Commit Graph

589 Commits

Author SHA1 Message Date
Florian Weimer
fc82b0a2df CVE-2015-5180: resolv: Fix crash with internal QTYPE [BZ #18784]
Also rename T_UNSPEC because an upcoming public header file
update will use that name.
2016-12-31 20:27:44 +01:00
Florian Weimer
bbe989ee87 resolv: Deprecate RES_BLAST 2016-12-31 19:08:39 +01:00
Florian Weimer
b76e065991 resolv: Deprecate the "inet6" option and RES_USE_INET6 [BZ #19582] 2016-12-31 18:55:14 +01:00
Florian Weimer
5840c75c2d resolv: Add beginnings of a libresolv test suite 2016-12-31 18:52:32 +01:00
Florian Weimer
e7eceec0bc resolv: Turn historic name lookup functions into compat symbols
This change also removes the preprocessor-based function renaming.
It also applied to tests in resolv/, which ended up running against
the historic functions.

_endhtent was not part of the ABI because it is not listed in the
resolv/Versions file.
2016-12-30 18:43:04 +01:00
Dmitry V. Levin
12f1ae05c0 Fix typos in the spelling of "implementation"
Apply the following spelling fix:
$ git grep -El 'implemetn?ation' |
  xargs sed -ri 's/implemetn?ation/implementation/g'

[BZ #19514]
* resolv/res_send.c: Fix typo in comment.
* sysdeps/i386/i386-mcount.S: Likewise.
* sysdeps/s390/s390-32/s390-mcount.S: Likewise.
* sysdeps/s390/s390-64/s390x-mcount.S: Likewise.
* sysdeps/sparc/sparc-mcount.S: Likewise.
2016-12-27 20:13:35 +00:00
Florian Weimer
7d68cdaa4f resolv: Remove processing of unimplemented "spoof" host.conf options 2016-12-27 16:49:42 +01:00
Nick Alcock
1ad4ba28e9 Drop explicit stack-protection of pieces of the system [BZ #7065] 2016-12-26 10:11:05 +01:00
Carlos O'Donell
0cb9dcc8f2 Bug 20729: Fix build failures on ppc64 and other arches.
The changes to fix bug 20729 introduced an error which removed an
ignore diagnostic from -O2 by using the new -Os related macro.
This broke ppc64 builds. This commit fixes the mistake.

Tested on x86, x86_64, ppc64, ppc64le, arm, aarch64, and s390x.
2016-11-02 13:01:36 -04:00
Carlos O'Donell
93fe09cb5f Bug 20729: Fix building with -Os.
This commit adds a new DIAG_IGNORE_Os_NEEDS_COMMENT which is only
enabled when compiling with -Os. This allows developers working on
-Os enabled builds to mark false-positive warnings without impacting the
warnings emitted at -O2.

Then using the new DIAG_IGNORE_Os_NEEDS_COMMENT we fix 6 warnings
generated with GCC 5 to get -Os builds working again.
2016-10-29 23:50:56 -04:00
Florian Weimer
bf8c542403 resolv: Compile without -Wno-write-strings 2016-10-11 15:43:41 +02:00
Florian Weimer
5140d036f9 resolv: Remove RES_USEBSTRING and its implementation [BZ #20629]
In ns_name_ntop, the NS_CMPRSFLGS check is no longer needed because
labellen (called earlier) already rejects everything which is not
a plain label (compression references and extended label types).
2016-10-07 17:41:59 +02:00
Florian Weimer
7ec47a85d8 resolv: Remove RES_NOIP6DOTINT and its implementation 2016-10-07 17:41:59 +02:00
Florian Weimer
bfbd1de159 resolv: Deprecate unimplemented flags
RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG result
in compile-time warnings.  Some of these flags are still used in
applications.
2016-10-07 17:41:45 +02:00
Zack Weinberg
05b68e14b1 Installed-header hygiene (BZ#20366): time.h types.
Many headers are expected to expose a subset of the type definitions
in time.h.  time.h has a whole bunch of messy logic for conditionally
defining some its types and structs, but, as best I can tell, this
has never worked 100%.  In particular, __need_timespec is ineffective
if _TIME_H has already been defined, which means that if you compile

