186 Commits

Author SHA1 Message Date
Florian Weimer
cd065b6843 getaddrinfo: Convert from extend_alloca to struct scratch_buffer 2016-05-12 14:07:56 +02:00
Florian Weimer
8db2cf163e getaddrinfo: Restore RES_USE_INET6 flag on error path [BZ #19994] 2016-05-10 10:09:24 +02:00
Florian Weimer
4ab2ab03d4 CVE-2016-3706: getaddrinfo: stack overflow in hostent conversion [BZ #20010]
When converting a struct hostent response to struct gaih_addrtuple, the
gethosts macro (which is called from gaih_inet) used alloca, without
malloc fallback for large responses.  This commit changes this code to
use calloc unconditionally.

This commit also consolidated a second hostent-to-gaih_addrtuple
conversion loop (in gaih_inet) to use the new conversion function.
2016-04-29 10:35:34 +02:00
Joseph Myers
ec999b8e5e Move bits/libc-lock.h and bits/libc-lockP.h out of bits/ (bug 14912).
It was noted in
<https://sourceware.org/ml/libc-alpha/2012-09/msg00305.html> that the
bits/*.h naming scheme should only be used for installed headers.
This patch renames bits/libc-lock.h to plain libc-lock.h and
bits/libc-lockP.h to plain libc-lockP.h to follow that convention.

Note that I don't know where libc-lockP.h comes from for Hurd (the
Hurd libc-lock.h includes libc-lockP.h, but the only libc-lockP.h in
the glibc source tree is for NPTL) - some unmerged patch? - but I
updated the #include in the Hurd libc-lock.h anyway.

Tested for x86_64 (testsuite, and that installed stripped shared
libraries are unchanged by the patch).

