This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[PATCH] Handle running out of buffer space with IPv6 mapping enabled

From: Andreas Schwab <schwab at redhat dot com>
To: libc-alpha at sourceware dot org
Date: Tue, 10 Nov 2009 13:05:03 +0100
Subject: [PATCH] Handle running out of buffer space with IPv6 mapping enabled

With big DNS answers like the one you get for goodtimesdot.com you can
get a truncated address list if IPv6 mapping is enabled.  Instead tell
the caller to resize the buffer.

Andreas.

2009-11-10  Andreas Schwab  <schwab@redhat.com>

	* resolv/mapv4v6hostent.h (map_v4v6_hostent): Return non-zero if
	out of buffer space.
	* resolv/nss_dns/dns-host.c (getanswer_r): Check for
	map_v4v6_hostent running out of space.

diff --git a/resolv/mapv4v6hostent.h b/resolv/mapv4v6hostent.h
index 4151ce3..c11038a 100644
--- a/resolv/mapv4v6hostent.h
+++ b/resolv/mapv4v6hostent.h
@@ -57,13 +57,13 @@ typedef union {
     char ac;
 } align;
 
-static void
+static int
 map_v4v6_hostent (struct hostent *hp, char **bpp, int *lenp)
 {
   char **ap;
 
   if (hp->h_addrtype != AF_INET || hp->h_length != INADDRSZ)
-    return;
+    return 0;
   hp->h_addrtype = AF_INET6;
   hp->h_length = IN6ADDRSZ;
   for (ap = hp->h_addr_list; *ap; ap++)
@@ -71,11 +71,8 @@ map_v4v6_hostent (struct hostent *hp, char **bpp, int *lenp)
       int i = sizeof (align) - ((u_long) *bpp % sizeof (align));
 
       if (*lenp < (i + IN6ADDRSZ))
-	{
-	  /* Out of memory.  Truncate address list here.  XXX */
-	  *ap = NULL;
-	  return;
-	}
+	/* Out of memory.  */
+	return 1;
       *bpp += i;
       *lenp -= i;
       map_v4v6_address (*ap, *bpp);
@@ -83,4 +80,5 @@ map_v4v6_hostent (struct hostent *hp, char **bpp, int *lenp)
       *bpp += IN6ADDRSZ;
       *lenp -= IN6ADDRSZ;
     }
+  return 0;
 }
diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
index 62e67e8..818a40a 100644
--- a/resolv/nss_dns/dns-host.c
+++ b/resolv/nss_dns/dns-host.c
@@ -878,7 +878,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
 		}
 	      bp += n;
 	      linebuflen -= n;
-	      map_v4v6_hostent (result, &bp, &linebuflen);
+	      if (map_v4v6_hostent (result, &bp, &linebuflen))
+		goto too_small;
 	    }
 	  *h_errnop = NETDB_SUCCESS;
 	  return NSS_STATUS_SUCCESS;
@@ -953,7 +954,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
 	}
 
       if (have_to_map)
-	map_v4v6_hostent (result, &bp, &linebuflen);
+	if (map_v4v6_hostent (result, &bp, &linebuflen))
+	  goto too_small;
       *h_errnop = NETDB_SUCCESS;
       return NSS_STATUS_SUCCESS;
     }
-- 
1.6.5.2


-- 
Andreas Schwab, schwab@redhat.com
GPG Key fingerprint = D4E8 DBE3 3813 BB5D FA84  5EC7 45C6 250E 6F00 984E
"And now for something completely different."

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]