:55 -0000
Received: from sunsite.ms.mff.cuni.cz (sunsite.mff.cuni.cz [127.0.0.1])
	by localhost.localdomain (8.12.8/8.12.8) with ESMTP id h3N9urqO026402;
	Wed, 23 Apr 2003 11:56:53 +0200
Received: (from jakub@localhost)
	by sunsite.ms.mff.cuni.cz (8.12.8/8.12.8/Submit) id h3N9uq1U026398;
	Wed, 23 Apr 2003 11:56:52 +0200
Date: Wed, 23 Apr 2003 09:58:00 -0000
From: Jakub Jelinek <jakub@redhat.com>
To: Ulrich Drepper <drepper@redhat.com>, Roland McGrath <roland@redhat.com>
Cc: Glibc hackers <libc-hacker@sources.redhat.com>
Subject: [PATCH] Fix getaddrinfo
Message-ID: <20030423095652.GX16629@sunsite.ms.mff.cuni.cz>
Reply-To: Jakub Jelinek <jakub@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4i
X-SW-Source: 2003-04/txt/msg00059.txt.bz2

Hi!

https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=91234&action=view
has a testcase. If the caller manages to leave -1 on the stack in the place
which becomes herrno, then gaih_inet will eat all the stack and die.
Fixed thusly:

2003-04-23  Jakub Jelinek  <jakub@redhat.com>

	* sysdeps/posix/getaddrinfo.c (gaih_inet): Check for rc == ERANGE,
	not rc == errno.  Use extend_alloca.

--- libc/sysdeps/posix/getaddrinfo.c.jj	2002-12-20 07:36:31.000000000 -0500
+++ libc/sysdeps/posix/getaddrinfo.c	2003-04-23 05:15:51.000000000 -0400
@@ -677,13 +677,11 @@ gaih_inet (const char *name, const struc
 	    int herrno;
 	    struct hostent th;
 	    size_t tmpbuflen = 512;
-	    char *tmpbuf;
+	    char *tmpbuf = NULL;
 
 	    do
 	      {
-		tmpbuflen *= 2;
-		tmpbuf = __alloca (tmpbuflen);
-
+		tmpbuf = extend_alloca (tmpbuf, tmpbuflen, tmpbuflen * 2);
 		rc = __gethostbyaddr_r (at2->addr,
 					((at2->family == AF_INET6)
 					 ? sizeof(struct in6_addr)
@@ -692,7 +690,7 @@ gaih_inet (const char *name, const struc
 					&h, &herrno);
 
 	      }
-	    while (rc == errno && herrno == NETDB_INTERNAL);
+	    while (rc == ERANGE && herrno == NETDB_INTERNAL);
 
 	    if (rc != 0 && herrno == NETDB_INTERNAL)
 	      {

	Jakub