	[BZ #14912]
	* bits/libc-lock.h: Move to ...
	* sysdeps/generic/libc-lock.h: ...here.
	(_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H.
	* sysdeps/mach/hurd/bits/libc-lock.h: Move to ...
	* sysdeps/mach/hurd/libc-lock.h: ...here.
	(_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H.
	[_LIBC]: Include <libc-lockP.h> instead of <bits/libc-lockP.h>.
	* sysdeps/mach/bits/libc-lock.h: Move to ...
	* sysdeps/mach/libc-lock.h: ...here.
	(_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H.
	* sysdeps/nptl/bits/libc-lock.h: Move to ...
	* sysdeps/nptl/libc-lock.h: ...here.
	(_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H.
	* sysdeps/nptl/bits/libc-lockP.h: Move to ...
	* sysdeps/nptl/libc-lockP.h: ...here.
	(_BITS_LIBC_LOCKP_H): Rename macro to _LIBC_LOCKP_H.
	* crypt/crypt_util.c: Include <libc-lock.h> instead of
	<bits/libc-lock.h>.
	* dirent/scandir-tail.c: Likewise.
	* dlfcn/dlerror.c: Likewise.
	* elf/dl-close.c: Likewise.
	* elf/dl-iteratephdr.c: Likewise.
	* elf/dl-lookup.c: Likewise.
	* elf/dl-open.c: Likewise.
	* elf/dl-support.c: Likewise.
	* elf/dl-writev.h: Likewise.
	* elf/rtld.c: Likewise.
	* grp/fgetgrent.c: Likewise.
	* gshadow/fgetsgent.c: Likewise.
	* gshadow/sgetsgent.c: Likewise.
	* iconv/gconv_conf.c: Likewise.
	* iconv/gconv_db.c: Likewise.
	* iconv/gconv_dl.c: Likewise.
	* iconv/gconv_int.h: Likewise.
	* iconv/gconv_trans.c: Likewise.
	* include/link.h: Likewise.
	* inet/getnameinfo.c: Likewise.
	* inet/getnetgrent.c: Likewise.
	* inet/getnetgrent_r.c: Likewise.
	* intl/bindtextdom.c: Likewise.
	* intl/dcigettext.c: Likewise.
	* intl/finddomain.c: Likewise.
	* intl/gettextP.h: Likewise.
	* intl/loadmsgcat.c: Likewise.
	* intl/localealias.c: Likewise.
	* intl/textdomain.c: Likewise.
	* libidn/idn-stub.c: Likewise.
	* libio/libioP.h: Likewise.
	* locale/duplocale.c: Likewise.
	* locale/freelocale.c: Likewise.
	* locale/newlocale.c: Likewise.
	* locale/setlocale.c: Likewise.
	* login/getutent_r.c: Likewise.
	* login/getutid_r.c: Likewise.
	* login/getutline_r.c: Likewise.
	* login/utmp-private.h: Likewise.
	* login/utmpname.c: Likewise.
	* malloc/mtrace.c: Likewise.
	* misc/efgcvt.c: Likewise.
	* misc/error.c: Likewise.
	* misc/fstab.c: Likewise.
	* misc/getpass.c: Likewise.
	* misc/mntent.c: Likewise.
	* misc/syslog.c: Likewise.
	* nis/nis_call.c: Likewise.
	* nis/nis_callback.c: Likewise.
	* nis/nss-default.c: Likewise.
	* nis/nss_compat/compat-grp.c: Likewise.
	* nis/nss_compat/compat-initgroups.c: Likewise.
	* nis/nss_compat/compat-pwd.c: Likewise.
	* nis/nss_compat/compat-spwd.c: Likewise.
	* nis/nss_nis/nis-alias.c: Likewise.
	* nis/nss_nis/nis-ethers.c: Likewise.
	* nis/nss_nis/nis-grp.c: Likewise.
	* nis/nss_nis/nis-hosts.c: Likewise.
	* nis/nss_nis/nis-network.c: Likewise.
	* nis/nss_nis/nis-proto.c: Likewise.
	* nis/nss_nis/nis-pwd.c: Likewise.
	* nis/nss_nis/nis-rpc.c: Likewise.
	* nis/nss_nis/nis-service.c: Likewise.
	* nis/nss_nis/nis-spwd.c: Likewise.
	* nis/nss_nisplus/nisplus-alias.c: Likewise.
	* nis/nss_nisplus/nisplus-ethers.c: Likewise.
	* nis/nss_nisplus/nisplus-grp.c: Likewise.
	* nis/nss_nisplus/nisplus-hosts.c: Likewise.
	* nis/nss_nisplus/nisplus-initgroups.c: Likewise.
	* nis/nss_nisplus/nisplus-network.c: Likewise.
	* nis/nss_nisplus/nisplus-proto.c: Likewise.
	* nis/nss_nisplus/nisplus-pwd.c: Likewise.
	* nis/nss_nisplus/nisplus-rpc.c: Likewise.
	* nis/nss_nisplus/nisplus-service.c: Likewise.
	* nis/nss_nisplus/nisplus-spwd.c: Likewise.
	* nis/ypclnt.c: Likewise.
	* nptl/libc_pthread_init.c: Likewise.
	* nss/getXXbyYY.c: Likewise.
	* nss/getXXent.c: Likewise.
	* nss/getXXent_r.c: Likewise.
	* nss/nss_db/db-XXX.c: Likewise.
	* nss/nss_db/db-netgrp.c: Likewise.
	* nss/nss_db/nss_db.h: Likewise.
	* nss/nss_files/files-XXX.c: Likewise.
	* nss/nss_files/files-alias.c: Likewise.
	* nss/nsswitch.c: Likewise.
	* posix/regex_internal.h: Likewise.
	* posix/wordexp.c: Likewise.
	* pwd/fgetpwent.c: Likewise.
	* resolv/res_hconf.c: Likewise.
	* resolv/res_libc.c: Likewise.
	* shadow/fgetspent.c: Likewise.
	* shadow/lckpwdf.c: Likewise.
	* shadow/sgetspent.c: Likewise.
	* socket/opensock.c: Likewise.
	* stdio-common/reg-modifier.c: Likewise.
	* stdio-common/reg-printf.c: Likewise.
	* stdio-common/reg-type.c: Likewise.
	* stdio-common/vfprintf.c: Likewise.
	* stdio-common/vfscanf.c: Likewise.
	* stdlib/abort.c: Likewise.
	* stdlib/cxa_atexit.c: Likewise.
	* stdlib/fmtmsg.c: Likewise.
	* stdlib/random.c: Likewise.
	* stdlib/setenv.c: Likewise.
	* string/strsignal.c: Likewise.
	* sunrpc/auth_none.c: Likewise.
	* sunrpc/bindrsvprt.c: Likewise.
	* sunrpc/create_xid.c: Likewise.
	* sunrpc/key_call.c: Likewise.
	* sunrpc/rpc_thread.c: Likewise.
	* sysdeps/arm/backtrace.c: Likewise.
	* sysdeps/generic/ldsodefs.h: Likewise.
	* sysdeps/generic/stdio-lock.h: Likewise.
	* sysdeps/generic/unwind-dw2-fde.c: Likewise.
	* sysdeps/i386/backtrace.c: Likewise.
	* sysdeps/ieee754/ldbl-opt/nldbl-compat.c: Likewise.
	* sysdeps/m68k/backtrace.c: Likewise.
	* sysdeps/mach/hurd/cthreads.c: Likewise.
	* sysdeps/mach/hurd/dirstream.h: Likewise.
	* sysdeps/mach/hurd/malloc-machine.h: Likewise.
	* sysdeps/nptl/malloc-machine.h: Likewise.
	* sysdeps/nptl/stdio-lock.h: Likewise.
	* sysdeps/posix/dirstream.h: Likewise.
	* sysdeps/posix/getaddrinfo.c: Likewise.
	* sysdeps/posix/system.c: Likewise.
	* sysdeps/pthread/aio_suspend.c: Likewise.
	* sysdeps/s390/s390-32/backtrace.c: Likewise.
	* sysdeps/s390/s390-64/backtrace.c: Likewise.
	* sysdeps/unix/sysv/linux/check_pf.c: Likewise.
	* sysdeps/unix/sysv/linux/if_index.c: Likewise.
	* sysdeps/unix/sysv/linux/s390/s390-32/getutent_r.c: Likewise.
	* sysdeps/unix/sysv/linux/s390/s390-32/getutid_r.c: Likewise.
	* sysdeps/unix/sysv/linux/s390/s390-32/getutline_r.c: Likewise.
	* sysdeps/unix/sysv/linux/shm-directory.c: Likewise.
	* sysdeps/unix/sysv/linux/system.c: Likewise.
	* sysdeps/x86_64/backtrace.c: Likewise.
	* time/alt_digit.c: Likewise.
	* time/era.c: Likewise.
	* time/tzset.c: Likewise.
	* wcsmbs/wcsmbsload.c: Likewise.
	* nptl/tst-initializers1.c (do_test): Refer to <libc-lock.h>
	instead of <bits/libc-lock.h> in comment.
2015-09-08 21:11:03 +00:00
Joseph Myers
bef8fd6013 Fix qsort_r namespace (bug 17571).
qsort_r is defined in the same file as qsort, but is not an ISO C
function, so should be a weak alias for __qsort_r.  The uses in
getaddrinfo should also call __qsort_r, since getaddrinfo is a POSIX
function and qsort_r isn't.  This patch implements this.  Because nscd
uses the getaddrinfo sources outside libc, as do the tst-rfc3484
tests, a #define of __qsort_r to qsort_r is added there alongside the
similar defines for other libc-internal symbols used in getaddrinfo.

