Bug#135182: marked as done (libc6: gethostbyname2(inet6) trashes pointer when multiple addrs in /etc/hosts)
Your message dated Fri, 02 Jul 2004 20:43:19 +0900
with message-id <81wu1miqi0.wl@omega.webmasters.gr.jp>
and subject line libc6: gethostbyname2(inet6) trashes pointer when multiple addrs in /etc/hosts
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 22 Feb 2002 12:49:38 +0000
>From raeburn@raeburn.org Fri Feb 22 06:49:38 2002
Return-path: <raeburn@raeburn.org>
Received: from 209-6-22-64.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com (raeburn.org) [209.6.22.64]
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 16eF8r-00050p-00; Fri, 22 Feb 2002 06:49:37 -0600
Received: from rsx-11.raeburn.org ([18.101.0.232])
by raeburn.org (8.11.3/8.11.3) with ESMTP id g1MCnQZ23069;
Fri, 22 Feb 2002 07:49:26 -0500 (EST)
Received: from raeburn by rsx-11.raeburn.org with local (Exim 3.34 #1 (Debian))
id 16eF8f-0004qE-00; Fri, 22 Feb 2002 07:49:25 -0500
From: Ken Raeburn <raeburn@raeburn.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: libc6: gethostbyname2(inet6) trashes pointer when multiple addrs in /etc/hosts
X-Reportbug-Version: 1.42
X-Mailer: reportbug 1.42
Date: Fri, 22 Feb 2002 07:49:25 -0500
Message-Id: <E16eF8f-0004qE-00@rsx-11.raeburn.org>
Delivered-To: submit@bugs.debian.org
Package: libc6
Version: 2.2.5-3
Severity: normal
I found this while looking into why "ping6" always crashed on my
laptop when I tried to ping one of my machines. The target machine in
question is listed in /etc/hosts with both ipv4 and ipv6 addresses,
two of each. My nsswitch.conf file includes:
hosts: files dns
so the hosts file is consulted first.
The ping6 program uses gethostbyname2 with an AF_INET6 argument. My
simple test program using that function and test /etc/hosts entry
shows similar problems:
% cat test2.c
#include <stdio.h>
#include <netdb.h>
int main (int argc, char *argv[]) {
int i, j;
struct hostent *hp = gethostbyname2 (argv[1], AF_INET6);
if (hp == 0) { printf ("host unknown\n"); return 1; }
for (i = 0; hp->h_addr_list[i]; i++) {
printf ("address @%p: ", hp->h_addr_list[i]), fflush (stdout);
for (j = 0; j < hp->h_length; j++)
printf (" %02x", 0xff & hp->h_addr_list[i][j]);
printf ("\n");
}
}
% grep foo.bar /etc/hosts
1234:5::abcd foo.bar
2345:6::abcd foo.bar
% ./test2 foo.bar
address @0xcdab0000: Segmentation fault (core dumped)
Exit 139
%
The first pointer in the h_addr_list array is bogus. From the value
of the pointer's bytes, and some experimentation, it appears that the
pointer is being overwritten with the low four bytes of the last IPv6
address listed. The other pointers are okay, and do point to the
correct 2nd through Nth addresses in file order.
The problem goes away if there's only one IPv6 address for the host in
the hosts file. Things also work fine if I delete the hosts file
entries altogether and fall back to DNS (but I'd rather not, since I
don't have PTR records).
-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux rsx-11 2.4.16 #3 Wed Dec 12 23:39:39 MST 2001 i686
Locale: LANG=C, LC_CTYPE=C
---------------------------------------
Received: (at 135182-done) by bugs.debian.org; 2 Jul 2004 11:43:20 +0000
>From gotom@debian.or.jp Fri Jul 02 04:43:20 2004
Return-path: <gotom@debian.or.jp>
Received: from omega.webmasters.gr.jp (webmasters.gr.jp) [218.44.239.78]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BgMRs-0001GJ-00; Fri, 02 Jul 2004 04:43:20 -0700
Received: from omega.webmasters.gr.jp (localhost [127.0.0.1])
by webmasters.gr.jp (Postfix) with ESMTP id A2958DEB58
for <135182-done@bugs.debian.org>; Fri, 2 Jul 2004 20:43:19 +0900 (JST)
Date: Fri, 02 Jul 2004 20:43:19 +0900
Message-ID: <81wu1miqi0.wl@omega.webmasters.gr.jp>
From: GOTO Masanori <gotom@debian.or.jp>
To: 135182-done@bugs.debian.org
Subject: Re: libc6: gethostbyname2(inet6) trashes pointer when multiple addrs in /etc/hosts
User-Agent: Wanderlust/2.9.9 (Unchained Melody) SEMI/1.14.3 (Ushinoya)
FLIM/1.14.3 (=?ISO-8859-4?Q?Unebigory=F2mae?=) APEL/10.3 Emacs/21.2
(i386-debian-linux-gnu) MULE/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.3 - "Ushinoya")
Content-Type: text/plain; charset=US-ASCII
Delivered-To: 135182-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
This bug has been fixed with glibc 2.3.2.ds1-13. I close this bug.
gotom@moog:~/debian/glibc/bugs/135182> grep foo.bar /etc/hosts
1234:5::abcd foo.bar
2345:6::abcd foo.bar
gotom@moog:~/debian/glibc/bugs/135182> ./test2 foo.bar
address @0x804a008: 12 34 00 05 00 00 00 00 00 00 00 00 00 00 ab cd
address @0x804a03c: 23 45 00 06 00 00 00 00 00 00 00 00 00 00 ab cd
Regards,
-- gotom
Reply to: