From 68d61aada26faf8ba03112af9c85b3f7fb769730 Mon Sep 17 00:00:00 2001 From: Mike Frysinger Date: Mon, 31 Jul 2006 20:21:45 +0000 Subject: fix h_alias handling in gethostbyaddr_r() just like in gethostbyname_r() otherwise we get messed up alias memory and this simple test case will segfault: python -c 'import socket; print socket.gethostbyaddr("80.68.88.204")[2];' see bug report in blackfin tracker for more info: http://blackfin.uclinux.org/tracker/index.php?func=detail&aid=1503&group_id=17&atid=141 --- libc/inet/resolv.c | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'libc') diff --git a/libc/inet/resolv.c b/libc/inet/resolv.c index 560c56988..26d68d26a 100644 --- a/libc/inet/resolv.c +++ b/libc/inet/resolv.c @@ -2259,6 +2259,7 @@ int gethostbyaddr_r (const void *addr, socklen_t len, int type, struct in6_addr *in6; struct in6_addr **addr_list6; #endif /* __UCLIBC_HAS_IPV6__ */ + char **alias; unsigned char *packet; struct resolv_answer a; int i; @@ -2319,6 +2320,12 @@ int gethostbyaddr_r (const void *addr, socklen_t len, int type, buf+=sizeof(*addr_list)*2; buflen-=sizeof(*addr_list)*2; + if (buflen < sizeof(char *)*(ALIAS_DIM)) + return ERANGE; + alias=(char **)buf; + buf+=sizeof(*alias)*(ALIAS_DIM); + buflen-=sizeof(*alias)*(ALIAS_DIM); + #ifdef __UCLIBC_HAS_IPV6__ if (plen < sizeof(*in6)) return ERANGE; @@ -2367,6 +2374,9 @@ int gethostbyaddr_r (const void *addr, socklen_t len, int type, addr_list[1] = 0; + alias[0] = buf; + alias[1] = 0; + for (;;) { BIGLOCK; @@ -2413,6 +2423,7 @@ int gethostbyaddr_r (const void *addr, socklen_t len, int type, } result_buf->h_addr_list = (char **) addr_list; + result_buf->h_aliases = alias; break; } else { free(packet); -- cgit v1.2.3