Tested for x86_64 (testsuite, and that disassembly of installed shared
libraries is unchanged by the patch).

	[BZ #17571]
	* stdlib/msort.c (qsort_r): Rename to __qsort_r and define as weak
	alias of __qsort_r.
	(qsort): Call __qsort_r instead of qsort_r.
	* include/stdlib.h (qsort_r): Do not call libc_hidden_proto.
	(__qsort_r): Declare.  Call libc_hidden_proto.
	* sysdeps/posix/getaddrinfo.c (getaddrinfo): Call __qsort_r
	instead of qsort_r.
	* nscd/gai.c (__qsort_r): Define to qsort_r.
	* posix/tst-rfc3484.c (__qsort_r): Likewise.
	* posix/tst-rfc3484-2.c (__qsort_r): Likewise.
	* posix/tst-rfc3484-3.c (__qsort_r): Likewise.
2014-11-12 22:33:41 +00:00
Siddhesh Poyarekar
cf26a0cb6a Return EAI_AGAIN for AF_UNSPEC when herrno is TRY_AGAIN (BZ #16849)
getaddrinfo correctly returns EAI_AGAIN for AF_INET and AF_INET6
queries.  For AF_UNSPEC however, an older change
(a682a1bf553b1efe4dbb03207fece5b719cec482) broke the check and due to
that the returned error was EAI_NONAME.

