Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 21 Jun 2018 22:26:40 -0400
From: Rich Felker <dalias@...c.org>
To: Marco Dickert <marco@...terunknown.de>
Cc: musl@...ts.openwall.com
Subject: Re: Bug in getaddrinfo

On Fri, Jun 22, 2018 at 12:04:31AM +0200, Marco Dickert wrote:
> Hi all.
> 
> I found a bug in the musl implementation of getaddrinfo(). It apparently returns
> a bad ai_canonname value. I used this [1] code to produce the following results
                                        ^^^
Please attach testcases rather than linking to transient pastebins.
I've saved and attached the linked code here.

> on an alpine linux (edge):
> 
> ----
> alpine:~# ./addrinfo-test mail.misterunknown.de
> Result 0 0xda051c83080
> Canonname mail.misterunknown.de
> alpine:~# ./addrinfo-test mail.misterunknown.de.
> Result 0 0x53f7dac4080
> Canonname mail.misterunknown.de.
> ----
> 
> The problem is the trailing dot in the Commonname in the second example, which
> should not be there. See also this [2] bug report I opened in the first place.

Per POSIX,

    if the canonical name is not available, then ai_canonname shall
    refer to the nodename argument or a string with the same contents.

It's not entirely clear what "available" means, but I think it's
generally interpreted as meaning "the requested name is a CNAME".

On the other hand we already define availability for another case,
search domains, where a duplicate of the requested nodename argument
is not returned, so I think it's reasonable to make a change here too,
especially if that's what other implementations do. I'll take a look
at it.

Thanks for the report.

Rich

View attachment "addrinfo-test.c" of type "text/plain" (593 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