summaryrefslogtreecommitdiff
path: root/libc/inet
AgeCommit message (Collapse)Author
2022-05-12DnsLookup: Configurable dnsQueryId generation including randomhanishkvc
Dns lookup logic has been updated to provide a configurable compile time selection of dns query id generation logics, including random, where possible, instead of the previous simple counter mode. This should make dns poison attempts more difficult. The uclibc developers wish to thank the white hat teams which alerted the community about the possible weakness in the dns path, given the increased resources with adversaries today. Given that embedded systems may or may not have sources for trying to generate random numbers, and also to try and keep the load on the system low, by default it uses the standard random prng based logic to indirectly generate the ids. However if either urandom or else if realtime clock is available on the target, then the same is used to reseed the prng periodically in a slightly non deterministic manner. Also additional transform (one way where possible) is used to avoid directly exposing the internal random sequence. The dns lookup logic maintains its own state wrt the random prng functions, so that other users of the library's random prng are not affected wrt their operations with the prng. Note to Platform developers: If you want to change from the default prngplus based logic, to one of the other logics provided, then during compile/config time you can switch to one of these additional choices wrt dns query id generation, by using make config and companions. If your platform doesnt support urandom nor a realtime clock backed by a source with sufficient resolution, and or for some reason if you want to revert to previous simple counter, rather than the transformed random prng plus logic, you can force the same at compile time by selecting SimpleCounter mode. If you want to increase the randomness of the generated ids, and dont mind the increased system load and latency then you could select the Urandom mode during config. Do note that it will be dipping into the entropy pool maintained by ur system. If your target has a system realtime clock available and exposed to user space, and inturn if you want to keep the underlying logic simple, you could try using the clock option from the config. However do note that the clock should have nanosecond resolution to help generate ids which are plausibly random. Also improvements to processor and or io performance can affect this. Wrt the URandom and Clock modes, if there is a failure with generation of the next random value, the logic tries to fallback to simple counter mode. If you want to change the underlying logic to make it more random and or more simple, look at dnsrand_setup and dnsrand_next. Signed-off-by: hanishkvc <hanishkvc@gmail.com>
2022-01-21fix compile for Linuxthreads enabledWaldemar Brodkorb
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
2021-11-26libc/inet/resolv: fix per thread res_state accessPeter Seiderer
- use the provided __res_state() method instead of direct access to struct __res_state pointer &_res/*__resp - change the __UCLIBC_HAS_TLS__ protected __res_state() implementation to the one where the comment 'When threaded, _res may be a per-thread variable.' indicates this should be used with threads/TLS enabled Fixes the following segfaults with buildroot raspberrypi3_64_defconfig (uclibc, -Os, Note: runs fine using the raspberrypi3_defconfig): $ /usr/sbin/ntpd -n -d 1970-01-01T00:01:49 ntpd[249]: INIT: ntpd ntpsec-1.2.0 2021-11-03T20:39:50Z: Starting 1970-01-01T00:01:49 ntpd[249]: INIT: Command line: /usr/sbin/ntpd -n -d 1970-01-01T00:01:49 ntpd[249]: INIT: precision = 7.240 usec (-17) 1970-01-01T00:01:49 ntpd[249]: INIT: successfully locked into RAM 1970-01-01T00:01:49 ntpd[249]: CONFIG: readconfig: parsing file: /etc/ntp.conf 1970-01-01T00:01:49 ntpd[249]: CONFIG: restrict nopeer ignored 1970-01-01T00:01:49 ntpd[249]: INIT: Using SO_TIMESTAMPNS 1970-01-01T00:01:49 ntpd[249]: IO: Listen and drop on 0 v6wildcard [::]:123 1970-01-01T00:01:49 ntpd[249]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123 1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 2 lo 127.0.0.1:123 1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 3 eth0 172.16.0.30:123 1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 4 lo [::1]:123 1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 5 eth0 [fe80::ba27:ebff:fea6:340%2]:123 1970-01-01T00:01:49 ntpd[249]: IO: Listening on routing socket on fd #22 for interface updates 1970-01-01T00:01:50 ntpd[249]: SYNC: Found 10 servers, suggest minsane at least 3 1970-01-01T00:01:50 ntpd[249]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes 1970-01-01T00:01:50 ntpd[249]: statistics directory /var/NTP/ does not exist or is unwriteable, error No such file or directory 1970-01-01T00:01:51 ntpd[249]: DNS: dns_probe: 0.pool.ntp.org, cast_flags:8, flags:101 Segmentation fault (core dumped) $ ./host/bin/aarch64-buildroot-linux-uclibc-gdb ./build/ntpsec-1_2_0/build/main/ntpd/ntpd core Core was generated by `/usr/sbin/ntpd -n -d'. Program terminated with signal SIGSEGV, Segmentation fault. (gdb) where #0 0x0000007f8ff1f150 in res_sync_func () at libc/inet/resolv.c:3356 #1 0x0000007f8ff1c468 in __open_nameservers () at libc/inet/resolv.c:949 #2 0x0000007f8ff1b498 in __dns_lookup (name=0x55943c67f0 "0.pool.ntp.org", type=1, outpacket=0x7f8fe91c48, a=0x7f8fe91c08) at libc/inet/resolv.c:1134 #3 0x0000007f8ff1d744 in __GI_gethostbyname_r ( name=0x55943c67f0 "0.pool.ntp.org", result_buf=0x7f8fe92628, buf=0x7f8fe91d90 "", buflen=992, result=0x7f8fe92670, h_errnop=0x7f8fe92668) at libc/inet/resolv.c:1966 #4 0x0000007f8ff1d9a0 in __GI_gethostbyname2_r ( name=0x55943c67f0 "0.pool.ntp.org", family=2, result_buf=0x7f8fe92628, buf=0x7f8fe91d70 "0.pool.ntp.org", buflen=1024, result=0x7f8fe92670, h_errnop=0x7f8fe92668) at libc/inet/resolv.c:2065 #5 0x0000007f8ff16924 in gaih_inet (name=0x55943c67f0 "0.pool.ntp.org", service=0x7f8fe92828, req=0x7f8fe92890, pai=0x7f8fe92838) at libc/inet/getaddrinfo.c:596 #6 0x0000007f8ff17624 in __GI_getaddrinfo ( name=0x55943c67f0 "0.pool.ntp.org", service=0x5582eb8acd "\377H\213D$\bL\211\367H\213\260\270", hints=0x7f8fe92890, pai=0x5582ee1bf8) at libc/inet/getaddrinfo.c:957 #7 0x0000005582ea60f4 in _start () (gdb) p _res $1 = {options = 0, nsaddr_list = {{sin_family = 0, sin_port = 0, sin_addr = { s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, { sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}}, dnsrch = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, nscount = 0 '\000', ndots = 0 '\000', retrans = 0 '\000', retry = 0 '\000', defdname = '\000' <repeats 255 times>, nsort = 0 '\000', pfcode = 0, id = 0, res_h_errno = 0, sort_list = {{addr = { s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = { s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = { s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = { s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = { s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}}, _u = { _ext = {nsaddrs = {0x0, 0x0, 0x0}, nscount = 0 '\000', nstimes = {0, 0, 0}, nssocks = {0, 0, 0}, nscount6 = 0, nsinit = 0}}} (gdb) p &_res $2 = (struct __res_state *) 0x7f8ff8fd98 <_res> (gdb) p rp $3 = (struct __res_state *) 0x7fffffffff And the following uclibc code at libc/inet/resolv.c:3356: 3345 static void res_sync_func(void) 3346 { 3347 struct __res_state *rp = &(_res); 3348 int n; 3349 3350 /* If we didn't get malloc failure earlier... */ 3351 if (__nameserver != (void*) &__local_nameserver) { 3352 /* TODO: 3353 * if (__nameservers < rp->nscount) - try to grow __nameserver[]? 3354 */ 3355 #ifdef __UCLIBC_HAS_IPV6__ 3356 if (__nameservers > rp->_u._ext.nscount) 3357 __nameservers = rp->_u._ext.nscount; 3358 n = __nameservers; The special thing about ntpsec is the DNS lookup in an extra thread and/or the call to res_init(), see ntpsec-1_2_0/ntpd/ntp_dns.c: 69 msyslog(LOG_INFO, "DNS: dns_probe: %s, cast_flags:%x, flags:%x%s", 70 hostname, pp->cast_flags, pp->cfg.flags, busy); 71 if (NULL != active) /* normally redundant */ 72 return false; 73 74 active = pp; 75 76 sigfillset(&block_mask); 77 pthread_sigmask(SIG_BLOCK, &block_mask, &saved_sig_mask); 78 rc = pthread_create(&worker, NULL, dns_lookup, pp); and 165 static void* dns_lookup(void* arg) 166 { 167 struct peer *pp = (struct peer *) arg; 168 struct addrinfo hints; 169 170 #ifdef HAVE_SECCOMP_H 171 setup_SIGSYS_trap(); /* enable trap for this thread */ 172 #endif 173 174 #ifdef HAVE_RES_INIT 175 /* Reload DNS servers from /etc/resolv.conf in case DHCP has updated it. 176 * We only need to do this occasionally, but it's not expensive 177 * and simpler to do it every time than