This patch fixes the check so that a non-authoritative not-found is
returned as EAI_AGAIN to the user instead of EAI_NONAME.
2014-05-15 12:33:11 +05:30
Andreas Schwab
8dc9751764 Fix parsing of getai result from nscd for IPv6-only request 2014-05-07 14:21:27 +02:00
Andreas Schwab
a071766ebf Fix use of half-initialized result in getaddrinfo when using nscd (bug 16743)
This fixes a bug in the way the results from __nscd_getai are collected:
for every returned result a new entry is first added to the
gaih_addrtuple list, but if that result doesn't match the request this
entry remains uninitialized.  So for this non-matching result an extra
result with uninitialized content is returned.

To reproduce (with nscd running):

	$ getent ahostsv4 localhost
	127.0.0.1       STREAM localhost
	127.0.0.1       DGRAM
	127.0.0.1       RAW
	(null)          STREAM
	(null)          DGRAM
	(null)          RAW
2014-03-24 16:51:53 +01:00
Ondřej Bílka
a1ffb40e32 Use glibc_likely instead __builtin_expect. 2014-02-10 15:07:12 +01:00
Pavel Simerda
639a0ef8ab Remove redundant GAIH_OKIFUNSPEC and GAIH_EAI.
Only gaih_inet() and gaih_inet_serv() use a special bit flag denoted
by the GAIH_OKIFUNSPEC macro. Only the return value of
gaih_inet_serv() is actively checked for the bit flag which is
redundant because it just copies the nonzero property of the value
otherwise returned. The return value of gaih_inet() is only checked
for being zero and then the bit flag is filtered out. As the bit flag
is set only for otherwise nonzero return values, it doesn't affect the
zero comparison. GAIH_EAI just an alias to ~GAIH_OKIFUNSPEC.
2013-12-02 20:23:13 +05:30
Pavel Simerda
f524d6a8e4 getaddrinfo: remove dead code 2013-12-02 20:17:17 +05:30
Siddhesh Poyarekar
7cbcdb3699 Fix stack overflow due to large AF_INET6 requests
Resolves #16072 (CVE-2013-4458).

This patch fixes another stack overflow in getaddrinfo when it is
called with AF_INET6.  The AF_UNSPEC case was fixed as CVE-2013-1914,
but the AF_INET6 case went undetected back then.
2013-10-25 10:22:12 +05:30
Allan McRae
894f3f1049 Fix incorrect getaddrinfo assertion trigger
[BZ #9954]

With the following /etc/hosts:
127.0.0.1       www.my-domain.es
127.0.1.1       www.my-domain.es
192.168.0.1     www.my-domain.es

Using getaddrinfo() on www.my-domain.es, trigger the following assertion:
../sysdeps/posix/getaddrinfo.c:1473: rfc3484_sort: Assertion
`src->results[i].native == -1 || src->results[i].native == a1_native' failed.

This is due to two different bugs:
- In rfc3484_sort() rule 7, src->results[i].native is assigned even if
src->results[i].index is -1, meaning that no interface is associated.
- In getaddrinfo() the source IP address used with the lo interface needs a
special case, as it can be any IP within 127.X.Y.Z.
2013-10-25 14:28:32 +10:00
Andreas Schwab
b957ced889 Don't use gethostbyaddr to determine canonical name 2013-10-17 16:34:27 +02:00
Andreas Schwab
b2179107f3 Properly cache the result from looking up the nss database config 2013-09-30 10:29:13 +02:00
Siddhesh Poyarekar
3a30923983 Use __glibc_unlikely instead of __builtin_expect (..., 0) 2013-08-28 09:44:19 +05:30
Siddhesh Poyarekar
3d04f5db20 Set EAI_SYSTEM only when h_errno is NETDB_INTERNAL
Fixes BZ #15339.

