Bug#626472: libc6: gethostbyname fails if label ends with dash

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#626472: libc6: gethostbyname fails if label ends with dash
From: Lionel Elie Mamane <lionel@mamane.lu>
Date: Thu, 12 May 2011 10:34:01 +0200
Message-id: <[🔎] 20110512083401.GA16597@doggy.mamane.lu>
Reply-to: Lionel Elie Mamane <lionel@mamane.lu>, 626472@bugs.debian.org

Package: libc6
Version: 2.11.2-10
Severity: normal

Compare:

$ host foo-.tumblr.com
foo-.tumblr.com is an alias for proxy-tumblelogs.d1.tumblr.com.
proxy-tumblelogs.d1.tumblr.com has address 174.121.98.168
$

and

$ getent hosts foo-.tumblr.com
$ echo $?
2
$

By contrast:

$ getent hosts foo.tumblr.com
174.121.98.168  proxy-tumblelogs.d1.tumblr.com foo.tumblr.com

tcpdump/wireshark shows that the DNS query for foo-.tumblr.com does go
out, and is answered with the CNAME and A (for
proxy-tumblelogs.d1.tumblr.com), but gethostbyname just returns
failure with errno set to EBADMSG. Here's a test program that shows
that:

#include <stdio.h>
#include <error.h>
#include <netdb.h>
#include <sys/socket.h>
#include <errno.h>

int main (int argc, char *argv[]) {
  char *hostname = "foo-.tumblr.com";
  struct hostent *r=gethostbyname2(hostname, AF_INET);
  perror("ghbn2 returned error");
  return 0;
}


As a consequence, any program that uses gethostbyname (and possibly
other glibc name resolution interfaces) cannot resolve any domain name
that contain a label that ends with a dash, or possibly this is
limited to the ones that resolve to a CNAME.

Labels that end with a dash ("-") in in a domain name are not 100%
RFC-conformant, but they are used in the wild, e.g. in
http://barefeetdreams-.tumblr.com/
I presume that the DNS stub resolver of "other OS" accepts to resolve
such a name, else the author of the above page would have noticed her
blog is not reachable.
On a Debian GNU/Linux machine, trying to load this URL won't work,
obviously, because of this bug. You can work around that and check for
yourself there is an active website behind that address by adding
174.121.98.168	barefeetdreams-.tumblr.com
to /etc/hosts

For interoperability purposes, I think it would be best to accept such
"technically invalid" domains.

-- System Information:
Debian Release: squeeze/sid
  APT prefers oldstable
  APT policy: (500, 'oldstable'), (500, 'stable'), (400, 'testing'), (300, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_LU.UTF-8, LC_CTYPE=fr_LU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libc6 depends on:
ii  libc-bin                      2.11.2-10  Embedded GNU C Library: Binaries
ii  libgcc1                       1:4.4.5-8  GCC support library

libc6 recommends no packages.

Versions of packages libc6 suggests:
ii  debconf [debconf-2.0]  1.5.24            Debian configuration management sy
ii  glibc-doc              2.11.2-6+squeeze1 Embedded GNU C Library: Documentat
ii  locales                2.11.2-6+squeeze1 Embedded GNU C Library: National L

-- debconf information:
* glibc/upgrade: true
* glibc/disable-screensaver:
  glibc/restart-failed:
* glibc/restart-services: gdm openbsd-inetd exim4 cups cron

Reply to:

Follow-Ups:
- Bug#626472: libc6: gethostbyname fails if label ends with dash
  - From: Lionel Elie Mamane <lionel@mamane.lu>

Prev by Date: Processed: forcemerge
Next by Date: Bug#626457: Bug#626450: Acknowledgement (lost /lib64 -> /lib symlink on
Previous by thread: Processed: forcemerge
Next by thread: Bug#626472: libc6: gethostbyname fails if label ends with dash
Index(es):
- Date
- Thread