it is to figure out when 178 * to do it. 179 * This res_init() covers NTS too. 180 */ 181 res_init(); 182 #endif 183 184 if (pp->cfg.flags & FLAG_NTS) { 185 #ifndef DISABLE_NTS 186 nts_probe(pp); 187 #endif 188 } else { 189 ZERO(hints); 190 hints.ai_protocol = IPPROTO_UDP; 191 hints.ai_socktype = SOCK_DGRAM; 192 hints.ai_family = AF(&pp->srcadr); 193 gai_rc = getaddrinfo(pp->hostname, NTP_PORTA, &hints, &answer); 194 } $ /usr/lib/uclibc-ng-test/test/inet/tst-res Segmentation fault (core dumped) $ ./host/bin/aarch64-buildroot-linux-uclibc-gdb ./build/uclibc-ng-test-0844445e7358eb10e716155b55b0fb23e88d644a/test/inet/tst-res core Core was generated by `/usr/lib/uclibc-ng-test/test/inet/tst-res'. Program terminated with signal SIGSEGV, Segmentation fault. (gdb) where #0 __GI___res_init () at libc/inet/resolv.c:3514 #1 0x0000005591e507e4 in main (argc=<optimized out>, argv=<optimized out>) at tst-res.c:20 First reported here: https://lore.kernel.org/buildroot/20211028230131.5f50d6e7@gmx.net/ https://www.mail-archive.com/devel@uclibc-ng.org/msg01085.html Signed-off-by: Peter Seiderer <ps.report@gmx.net>
2021-08-09libc/inet/resolv.c: add __hnbad to check DNS entries for validity…mirabilos
… using the same rules glibc does also call __hnbad in some places to check answers
2021-08-09make __{en,de}code_dotted into macrosmirabilos
they merely call dn_{comp,expand} slightly rearranging the arguments Signed-off-by: mirabilos <mirabilos@evolvis.org>
2021-08-09actually remove the ifdeffed-out code from the previous commitmirabilos
Signed-off-by: mirabilos <mirabilos@evolvis.org>
2021-08-09libc/inet/resolv.c: use dn_{comp,expand} for __{en,de}code_dottedmirabilos
Minimal-invasive change: just ifdeffing away the older code. There is no reason to have two different sets of functions doing the same thing, one used in half the code and another, doing less escaping, in the other half; just use one. Signed-off-by: mirabilos <mirabilos@evolvis.org>
2020-09-21Support b64_ntop(), b64_pton() (bsd-compat)Waldemar Brodkorb
Signed-off-by: akater <nuclearspace@gmail.com>
2020-06-19inet: add sockatmark implementationClement Leger
Import musl C sockatmark implementation into uClibc-ng. Signed-off-by: Clement Leger <cleger@kalray.eu> Acked-by: Yann Sionneau <ysionneau@kalray.eu>
2020-01-30Fix map_newlink abort when interface list changes during getifaddrsVincent Hou
map_newlink() may abort when interface list changed between netlink request for getting interfaces and getting addresses. This commit is ported from the same change from glibc commit. Signed-off-by: Vincent Hou <vincent.houyi@gmail.com>
2018-12-14fix issues in ethers.cWaldemar Brodkorb
Old version manages strings the regular way (i.e. counting on zero-ended sequences). In fact strings captured from the /etc/ethers file are '\n'-ended. So, for example, using strchr function could lead to buffer overflow. Reported-by: "Andrey V. Zhmurin" <zhmurin_a@mcst.ru
2018-10-20do not expose recvmmsg/sendmmsg for unsupported kernelsWaldemar Brodkorb
2017-11-02convert accept4() to use cancel.h macrosWaldemar Brodkorb
2017-10-08socketcall: fix compile issue with older Linux kernelWaldemar Brodkorb
2017-10-01recvmmsg/sendmmsg: add recvmmsg sendmmsg support.Guo Ren
The recvmmsg and sendmmsg is very important for UDP stream application. If we only use recvmsg for UDP stream, it will only copy one mtu size of data in a syscall. And recvmmsg copy as many as you want in a syscall. So recvmmsg is more efficient,and some applications will depends on the recvmmsg and sendmmsg, eg: UDP media stream player. Signed-off-by: Guo Ren <ren_guo@c-sky.com>
2017-06-21remove editor hints for viWaldemar Brodkorb
2017-06-06fix gcc warning with -Wmisleading-indentationWaldemar Brodkorb
2017-03-20remove RPC implementationWaldemar Brodkorb
The included RPC implementation is ipv4 only. Other C library projects have either deprecated the internal RPC implementation (GNU C Library) or never implemented such functionality (musl C Library). The latest rpcbind release (0.2.4) checks for libtirpc and does not allow to be build with uClibc-ng RPC without patching. The common use case for RPC nowadays is to use rpcbind together with nfs-utils to provide NFS server or client support to a system. The included RPC implementation does create issues with duplicate symbol failures when statically compiling with RPC enabled.
