From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from butterfly.birch.relay.mailchannels.net (butterfly.birch.relay.mailchannels.net [23.83.209.27]) by sourceware.org (Postfix) with ESMTPS id E0B8C3858C50 for ; Tue, 4 Oct 2022 22:44:37 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org E0B8C3858C50 Authentication-Results: sourceware.org; dmarc=fail (p=none dis=none) header.from=sourceware.org Authentication-Results: sourceware.org; spf=fail smtp.mailfrom=sourceware.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 99BD15C4246; Tue, 4 Oct 2022 22:44:36 +0000 (UTC) Received: from pdx1-sub0-mail-a304 (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 2A3C55C424B; Tue, 4 Oct 2022 22:44:36 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1664923476; a=rsa-sha256; cv=none; b=hwamSHO6nFLtJ3rNDco4aV0IqB7SMsU+TE4/A6WwuD1IWLNhN/0XNFZi7EoCsVGrMEz7zj xweG3rsPIawNhC8y9KgozwfjMLojmQkTFRSzNWqthw1a9F8mdWtst5zr5MdrjfziWMXhNC fgBZvoX3rVmDIxnOXu/7IgxUkLPjEOCQes9G035Sv0fNHkhq22fMfqWyP7Nk5LQsXTeVdr EIdKnRUaR9khSLYHgA+oBsVt3k110MLnfkFPaPCOAVWqyUlTBdvfySeV5lhRziqu3IqIyv x8RlM55bNpxqrkPk/53E+ET3L6onRpD6vJq+xncJAEly2A5Rm53idkCF1DVu9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1664923476; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=7CpGBXVoj/iR7wYlGDC1qD6IhwhmJfJJPd28TlZZ9QM=; b=s3vy2E54JRF7wC8YXNYN2H50RrCaILIBERH4jfaoSSK0uxnC5FKGKsTDurj6wsuDKaEHsy WPCQzo5wBRNR9t8CZVJ26+c7tPgMcE2qUyIOQT+2TVwLJrln7xdwsk7qXwph8eYzLPuoFp 9n7OA7LUNqMG8++Vk5mTQ6uyU9y3n/HYNKRKWn/3MxIwLXDrIuV69AjBRdS7XAvf6OY6Nk PGwWl2h9jtlVNSUKbWJJxKI+n99eSCj+R+EAg5p4Se/FoflCwZ/ZEH2fPx6QhOTpxMzZ2j LxtYfLfSrWI/1SICg4RtqzrT19o7oLwqhfWD4mA8aXgwWwGS/d/sY0wP6u9n9g== ARC-Authentication-Results: i=1; rspamd-7c485dd8cf-tf8l7; auth=pass smtp.auth=dreamhost smtp.mailfrom=siddhesh@sourceware.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org X-MailChannels-Auth-Id: dreamhost X-Battle-Cellar: 3800b5de6c1ece8a_1664923476426_744051354 X-MC-Loop-Signature: 1664923476426:559163704 X-MC-Ingress-Time: 1664923476426 Received: from pdx1-sub0-mail-a304 (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.122.234.207 (trex/6.7.1); Tue, 04 Oct 2022 22:44:36 +0000 Received: from fedora.redhat.com (bras-base-toroon4834w-grc-23-76-68-24-82.dsl.bell.ca [76.68.24.82]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: siddhesh@gotplt.org) by pdx1-sub0-mail-a304 (Postfix) with ESMTPSA id 4Mht774P20z2j; Tue, 4 Oct 2022 15:44:35 -0700 (PDT) From: Siddhesh Poyarekar To: libc-stable@sourceware.org Cc: =?UTF-8?q?Holger=20Hoffst=C3=A4tte?= , Carlos O'Donell Subject: [committed 2.36] nscd: Drop local address tuple variable [BZ #29607] Date: Tue, 4 Oct 2022 18:44:32 -0400 Message-Id: <20221004224432.1951561-1-siddhesh@sourceware.org> X-Mailer: git-send-email 2.37.2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1173.0 required=5.0 tests=BAYES_00,GIT_PATCH_0,KAM_DMARC_NONE,KAM_DMARC_STATUS,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_SOFTFAIL,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: When a request needs to be resent (e.g. due to insufficient buffer space), the references to subsequent tuples in the local variable are stale and should not be used. This used to work by accident before, but since 1d495912a it no longer does. Instead of trying to reset it, just let gethostbyname4_r write into TUMPBUF6 for us, thus maintaining a consistent state at all times. This is now consistent with what is done in gaih_inet for getaddrinfo. Resolves: BZ #29607 Reported-by: Holger Hoffstätte Tested-by: Holger Hoffstätte Reviewed-by: Carlos O'Donell (cherry picked from commit 6e33e5c4b73cea7b8aa3de0947123db16200fb65) --- NEWS | 2 ++ nscd/aicache.c | 5 ++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index 91bcfeb7a6..63e26d7062 100644 --- a/NEWS +++ b/NEWS @@ -28,6 +28,8 @@ The following bugs are resolved with this release: [29537] libc: [2.34 regression]: Alignment issue on m68k when using [29539] libc: LD_TRACE_LOADED_OBJECTS changed how vDSO library are [29583] Use 64-bit interfaces in gconv_parseconfdir + [29607] nscd repeatably crashes calling __strlen_avx2 when hosts cache is + enabled [29638] libc: stdlib: arc4random fallback is never used Version 2.36 diff --git a/nscd/aicache.c b/nscd/aicache.c index 51e793199f..e0baed170b 100644 --- a/nscd/aicache.c +++ b/nscd/aicache.c @@ -110,11 +110,10 @@ addhstaiX (struct database_dyn *db, int fd, request_header *req, "gethostbyname4_r"); if (fct4 != NULL) { - struct gaih_addrtuple atmem; struct gaih_addrtuple *at; while (1) { - at = &atmem; + at = NULL; rc6 = 0; herrno = 0; status[1] = DL_CALL_FCT (fct4, (key, &at, @@ -137,7 +136,7 @@ addhstaiX (struct database_dyn *db, int fd, request_header *req, goto next_nip; /* We found the data. Count the addresses and the size. */ - for (const struct gaih_addrtuple *at2 = at = &atmem; at2 != NULL; + for (const struct gaih_addrtuple *at2 = at; at2 != NULL; at2 = at2->next) { ++naddrs; -- 2.37.2