  #include <time.h>
  #include <sched.h>

with e.g. -fsyntax-only -std=c89 -Wall -Wsystem-headers, you will get

In file included from test.c:2:0:
/usr/include/sched.h:74:57: warning: "struct timespec" declared inside
  parameter list will not be visible outside of this definition or declaration
 extern int sched_rr_get_interval (__pid_t __pid, struct timespec *__t) __THROW;
                                                         ^~~~~~~~

And if you want to _use_ sched_rr_get_interval in a TU compiled that
way, you're hosed.

This patch replaces all of that with small bits/types/TYPE.h headers
as introduced earlier.  time.h and bits/time.h are now *much* simpler,
and a lot of other headers are slightly simpler.

	* time/time.h, bits/time.h, sysdeps/unix/sysv/linux/bits/time.h:
	Remove all logic conditional on __need macros.  Move all the
	conditionally defined types to their own headers...
	* time/bits/types/clock_t.h: Define clock_t here.
	* time/bits/types/clockid_t.h: Define clockid_t here.
	* time/bits/types/struct_itimerspec.h: Define struct itimerspec here.
	* time/bits/types/struct_timespec.h: Define struct timespec here.
	* time/bits/types/struct_timeval.h: Define struct timeval here.
	* time/bits/types/struct_tm.h: Define struct tm here.
	* time/bits/types/time_t.h: Define time_t here.
	* time/bits/types/timer_t.h: Define timer_t here.
	* time/Makefile: Install the new headers.

	* bits/resource.h, io/fcntl.h, io/sys/poll.h, io/sys/stat.h
	* io/utime.h, misc/sys/select.h, posix/sched.h, posix/sys/times.h
	* posix/sys/types.h, resolv/netdb.h, rt/aio.h, rt/mqueue.h
	* signal/signal.h, pthread/semaphore.h, sysdeps/nptl/pthread.h
	* sysdeps/unix/sysv/linux/alpha/bits/resource.h
	* sysdeps/unix/sysv/linux/alpha/sys/acct.h
	* sysdeps/unix/sysv/linux/bits/resource.h
	* sysdeps/unix/sysv/linux/bits/timex.h
	* sysdeps/unix/sysv/linux/mips/bits/resource.h
	* sysdeps/unix/sysv/linux/net/ppp_defs.h
	* sysdeps/unix/sysv/linux/sparc/bits/resource.h
	* sysdeps/unix/sysv/linux/sys/acct.h
	* sysdeps/unix/sysv/linux/sys/timerfd.h
	* sysvipc/sys/msg.h, sysvipc/sys/sem.h, sysvipc/sys/shm.h
	* time/sys/time.h, time/sys/timeb.h
	Use the new bits/types headers.

	* include/time.h: Remove __need logic.
	* include/bits/time.h
	* include/bits/types/clock_t.h, include/bits/types/clockid_t.h
	* include/bits/types/time_t.h, include/bits/types/timer_t.h
	* include/bits/types/struct_itimerspec.h
	* include/bits/types/struct_timespec.h
	* include/bits/types/struct_timeval.h
	* include/bits/types/struct_tm.h:
	New wrapper headers.
2016-09-23 08:43:56 -04:00
Zack Weinberg
11160cb76f Installed-header hygiene (BZ#20366): obsolete BSD u_* types.
The types u_char, u_short, u_int, u_long, ushort, uint, ulong, u_int8_t,
u_int16_t, u_int32_t, u_int64_t, quad_t, and u_quad_t are BSDisms that
have never been standardized.  While glibc should continue to *provide*
these types for compatibility's sake, its public headers should not
use them.