2016-12-30inet: fix getnameinfo problem found by new test casesWaldemar Brodkorb
Follow documented behaviour: http://man7.org/linux/man-pages/man3/getnameinfo.3.html Sync with GNU libc behaviour.
2016-12-30remove inline changelog, we have gitWaldemar Brodkorb
2016-12-02remove libintl stub and libintl.h headerWaldemar Brodkorb
As __UCLIBC_HAS_GETTEXT_AWARENESS__ is never defined, this is mostly dead code. It is planned to integrate libiconv-tiny and gettext-tiny into uClibc-ng after the next release, so that more software packages can be used without modification. Remove any _/_N macro usage.
2016-08-05sunrpc: Do not use alloca in clntudp_callWaldemar Brodkorb
CVE-2016-4429: The call is technically in a loop, and under certain circumstances (which are quite difficult to reproduce in a test case), alloca can be invoked repeatedly during a single call to clntudp_call. As a result, the available stack space can be exhausted (even though individual alloca sizes are bounded implicitly by what can fit into a UDP packet, as a side effect of the earlier successful send operation). From GNU libc: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=bc779a1a5b3035133024b21e2f339fe4219fb11c
2016-06-24inet/resolv: Try search domains first for unqualified namesIngo van Lil
When resolving an unqualified host name, the resolver tries the original name first before appending the domains from the search list. If a TLD with the same name exists, the query will succeed (but yield no A record) and the resolver will return HOST_NOT_FOUND without trying the search domains. This patch changes the lookup order for unqualified host names (without dots) to try the search domains first and the original name last. Signed-off-by: Ingo van Lil <inguin@gmx.de>
2016-06-21inet/getaddrinfo: fix AF_V4MAPPED behavior for non IPv6 host resolutionWenzel, Alexander
When trying to resolve a hostname by getaddrinfo() using some specific settings, it will always return -EAI_NONAME (Name or service not known). To reproduce this behavior, you need to request an IPv6 address with the additional AF_V4MAPPED flag set from an non IPv6 capable hostname. If you choose a IPv4/IPv6 capable hostname like google.com, everything works fine. This patch is more or less a port [1][2] from the glibc and their behavior for the AF_V4MAPPED flag. To test the bug you can use the following snippet. ---- 8< ---- int ret; struct addrinfo* result; struct addrinfo hints; memset(&hints, 0, sizeof(struct addrinfo)); hints.ai_family = AF_INET6; hints.ai_flags = AI_V4MAPPED; ret = getaddrinfo("test.com", NULL, &hints, &result); printf("getaddrinfo(): %i", ret); ---- 8< ---- [1] https://sourceware.org/git/?p=glibc.git;a=commit;f=sysdeps/posix/getaddrinfo.c;h=925c3c5c71596c02f7e58a0ffcdcaae44eb065c1 [2] https://sourceware.org/git/?p=glibc.git;a=commit;f=sysdeps/posix/getaddrinfo.c;h=28977c2c1acb789660ad47e0d88e42486059c916 Signed-off-by: Alexander Wenzel <alexander.wenzel@qsc.de>
2016-06-01remove MJN only debug messagesWaldemar Brodkorb
2016-03-10getaddrinfo: correct AI_V4MAPPED handlingPeter Korsgaard
As recently reported on the Buildroot list: http://lists.busybox.net/pipermail/buildroot/2016-March/155325.html DNS lookups with Node.js currently fails on uClibc-ng. The reason for this is the way AI_V4MAPPED is handled. According to POSIX, AI_V4MAPPED should be ignored unless ai_family is AF_INET6: http://pubs.opengroup.org/onlinepubs/9699919799/functions/freeaddrinfo.html If the AI_V4MAPPED flag is specified along with an ai_family of AF_INET6, then getaddrinfo() shall return IPv4-mapped IPv6 addresses on finding no matching IPv6 addresses (ai_addrlen shall be 16). The AI_V4MAPPED flag shall be ignored unless ai_family equals AF_INET6. uClibc-ng was also handling AI_V4MAPPED for AF_UNSPEC, fix that. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-10DNS: Don't apply search domains to PTR lookupsTim Hockin