NSS_STATUS_UNAVAIL may mean that a necessary input resource is not
available.  This could occur in a number of cases including when the
network is down, system runs out of file descriptors, etc.  The
correct differentiator in such a case is the h_errno, which gives the
nature of failure.  In case of failures other than a simple 'not
found', we set h_errno as NETDB_INTERNAL and let errno be the
identifier for the exact error.
2013-05-21 21:54:41 +05:30
Ryan S. Arnold
e054f49430 Add #include <stdint.h> for uint[32|64]_t usage (except installed headers). 2013-05-16 11:32:54 -05:00
Siddhesh Poyarekar
2169712d9c Minor cleanup in getaddrinfo
Replace repeated computations of alloca size with a local variable
that stores the computed value.
2013-04-22 10:24:00 +05:30
Andreas Schwab
1cef1b1908 Fix stack overflow in getaddrinfo with many results 2013-04-03 17:39:15 +02:00
Siddhesh Poyarekar
cfde9b463d Return EAI_SYSTEM if we're out of file descriptors
Resolves BZ #14719.
2012-11-19 13:02:48 +05:30
Chris Metcalf
017678433c Suppress incorrect link warnings for NSS symbols
When glibc is built with --enable-static-nss, the warning that
using NSS symbols requires the nss shared objects to be present
is no longer true, as those symbols are built into libc.  Suppress
the warning for those symbols by providing a new macro
(nss_interface_function) for the NSS functions that is defined as
static_link_warning in the normal case, and empty for static NSS.
2012-10-30 14:14:33 -04:00
Jeff Law
115411772b [BZ #11438]
* sysdeps/posix/getaddrinfo.c (default_scopes): Map RFC 1918
        * addresses
        to global scope.
        * posix/tst-rfc3484.c: Verify 10/8, 172.16/12 and 196.128/16
        addresses are in the same scope as 192.0.2/24.
        * posix/gai.conf: Document new scope table defaults.
2012-09-28 10:15:05 -06:00
Jeff Law
8479f23aa1 * sysdeps/posix/getaddrinfo.c (gaih_inet): Only use gethostbyname4_r
if the family is PF_UNSPEC.
2012-08-22 11:41:40 -06:00
Roland McGrath
fbc723bb37 Fix typo in last change. 2012-08-17 11:49:00 -07:00
Roland McGrath
a084405777 Fix getaddrinfo for [!_STATBUF_ST_NSEC] case. 2012-08-17 11:47:06 -07:00
Jeroen van Bemmel
7b6e99be77 Avoid duplicate DNS requests if answer is longer than a implementation
limit

        [BZ #14307]
        * sysdeps/posix/getaddrinfo.c (gaih_inet): Increase the size of
        the temporary buffer used to invoke __gethostbyname2_r,
        __gethostbyaddr_r and gethostbyname4_r to make room for struct
        host_data / struct gaih_addrtuple.
        * resolv/nss_dns/dns-host.c (global scope): Move definition of
        implementation constants MAX_NR_ALIASES and MAX_NR_ADDRS to
        header file nss/nsswitch.h.
        * nss/nsswitch.h (global scope): Add definition of implementation
        constants MAX_NR_ALIASES and MAX_NR_ADDRS (moved from
        resolv/nss_dns/dns-host.c).
2012-07-12 11:31:48 +05:30
Thomas Schwinge
be971a2b1c Hurd: libc_once_get 2012-05-10 15:57:24 -07:00
Ulrich Drepper
312be3f9f5 Clean up internal fopen uses
No need to ever not use c and e.
2011-11-15 04:24:42 -05:00
Ulrich Drepper
3a2c02424d Cache network interface information
Whenever getaddrinfo needed network interface information it used the
netlink interface to read the information every single time.  The
problem is that this information can change at any time.