The meat of this change was mechanically generated by the following
shell command:

    perl -pi~ -e '
        s/\b(__)?u_char\b/unsigned char/g;
        s/\b(__)?u_?short\b/unsigned short/g;
        s/\b(__)?u_?int\b/unsigned int/g;
        s/\b(__)?u_?long\b/unsigned long/g;
        s/\b(__)?u_int8_t\b/uint8_t/g;
        s/\b(__)?u_int16_t\b/uint16_t/g;
        s/\b(__)?u_int32_t\b/uint32_t/g;
        s/\b(__)?u_int64_t\b/uint64_t/g;
        s/\b(__)?u_quad_t\b/uint64_t/g;
        s/\b(__)?quad_t\b/uint64_t/g;
    ' $(grep -lE -e '\<((__)?(quad_t|u(short|int|long|_(char|short|int([0-9]+_t)?|long|quad_t))))\>' \
        $(grep -LE '\<(_(SYS|BITS)_TYPES_H|rpc/(rpc|rpc_msg|types|xdr)\.h)\>' \
          $(find . \( -false $(sed 's/^/-o -name /' all-installed-headers) \
                   \) -printf '%P\n' | sort -u)))

where 'all-installed-headers' was a list of the basenames of all installed
header files, manually extracted from the Makefiles.  Non-installed
wrapper headers in include/ are also adjusted, for consistency.
I then manually fixed up indentation and line-wrapping.

sys/types.h and bits/types.h are excluded because they must continue
to define the u_* types (under __USE_MISC) for compatibility with
applications.  They do not use these types themselves.

All headers that (transitively) include rpc/types.h are also excluded,
for three reasons.  First, the u_* types are defined by rpc/types.h,
unconditionally (not just under __USE_MISC) so they are logically part
of the SunRPC API.  Second, many of those headers appear to be
machine-generated.  Third, it's my understanding that we are getting
rid of as much of SunRPC as possible in the near future.

(The one file under sunrpc/ that's touched, sunrpc/rpc/rpc_des.h, does
*not* include rpc/types.h.  This may itself be a bug.)

After changing from u_intNN_t to uintNN_t, a number of headers now
need to include stdint.h to pick up those types.  It might be more
hygenic, namespace-wise, to use __uintNN_t instead, but none of these
headers are bound by ISO or POSIX to do so, and it's unlikely that
anyone using them will be bothered.  (The two files that were using
__-prefixed versions of the u_types, sysdeps/mach/hurd/net/route.h and
sysdeps/unix/sysv/linux/net/route.h, both already also contained uses of
the unprefixed versions.)

Some of these files directly included features.h and/or sys/cdefs.h,
which I removed, as the style generally seems to be to let sys/types.h
do that for us.  (This does not change the set of definitions exposed
by any header; sys/types.h unconditionally includes both features.h
and sys/cdefs.h.)

One file included asm/types.h unnecessarily.

	* bits/in.h, gmon/sys/gmon.h, inet/netinet/igmp.h
	* inet/protocols/routed.h, inet/protocols/talkd.h
	* inet/protocols/timed.h, io/fts.h, nptl_db/thread_db.h
	* resolv/arpa/nameser.h, resolv/resolv.h, sunrpc/rpc/rpc_des.h
	* sysdeps/generic/netinet/if_ether.h
	* sysdeps/generic/netinet/in_systm.h
	* sysdeps/generic/netinet/ip.h, sysdeps/generic/netinet/tcp.h
	* sysdeps/gnu/netinet/ip_icmp.h, sysdeps/gnu/netinet/tcp.h
	* sysdeps/gnu/netinet/udp.h, sysdeps/mach/hurd/net/ethernet.h
	* sysdeps/mach/hurd/net/if_arp.h
	* sysdeps/mach/hurd/net/if_ppp.h
	* sysdeps/mach/hurd/net/route.h, sysdeps/mach/sys/reboot.h
	* sysdeps/unix/sysv/linux/bits/in.h
	* sysdeps/unix/sysv/linux/net/ethernet.h
	* sysdeps/unix/sysv/linux/net/if_arp.h
	* sysdeps/unix/sysv/linux/net/if_ppp.h
	* sysdeps/unix/sysv/linux/net/if_shaper.h
	* sysdeps/unix/sysv/linux/net/route.h
	* sysdeps/unix/sysv/linux/netinet/if_ether.h
	* sysdeps/unix/sysv/linux/netinet/if_fddi.h
	* sysdeps/unix/sysv/linux/netinet/if_tr.h
	* sysdeps/unix/sysv/linux/netipx/ipx.h
	* sysdeps/unix/sysv/linux/sys/acct.h
	* include/arpa/nameser.h, include/resolv.h:
	Change all uses of u_char to unsigned char,
	u_short and ushort to unsigned short, u_int and uint to unsigned int,
	u_long and ulong to unsigned long, u_int8_t to uint8_t,
        u_int16_t to uint16_t, u_int32_t to uint32_t, quad_t to int64_t,
	and u_int64_t and u_quad_t to uint64_t.