This lessens the load on upstream DNS servers (and it was just nonsensical). Signed-off-by: Tim Hockin <thockin@google.com>
2016-03-10DNS: don't count search-path miss as a retryTim Hockin
Currently a miss on a search-path entry is counted as a retry. This means that users with more than (num_nameservers * retries) entries in their search path list fail before trying all search paths. Concretely, a single nameserver with 4 search paths will never try the 4th search because the default retry is 3. The code doesn't currently retry a given nameserver in case of an error, so retries is sort of meaningless (though there are some comments indicating it might come). This change only treats total failure of a nameserver (try next server) as a retry. Signed-off-by: Tim Hockin <thockin@google.com>
2016-02-24Replace /etc/resolv.conf with _PATH_RESCONF to allow portability of the code ↵Ubaldo Porcheddu
on system where resolv.conf is not in /etc . Signed-off-by: Ubaldo Porcheddu <ubaldo@eja.it>
2016-01-31Make sure to always terminate decoded stringWaldemar Brodkorb
Write a terminating '\0' to dest when the first byte of the encoded data is 0. This corner case was previously missed. Signed-off-by: Daniel Fahlgren <daniel@fahlgren.se> Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
2016-01-31Do not follow compressed items forever.Waldemar Brodkorb
It is possible to get stuck in an infinite loop when receiving a specially crafted DNS reply. Exit the loop after a number of iteration and consider the packet invalid. Signed-off-by: Daniel Fahlgren <daniel@fahlgren.se> Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
2016-01-02libc/inet: Unbreak gethostent()Waldemar Brodkorb
Although gethostent() is obsoleted, there is no reason to keep it broken. Fix two problems: * commit f65e66078b "resolver: switch to config parser" leave an extra break statement in case of GETHOSTENT in __read_etc_hosts_r. In result, output buffer wasn't initialized at all. * gethostent static buffer has insufficient size to store aliases, so __read_etc_hosts_r always returns ERANGE. Restore ALIAS_DIM define. Add test-case. Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com>
2016-01-02Use dynamic buffers for gethostent/gethostbyname/gethostbyaddrWaldemar Brodkorb
Save ~1k static space (.bss) text data bss dec hex filename - 68 0 126 194 c2 libc/inet/gethostent.os - 79 0 460 539 21b libc/inet/gethostbyname2.os - 83 0 460 543 21f libc/inet/gethostbyaddr.os + 98 0 24 122 7a libc/inet/gethostent.os + 110 0 24 134 86 libc/inet/gethostbyname2.os + 113 0 24 137 89 libc/inet/gethostbyaddr.os ================================================================== +91 -974 Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com>
2016-01-02inet/getaddrinfo: simplest /etc/gai.conf to control IPv6/IPv4 addresses sort ↵Leonid Lisovskiy
order Implement simplest variant of /etc/gai.conf to control getaddrinfo IPv6/IPv4 addresses sorting. Keep the default sort order - IPv6 first, IPv4 second. To invert it, create /etc/gai.conf containing single line: precedence ::ffff:0:0/96 100 Example before: $ nslookup security.debian.org 8.8.8.8 Server: 8.8.8.8 Address 1: 8.8.8.8 google-public-dns-a.google.com Name: security.debian.org Address 1: 2001:a78:5:0:216:35ff:fe7f:be4f villa.debian.org Address 2: 2001:a78:5:1:216:35ff:fe7f:6ceb lobos.debian.org Address 3: 195.20.242.89 wieck.debian.org Address 4: 212.211.132.250 lobos.debian.org Address 5: 212.211.132.32 