The patch implements monitoring of the network interfaces through
nscd.  If no change is detected the previously read information can
be reused (which is the norm).  This timestamp information is also
made available to other processes using the shared memory segment
between nscd and those processes.
2011-10-31 01:51:16 -04:00
Andreas Schwab
2e96f1c73b Fix encoding name for IDN in getaddrinfo 2011-08-04 15:42:10 -04:00
Andreas Schwab
89f654c57b Make sure RES_USE_INET6 is always restored 2011-06-30 06:33:32 -04:00
Ulrich Drepper
fa3fc0fe5f Avoid __check_pf calls in getaddrinfo unless really needed 2011-06-22 15:00:54 -04:00
Andreas Schwab
e12df166d3 Fix Ipv4&IPv6 lookup in getaddrinfo
Problem introduced in the last patch.
2011-06-22 14:35:49 -04:00
Ulrich Drepper
c0244a9ded Fix IPv6-only lookups through getaddrinfo
A recent patch introduced a problem where IPv6 lookups happily returned
IPv4 addresses.
2011-06-21 17:03:38 -04:00
Ulrich Drepper
c5e3c2ae59 Minor optimization of getaddrinfo after recent patch 2011-06-21 13:06:42 -04:00
Ulrich Drepper
3154bfb8c7 Fix memory leak in getaddrinfo 2011-06-13 08:31:50 -04:00
Ulrich Drepper
7ae22829af Restore _res correctly
getaddrinfo works around the resolver functionality to avoid automatic
IPv6 lookups.  The restoring didn't allow for the resolver to set
additional bits in _res.
2011-05-29 23:49:49 -04:00
Ulrich Drepper
34a9094f49 Don't unconditionally use alloca in gaih_inet 2011-05-20 23:46:03 -04:00
Maciej Babinski
0b592a30f5 getaddrinfo(AF_INET6) does not return scope_id info provided by NSS modules 2011-05-02 21:11:17 -04:00
Ulrich Drepper
86e9235918 Fix decoding of canonical name in getaddrinfo. 2011-01-19 15:50:05 -05:00
Ulrich Drepper
c3e2f19bb9 Add self-contained test for NSS.
While at it fix interaction between __nss_configure_lookup and nscd.
Otherwise the test fails if nscd is runnung.
2010-08-11 07:25:02 -07:00
Ulrich Drepper
07f9ca32a9 Fix one case of last checkin.
If the v4 lookup failed but v6 succeeded we treat this as a success.
2010-03-26 05:52:39 -07:00
Ulrich Drepper
7c9302908e Don't abort immediately on successful lookup in getaddrinfo.
When not using gethostbyname4 methods we immediately aborted the loop
over the nss modules on the first successful lookup.  While this is
almost always what is wanted the nsswitch.conf file allows to select
something different.
2010-03-26 05:40:27 -07:00
Andreas Schwab
c3dfadb87e Fix spurious UNAVAIL status is getaddrinfo 2010-03-26 05:35:50 -07:00
Ulrich Drepper
a682a1bf55 Fix a few error cases in *name4_r lookup handling. 2009-12-10 15:44:26 -08:00
Ulrich Drepper
657317537c Handle missing NSS modules and those without callbacks.
getaddrinfo didn't update the status variable in that round of the
loop if no callback was used.
2009-07-25 12:29:04 -07:00
Ulrich Drepper
bfbbc63f04 * sysdeps/posix/getaddrinfo.c (gaih_inet): When the
gethostbyname4_r function call succeeded, just leave the loop.
2008-12-29 23:47:07 +00:00
Ulrich Drepper
da5ac1352d * resolv/nss_dns/dns-host.c (_nss_dns_gethostbyname3_r): Recognize
ESRCH return value.
	(_nss_dns_gethostbyname4_r): Likewise.
	* resolv/res_init.c (__res_vinit): Initialize nscount to zero.
	* sysdeps/posix/getaddrinfo.c (gaih_inet): In case we use
	gethostbyname4_r, we don't have a separate IPv6 status, so copy
	the no_data variable.
2008-12-03 07:30:39 +00:00
Ulrich Drepper
be4607eba8 * sysdeps/posix/getaddrinfo.c (getaddrinfo): Only restrict search
to IPv4 or IPv6 if an interface has been found.
2008-11-27 06:31:04 +00:00