	* mach/sys/reboot.h: Remove two casts of integer literals
	to the types they already have.

	* bits/in.h: Correct error in description of IP_MULTICAST_LOOP.
	* sysdeps/unix/sysv/linux/bits/in.h: Likewise.
	* sysdeps/unix/sysv/linux/netinet/if_ether.h: Change a comment
	from referring to 'unsigned char' to 'uint8_t' for consistency with
	the macro definition below.

	* gmon/sys/gmon.h, inet/netinet/igmp.h, inet/protocols/talkd.h
	* io/fts.h, resolv/arpa/nameser.h, resolv/resolv.h
	* sunrpc/rpc/rpc_des.h, sysdeps/generic/netinet/ip.h
	* sysdeps/gnu/netinet/tcp.h, sysdeps/gnu/netinet/udp.h
	* sysdeps/mach/hurd/net/if_ppp.h, sysdeps/unix/sysv/linux/net/if_ppp.h
	* sysdeps/unix/sysv/linux/sys/acct.h
	* include/arpa/nameser.h, include/resolv.h:
	Fix indentation disrupted by mechanical edits.

	* inet/protocols/talkd.h, resolv/arpa/nameser.h
	* sysdeps/generic/netinet/in_systm.h
	* sysdeps/gnu/netinet/ip_icmp.h, sysdeps/gnu/netinet/tcp.h
	* sysdeps/gnu/netinet/udp.h
	* sysdeps/unix/sysv/linux/net/ethernet.h
	* sysdeps/unix/sysv/linux/net/if_arp.h
	* sysdeps/unix/sysv/linux/net/if_ppp.h
	* sysdeps/unix/sysv/linux/net/if_shaper.h
	* sysdeps/unix/sysv/linux/netinet/if_fddi.h
	* sysdeps/unix/sysv/linux/netinet/if_tr.h
	* sysdeps/unix/sysv/linux/netipx/ipx.h
	* sysdeps/unix/sysv/linux/sys/acct.h
	Include stdint.h for uintNN_t definitions.
	Don't include sys/cdefs.h, features.h, or asm/types.h directly.
2016-09-23 08:43:56 -04:00
Zack Weinberg
cb765808fb Installed-header hygiene (BZ#20366): Simple self-contained fixes.
Some headers did not include all of their prerequisite headers.

	* rpcsvc/nislib.h: Include rpcsvc/nis.h.
	* sysdeps/unix/sysv/linux/netrose/rose.h:
	Include sys/socket.h and netax25/ax25.h.

<endian.h> only defines BYTE_ORDER, BIG_ENDIAN, LITTLE_ENDIAN,
etc. under __USE_MISC; glibc's headers should use __BYTE_ORDER,
__BIG_ENDIAN, __LITTLE_ENDIAN, etc. instead.

	* inet/netinet/icmp6.h, inet/netinet/ip6.h
	* resolv/arpa/nameser_compat.h:
	Use __BYTE_ORDER etc. instead of BYTE_ORDER etc.

sys/types.h only conditionally defines caddr_t and clockid_t.

	* sysdeps/unix/sysv/linux/sys/quota.h:
	Use __caddr_t instead of caddr_t.
	* sysdeps/unix/sysv/linux/sys/timerfd.h:
	Use __clockid_t instead of clockid_t.