villa.debian.org After patch & precedence set in /etc/gai.conf: $ nslookup security.debian.org 8.8.8.8 Server: 8.8.8.8 Address 1: 8.8.8.8 google-public-dns-a.google.com Name: security.debian.org Address 1: 195.20.242.89 wieck.debian.org Address 2: 212.211.132.250 lobos.debian.org Address 3: 212.211.132.32 villa.debian.org Address 4: 2001:a78:5:0:216:35ff:fe7f:be4f villa.debian.org Address 5: 2001:a78:5:1:216:35ff:fe7f:6ceb lobos.debian.org bloat-o-meter report: function old new delta getaddrinfo 726 1138 +412 gaih_inet 2660 2692 +32 .rodata 16618 16643 +25 __gai_precedence - 1 +1 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 4/0 up/down: 882/0) Total: 470 bytes Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com>
2015-12-22resolv: fix gethostbyname2_r to match gethostbyname_r, fixing bugs with AAAA ↵Waldemar Brodkorb
lookups The latter half of gethostbyname2_r (doing AAAA queries) is rather dramatically different from the corresponding portion of gethostbyname_r (doing A queries). This leads to problems like calls to getaddrinfo only returning one IPv6 address, even when multiple exist. Seems to be entirely a case of divergent evolution -- a half-decade of fixes for the IPv4 code but no love for IPv6. Until now. ;) DNS behaviour for IPv6 is really no different than for IPv4 -- beyond the difference in address sizes, there's no need for the functions to be so different. Consequently, this patch really is almost just a cut-and-paste of gethostbyname_r, with the appropriate substitutions of in6_addr, AF_INET6, etc; while holding on to the few extra bits that actually belong in there (eg #ifdef __UCLIBC_HAS_IPV6__). Signed-off-by: Wes Campaigne <westacular@gmail.com>
2015-12-22inet/resolv: Fix broken h_aliases list terminator after 2dab3f5Waldemar Brodkorb
Commit 2dab3f5a "resolv: tiny shrinkage in /etc/hosts handling" leads to that read_etc_hosts_r() provide garbage pointer at the end of h_aliases list if more than four hostnames follow a dotted quad in /etc/hosts Test-case: Add following line to /etc/hosts 63.63.0.2 host1 alias2 alias3 alias4 alias5 #include <stdio.h> #include <errno.h> #include <netdb.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> #include <arpa/inet.h> int main (void) { int i; char *a; struct hostent *he; struct in_addr ipv4addr; inet_pton(AF_INET, "63.63.0.2", &ipv4addr); he = gethostbyaddr(&ipv4addr, sizeof ipv4addr, AF_INET); if (he == NULL) exit(1); printf("Host name: '%s'\n", he->h_name); i = 0; while ((a = he->h_aliases[i]) != NULL) { printf("Host alias: '%s'\n", a); ++i; } return 0; } Wrong output: Host name: 'host1' Host alias: 'alias2' Host alias: 'alias3' Host alias: 'alias4' Host alias: 'alias5' Host alias: '??' Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com> Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
2015-12-17resolv: __dns_lookup - immediately switch to next server in case of poll() ↵Waldemar Brodkorb
set error events https://bugs.busybox.net/show_bug.cgi?id=3211 Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com> Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
2015-12-17dynamically allocate ahostbuf bufferWaldemar Brodkorb
Free 1k of static data (.bss) Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com> Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
2015-12-17svc.c: svc_getreqset() buffer overflowWaldemar Brodkorb
http://bugs.busybox.net/show_bug.cgi?id=5588 Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com> Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
2015-12-05good bye vaxWaldemar Brodkorb
I mailed with Jan-Benedict Glaw, it seems VAX on Linux is really a lot of work todo and uClibc support didn't work ever.
