diff options
| author | Eric Andersen <andersen@codepoet.org> | 2007-02-02 00:30:30 +0000 | 
|---|---|---|
| committer | Eric Andersen <andersen@codepoet.org> | 2007-02-02 00:30:30 +0000 | 
| commit | b38dc057f7bff85d052b5560aecd17ce78efabc0 (patch) | |
| tree | c11b8ab3fa5c840942f6bf8607a559c002f8b0a8 | |
| parent | 9af4b40d3886077df93b02458026f6a9766ac6c9 (diff) | |
Ronald Maeder writes:
Hi Erik,
Thanks for all your great work.  I found a set of bugs in
resolv.c .  Basically, there is code that looks like:
        BIGLOCK;
        __nameserversXX=__nameservers;
        __nameserverXX=__nameserver;
        BIGUNLOCK;
        i = __dns_lookup(dname, type, __nameserversXX, __nameserverXX, &packet, &a);
which is a problem because the declarations are
int __nameservers;
char * __nameserver[MAX_SERVERS];
int __searchdomains;
char * __searchdomain[MAX_SEARCH];
so you can see that __nameserver is a pointer.  Copying the
pointer to __nameserverXX doesn't protect the global variable
space.  I have attached a patch and the new file.  I hope you
will incorporate these bug fixes.  I spent quite a bit of time
tracking them down.
Many thanks,
Ron
| -rw-r--r-- | libc/inet/resolv.c | 12 | 
1 files changed, 12 insertions, 0 deletions
| diff --git a/libc/inet/resolv.c b/libc/inet/resolv.c index 68b096e1b..a910c9adf 100644 --- a/libc/inet/resolv.c +++ b/libc/inet/resolv.c @@ -753,7 +753,11 @@ int attribute_hidden __dns_lookup(const char *name, int type, int nscount, char  		++local_id;  		local_id &= 0xffff;  		h.id = local_id; +		BIGLOCK; +		/* this is really __nameserver[] which is a global that +		   needs a lock!! */  		dns = nsip[local_ns]; +		BIGUNLOCK;  		h.qdcount = 1;  		h.rd = 1; @@ -788,7 +792,11 @@ int attribute_hidden __dns_lookup(const char *name, int type, int nscount, char  				retries+1, NAMESERVER_PORT, dns);  #ifdef __UCLIBC_HAS_IPV6__ +		BIGLOCK; +		/* 'dns' is really __nameserver[] which is a global that +		   needs a lock!! */  		v6 = inet_pton(AF_INET6, dns, &sa6.sin6_addr) > 0; +		BIGUNLOCK;  		fd = socket(v6 ? AF_INET6 : AF_INET, SOCK_DGRAM, IPPROTO_UDP);  #else  		fd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); @@ -809,7 +817,11 @@ int attribute_hidden __dns_lookup(const char *name, int type, int nscount, char  #endif  		    sa.sin_family = AF_INET;  		    sa.sin_port = htons(NAMESERVER_PORT); +		    BIGLOCK; +		    /* 'dns' is really __nameserver[] which is a global that +		       needs a lock!! */  		    sa.sin_addr.s_addr = inet_addr(dns); +		    BIGUNLOCK;  		    rc = connect(fd, (struct sockaddr *) &sa, sizeof(sa));  #ifdef __UCLIBC_HAS_IPV6__  		} | 