Remove a #warning that was the sole actual problem with using sys/ipc.h
without _GNU_SOURCE/_XOPEN_SOURCE.

	* sysvipc/sys/ipc.h: Remove unnecessary #warning.

_LIBC, __USE_XOPEN2K8, and __STDC_VERSION__ are not always defined.

It seems to me that _LIBC should not appear in installed headers, but
avoiding that for argp specifically would require more surgery than
feels appropriate for this patch set.  It's possible that
"#ifdef _LIBC" would be sufficient, but I wanted to be conservative.

All three versions of bits/socket.h want to know whether __flexarr
will produce a real flexible array member -- specifically, one that
doesn't alter sizeof(the structure containing it).  They were testing
for this with a complicated #if condition that did not agree with
sys/cdefs.h and that tripped -Wundef warnings under -std=c90.
I added a new macro to sys/cdefs.h, __glibc_c99_flexarr_available,
which reveals exactly what these headers want to know.  I also took
the opportunity to flatten the rather messy conditional nest defining
__flexarr.

	* argp/argp.h: Check whether _LIBC is defined before expanding it.
	* posix/glob.h: Check whether __USE_XOPEN2K8 is defined instead
	of expanding it.

	* misc/sys/cdefs.h: Tidy up conditional nest defining __flexarr.
	Define __glibc_c99_flexarr_available to 1 when the compiler
	supports C99-compatible flexible array members, 0 otherwise.
	* sysdeps/unix/sysv/linux/bits/socket.h
	* sysdeps/mach/hurd/bits/socket.h
	* bits/socket.h: Use __glibc_c99_flexarr_available in
	definitions of struct cmsghdr and CMSG_DATA.
2016-09-23 08:43:55 -04:00
Florian Weimer
6815a33d53 resolv: Remove unsupported hook functions from the API [BZ #20016] 2016-09-21 16:30:27 +02:00
Florian Weimer
be728303a6 <arpa/nameser.h>: Remove RR type classification macros [BZ #20592]
The macros are no longer up-to-date, and the classification is not
useful.  In this particular case, removal without prior deprecation
seems the right approach.
2016-09-21 16:27:14 +02:00
Florian Weimer
006768c72a <arpa/nameser.h>, <arpa/nameser_compat.h>: Remove versions
Our header files no longer match the BIND versions.
2016-09-21 16:09:21 +02:00
Florian Weimer
17b09beee7 resolv: Remove the BIND_4_COMPAT macro 2016-09-21 16:09:03 +02:00
Florian Weimer
3a2a1d2cc2 Remove obsolete DNSSEC support [BZ #20591]
The removed function declaration have never been implemented in libresolv.
2016-09-21 16:08:32 +02:00
Florian Weimer
80d8cb91de inet: Add __inet6_scopeid_pton function [BZ #20611]
__inet6_scopeid_pton implements strict validation of numeric scope IDs.
Use it in getaddrinfo and __res_vinit.
2016-09-15 15:46:30 +02:00
Florian Weimer
fd37b5a78a resolv: Remove _LIBC_REENTRANT 2016-09-13 15:08:37 +02:00
Torvald Riegel
6f9d4f595e Fix incorrect double-checked locking related to _res_hconf.initialized.
_res_hconf.initialized was not suitable for use in a multi-threaded
environment due to the lack of atomics and memory barriers.  Use of it was
also unnecessary because _res_hconf_init did the right thing by using
__libc_once.  This patch fixes the glibc-internal uses by just calling
_res_hconf_init unconditionally, and switches to a release MO atomic store
for _res_hconf.initialized to fix the glibc side of the synchronization
problem (which will maintain backward compatibility, but cannot fix the
lack of acquire MO on any glibc-external loads).

