From 51e4196f16a2d98377e3c481a44e133369dc7669 Mon Sep 17 00:00:00 2001 From: Andreas Schwab Date: Tue, 10 Nov 2009 07:36:50 -0800 Subject: Handle running out of buffer space with IPv6 mapping enabled. With big DNS answers like the one you get for goodtimesdot.com you can get a truncated address list if IPv6 mapping is enabled. Instead tell the caller to resize the buffer. --- ChangeLog | 8 ++++++++ resolv/mapv4v6hostent.h | 12 +++++------- resolv/nss_dns/dns-host.c | 6 ++++-- 3 files changed, 17 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index ac8baf13be..49c2e08a4a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,7 +1,15 @@ +2009-11-10 Andreas Schwab + + * resolv/mapv4v6hostent.h (map_v4v6_hostent): Return non-zero if + out of buffer space. + * resolv/nss_dns/dns-host.c (getanswer_r): Check for + map_v4v6_hostent running out of space. + 2009-11-10 Ulrich Drepper * string/bits/string3.h (memset): If the second parameter is constant and zero there is likely no transposition. + Patch by Caolan McNamara diff --git a/resolv/mapv4v6hostent.h b/resolv/mapv4v6hostent.h index 4151ce3639..c11038adf3 100644 --- a/resolv/mapv4v6hostent.h +++ b/resolv/mapv4v6hostent.h @@ -57,13 +57,13 @@ typedef union { char ac; } align; -static void +static int map_v4v6_hostent (struct hostent *hp, char **bpp, int *lenp) { char **ap; if (hp->h_addrtype != AF_INET || hp->h_length != INADDRSZ) - return; + return 0; hp->h_addrtype = AF_INET6; hp->h_length = IN6ADDRSZ; for (ap = hp->h_addr_list; *ap; ap++) @@ -71,11 +71,8 @@ map_v4v6_hostent (struct hostent *hp, char **bpp, int *lenp) int i = sizeof (align) - ((u_long) *bpp % sizeof (align)); if (*lenp < (i + IN6ADDRSZ)) - { - /* Out of memory. Truncate address list here. XXX */ - *ap = NULL; - return; - } + /* Out of memory. */ + return 1; *bpp += i; *lenp -= i; map_v4v6_address (*ap, *bpp); @@ -83,4 +80,5 @@ map_v4v6_hostent (struct hostent *hp, char **bpp, int *lenp) *bpp += IN6ADDRSZ; *lenp -= IN6ADDRSZ; } + return 0; } diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c index 62e67e8b01..818a40a898 100644 --- a/resolv/nss_dns/dns-host.c +++ b/resolv/nss_dns/dns-host.c @@ -878,7 +878,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype, } bp += n; linebuflen -= n; - map_v4v6_hostent (result, &bp, &linebuflen); + if (map_v4v6_hostent (result, &bp, &linebuflen)) + goto too_small; } *h_errnop = NETDB_SUCCESS; return NSS_STATUS_SUCCESS; @@ -953,7 +954,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype, } if (have_to_map) - map_v4v6_hostent (result, &bp, &linebuflen); + if (map_v4v6_hostent (result, &bp, &linebuflen)) + goto too_small; *h_errnop = NETDB_SUCCESS; return NSS_STATUS_SUCCESS; } -- cgit 1.4.1