Linux gethostid: Check for NULL value from gethostbyname_r [BZ #23679]

A NULL value can happen with certain gethostbyname_r failures.

(cherry picked from commit 1214ba06e6771acb953a190091b0f6055c64fd25)

3 files changed, 8 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index d9e7e6f1d8..fc1ea1e418 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2018-09-20  Mingli Yu  <Mingli.Yu@windriver.com>
+
+	* sysdeps/unix/sysv/linux/gethostid.c (gethostid): Check for NULL
+	value from gethostbyname_r.
+
 2018-09-06  Stefan Liebler  <stli@linux.ibm.com>
 
 	* sysdeps/unix/sysv/linux/spawni.c (maybe_script_execute):
diff --git a/NEWS b/NEWS
index 2855ffde58..502e0c19f5 100644
--- a/NEWS
+++ b/NEWS
@@ -13,6 +13,7 @@ The following bugs are resolved with this release:
   [23521] nss_files aliases database file stream leak
   [23538] pthread_cond_broadcast: Fix waiters-after-spinning case
   [23578] regex: Fix memory overread in re_compile_pattern
+  [23679] gethostid: Missing NULL check for gethostbyname_r result
 
 
 Version 2.28
diff --git a/sysdeps/unix/sysv/linux/gethostid.c b/sysdeps/unix/sysv/linux/gethostid.c
index 2e20f034dc..ee0190e7f9 100644
--- a/sysdeps/unix/sysv/linux/gethostid.c
+++ b/sysdeps/unix/sysv/linux/gethostid.c
@@ -102,12 +102,12 @@ gethostid (void)
     {
       int ret = __gethostbyname_r (hostname, &hostbuf,
 				   tmpbuf.data, tmpbuf.length, &hp, &herr);
-      if (ret == 0)
+      if (ret == 0 && hp != NULL)
 	break;
       else
 	{
 	  /* Enlarge the buffer on ERANGE.  */
-	  if (herr == NETDB_INTERNAL && errno == ERANGE)
+	  if (ret != 0 && herr == NETDB_INTERNAL && errno == ERANGE)
 	    {
 	      if (!scratch_buffer_grow (&tmpbuf))
 		return 0;