	[BZ #20477]
	* resolv/res_hconf.c (do_init): Use atomic access.
	* resolv/res_hconf.h: Add comments.
	* nscd/aicache.c (addhstaiX): Call _res_hconf_init unconditionally.
	* nss/getXXbyYY_r.c (REENTRANT_NAME): Likewise.
	* sysdeps/posix/getaddrinfo.c (gaih_inet): Likewise.
2016-08-18 20:53:37 +02:00
Florian Weimer
4efdc6d956 resolv: Call gmtime_r instead of gmtime in p_secstodate [BZ #20017] 2016-05-10 10:50:24 +02:00
Florian Weimer
ed3c7876cc resolv: Reindent preprocessor conditionals following cleanups 2016-04-28 16:53:56 +02:00
Florian Weimer
e01eef67ba resolv: Assorted preprocessor cleanups 2016-04-28 13:58:18 +02:00
Florian Weimer
ecfda0fc25 resolv: Remove SUNSECURITY preprocessor conditionals
The macro is never defined.
2016-04-28 13:56:39 +02:00
Florian Weimer
c40226cb4c resolv: Remove BSD compatibility conditionals and header 2016-04-28 13:56:39 +02:00
Florian Weimer
e5a0ec981c resolv: Remove __BIND_NOSTATIC conditionals
The macro is never defined.
2016-04-28 13:56:38 +02:00
Florian Weimer
687c1c0ce2 resolv: Remove traces of ULTRIX support 2016-04-28 13:56:38 +02:00
Florian Weimer
18b36f5dcf resolv: Remove RFC1535 conditionals 2016-04-28 12:53:51 +02:00
Florian Weimer
74a6983155 resolv: Remove RESOLVSORT preprocess conditionals 2016-04-28 12:53:51 +02:00
Florian Weimer
561905e137 resolv: Remove BIND_UPDATE preprocessor conditionals 2016-04-28 12:53:50 +02:00
Florian Weimer
c99c925b8b resolv: Remove _LIBC conditionals 2016-04-28 12:53:49 +02:00
Florian Weimer
1f32be054b resolv: Remove SCCS and RCS keywords 2016-04-28 12:53:49 +02:00
Florian Weimer
a12f9431b3 nss_dns: Skip over non-PTR records in the netent code [BZ #19868]
This requires additional checks for the RDATA length and the
availability of record metadata.
2016-04-27 17:15:57 +02:00
Florian Weimer
c3bae689d3 nss_dns: Remove custom offsetof macro definition 2016-04-27 16:48:45 +02:00
Florian Weimer
5e0c421cc0 nss_dns: Check address length before creating addrinfo result [BZ #19831]
Previously, we allocated room in the result space before the check,
leaving uninitialized data there in case the check failed.

This also consolidates the behavior between single (A or AAAA) and
dual (A and AAAA in parallel) queries.  Single queries checked
the record length against the QTYPE, not the RRTYPE.
2016-04-27 16:39:12 +02:00
Florian Weimer
b9b026c9c0 resolv, nss_dns: Remove remaining syslog logging [BZ #19862]
The fix for bug 14841 only removed part of the logging.
2016-04-27 16:21:40 +02:00
Florian Weimer
f749498fa5 nss_dns: Validate RDATA length against packet length [BZ #19830]
In _nss_dns_getcanonname_r, a check for the availability of RR metadata
was missing as well.
2016-04-27 15:11:42 +02:00
Florian Weimer
b9bdfa7c8f resolv: Always set *resplen2 out parameter in send_vc [BZ #19825]
In various error scenarios (for example, if the server closes the
TCP connection before sending the full response), send_vc can return
without resetting the *resplen2 value.  This can pass uninitialized
or unexpected data to the caller.
2016-04-27 14:26:47 +02:00
Florian Weimer
d29fb41f44 nss_dns: Fix assertion failure in _nss_dns_getcanonname_r [BZ #19865] 2016-04-11 10:55:43 +02:00
Florian Weimer
317b199b4a CVE-2016-3075: Stack overflow in _nss_dns_getnetbyname_r [BZ #19879]
The defensive copy is not needed because the name may not alias the
output buffer.
2016-03-29 12:57:56 +02:00
Florian Weimer
b66d837bb5 resolv: Always set *resplen2 out parameter in send_dg [BZ #19791]
Since commit 44d20bca52 (Implement
second fallback mode for DNS requests), there is a code path which
returns early, before *resplen2 is initialized.  This happens if the
name server address is immediately recognized as invalid (because of
lack of protocol support, or if it is a broadcast address such
255.255.255.255, or another invalid address).