2015-11-13i386: use socketcall even if newer linux exposes direct syscallsWaldemar Brodkorb
The changeset 9dea5dc921b5f4045a18c63eb92e84dc274d17eb in the Linux kernel expose the direct syscalls for sockets. For example udhcpc then will use sendto syscall directly and get an EINVAL error. Disable direct syscalls as it was done for SPARC in the past. Musl and GNU libc are not affected, as they already disable direct socket syscalls on i386. Reported-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
2015-04-13libc: Fix page-size in getifaddrs()Bernhard Reutner-Fischer
TODO: this could need a cleanup.. Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
2015-04-12remove link warningsWaldemar Brodkorb
As recently discussed on the pgsql mailinglist, this warnings are more or less useless and some configure scripts are failing when these warnings are enabled. http://www.postgresql.org/message-id/20150320132351.GS3636@alvh.no-ip.org
2015-03-29merge uClibc git masterWaldemar Brodkorb
2015-03-16resolv: fix unaligned tmp buffer corner-caseAlexey Brodkin
On execution of "inet/gethost_r-align" test I noticed failure due to unaligned access (instaed of 4-byte aligned 1-byte aligned address was attempted to be accessed). Further investigation confirmed this nice and helpful test failure. Following commit removed usage of ALIGN_BUFFER_OFFSET on entry to __read_etc_hosts_r(): http://git.uclibc.org/uClibc/commit/?id=f65e66078b9f4d2d7f0fc336dee36e78fc467c0f So indeed if target architecture doesn't allow unaligned access and provided tmp buffer is not word aligned (and we will deal with pointers which means word-sized data units), then CPU will fail during execution. In case of ARC we'll see "Unaligned access" exception like this: --->8--- # potentially unexpected fatal signal 7. Path: /root/uClibc/test/inet/gethost_r-align CPU: 0 PID: 5514 Comm: gethost_r-align Not tainted 3.13.11 #2 task: 8f42a580 ti: 8f40e000 task.ti: 8f40e000 [ECR ]: 0x00230400 => Misaligned r/w from 0x5fdab341 [EFA ]: 0x5fdab341 [BLINK ]: 0x20032a18 [ERET ]: 0x20032a3c @off 0x12a3c in [/lib/libuClibc-0.9.34-git.so] VMA: 0x20020000 to 0x20062000 [STAT32]: 0x00000086 : U E2 E1 BTA: 0x20046014 SP: 0x5fdab260 FP: 0x00000000 LPS: 0x20046064 LPE: 0x20046068 LPC: 0x00000000 r00: 0x5fdab341 r01: 0x00000005 r02: 0x00000015 r03: 0x00000000 r04: 0x5fdab358 r05: 0x00000000 r06: 0x0a0a0a00 r07: 0x00000000 r08: 0x0000003f r09: 0x20067050 r10: 0x00000000 r11: 0x00000014 r12: 0x00000001 r13: 0x00000000 r14: 0x20060660 r15: 0x20060661 r16: 0x00000006 r17: 0x5fdab371 r18: 0x00000018 r19: 0x5fdab2b4 r20: 0x00020000 r21: 0x00000000 r22: 0x00029068 r23: 0x5fdab371 r24: 0x00010000 r25: 0x00000000 --->8--- To fix this problem we'll re-introduce tmp buffer force alignment before config parser invocation. Signed-off-by: Alexey Brodkin <Alexey.Brodkin@synopsys.com> Cc: Vineet Gupta <vgupta@synopsys.com> Cc: Waldemar Brodkorb <wbx@openadk.org> Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
2015-01-01shut up GCC, part 2Thorsten Glaser
Signed-off-by: Thorsten Glaser <tg@mirbsd.org>
2015-01-01shut up GCCThorsten Glaser
Signed-off-by: Thorsten Glaser <tg@mirbsd.org>
2014-12-15mkostemp: fix implementationAnthony G. Basile
mkostemp(char *template, int flags) generates a unique temporary filename from a template. The flags parameter accepts three of the same flags as open(2): O_APPEND, O_CLOEXEC, and O_SYNC. The current implementation of mkostemp(3) does not respect the flags and in fact confuses the flags with the file mode which should always be S_IRUSR | S_IWUSR. This patch corrects this issue. Signed-off-by: Anthony G. Basile <blueness@gentoo.org> Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
2014-12-10mkostemp: fix implementationAnthony G. Basile
mkostemp(char *template, int flags) generates a unique temporary filename from a template. The flags parameter accepts three of the same flags as open(2): O_APPEND, O_CLOEXEC, and O_SYNC. The current implementation of mkostemp(3) does not respect the flags and in fact confuses the flags with the file mode which should always be S_IRUSR | S_IWUSR. This patch corrects this issue. Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
2014-09-16buildsys: fix IS_IN_lib*Bernhard Reutner-Fischer
define NOT_IN_libc / IS_IN_libxxx appropriately to fix pthread_once Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>