If this happens and *resplen2 was non-zero (which is the case if a
previous query resulted in a failure), __libc_res_nquery would reuse
an existing second answer buffer.  This answer has been previously
identified as unusable (for example, it could be an NXDOMAIN
response).  Due to the presence of a second answer, no name server
switching will occur.  The result is a name resolution failure,
although a successful resolution would have been possible if name
servers have been switched and queries had proceeded along the search
path.

The above paragraph still simplifies the situation.  Before glibc
2.23, if the second answer needed malloc, the stub resolver would
still attempt to reuse the second answer, but this is not possible
because __libc_res_nsearch has freed it, after the unsuccessful call
to __libc_res_nquerydomain, and set the buffer pointer to NULL.  This
eventually leads to an assertion failure in __libc_res_nquery:

	/* Make sure both hp and hp2 are defined */
	assert((hp != NULL) && (hp2 != NULL));

If assertions are disabled, the consequence is a NULL pointer
dereference on the next line.

Starting with glibc 2.23, as a result of commit
e9db92d3ac (CVE-2015-7547: getaddrinfo()
stack-based buffer overflow (Bug 18665)), the second answer is always
allocated with malloc.  This means that the assertion failure happens
with small responses as well because there is no buffer to reuse, as
soon as there is a name resolution failure which triggers a search for
an answer along the search path.

This commit addresses the issue by ensuring that *resplen2 is
initialized before the send_dg function returns.

This commit also addresses a bug where an invalid second reply is
incorrectly returned as a valid to the caller.
2016-03-25 11:49:52 +01:00
Samuel Thibault
35fbb341f8 Fix hurd build
* sysdeps/mach/hurd/openat.c (__openat): Add missing ellipsis.
	* resolv/gai_sigqueue.c (__gai_sigqueue): Add missing internal_function
	qualifier.
	* /rt/aio_sigqueue.c (__aio_sigqueue): Add missing attribute_hidden
	internal_function qualifiers.
2016-03-16 13:57:57 +01:00
Andreas Schwab
5e7fdabd7d Fix resource leak in resolver (bug 19257)
The number of currently defined nameservers is stored in ->nscount,
whereas ->_u._ext.nscount is set by __libc_res_nsend only after local
initializations.
2016-03-15 13:15:54 +01:00
Florian Weimer
aff8c7a9a7 res_ninit: Update comment
Since commit e66e7419a6 (Actually make
it possible to user the default name server.), the default is
INADDR_LOOPBACK, not INADDR_ANY.
2016-02-19 17:00:47 +01:00
Carlos O'Donell
e9db92d3ac CVE-2015-7547: getaddrinfo() stack-based buffer overflow (Bug 18665).
* A stack-based buffer overflow was found in libresolv when invoked from
  libnss_dns, allowing specially crafted DNS responses to seize control
  of execution flow in the DNS client.  The buffer overflow occurs in
  the functions send_dg (send datagram) and send_vc (send TCP) for the
  NSS module libnss_dns.so.2 when calling getaddrinfo with AF_UNSPEC
  family.  The use of AF_UNSPEC triggers the low-level resolver code to
  send out two parallel queries for A and AAAA.  A mismanagement of the
  buffers used for those queries could result in the response of a query
  writing beyond the alloca allocated buffer created by
  _nss_dns_gethostbyname4_r.  Buffer management is simplified to remove
  the overflow.  Thanks to the Google Security Team and Red Hat for
  reporting the security impact of this issue, and Robert Holiday of
  Ciena for reporting the related bug 18665. (CVE-2015-7547)

See also:
https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html
https://sourceware.org/ml/libc-alpha/2016-02/msg00418.html
2016-02-16 21:29:32 -05:00