From patchwork Tue Aug 8 17:01:48 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 799367 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=sourceware.org (client-ip=209.132.180.131; helo=sourceware.org; envelope-from=libc-alpha-return-82877-incoming=patchwork.ozlabs.org@sourceware.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.b="IC5uEVnn"; dkim-atps=neutral Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xRgh31Xlpz9s65 for ; Wed, 9 Aug 2017 03:02:58 +1000 (AEST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:to:subject:mime-version:content-type :content-transfer-encoding:message-id:from; q=dns; s=default; b= dwmykNjZVhyydqm6Lr0nhVs3AKVpfNmC+d7vxOwkaELo999LsuS9safcobEKPofy FSS8d0cjI7+ks8kOhuR+9ZVOjcDmhCTgd2lnXpXB+XaZYDdbelHHJymGiE/WqChE Uta/5MoxyryWjaNsr6vEymLuabQMlU/unDOaeA+B0y8= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:to:subject:mime-version:content-type :content-transfer-encoding:message-id:from; s=default; bh=9jAr7b 2hiPcWQWV5waaEHP33Cwg=; b=IC5uEVnnNQdku5TH3mEWlPFpy0RVTLk43pRZiG dxVQaxVIQoSi3yifR4ZcEnq3/2o0l7A08Eg7S0Ig83hOBIucH9ZACnL4GG3/PmrH MQuiI5heNTXHrLyZKwYBTjbRu8qN2N9FSjD8Jx07qaineMapibmDm+7XDq1S6Ll1 R4NSo= Received: (qmail 43170 invoked by alias); 8 Aug 2017 17:02:03 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 40675 invoked by uid 89); 8 Aug 2017 17:01:55 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-25.9 required=5.0 tests=BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, KAM_LAZY_DOMAIN_SECURITY, RP_MATCHES_RCVD, SPF_HELO_PASS autolearn=ham version=3.3.2 spammy= X-HELO: mx1.redhat.com DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 331CD356F0 Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=fweimer@redhat.com Date: Tue, 08 Aug 2017 19:01:48 +0200 To: libc-alpha@sourceware.org Subject: [PATCH] getaddrinfo: Fix error handling in gethosts [BZ #21915] [BZ #21922] User-Agent: Heirloom mailx 12.5 7/5/10 MIME-Version: 1.0 Message-Id: <20170808170148.218B74029923B@oldenburg.str.redhat.com> From: fweimer@redhat.com (Florian Weimer) The old code uses errno as the primary indicator for success or failure. This is wrong because errno is only set for specific combinations of the status return value and the h_errno variable. 2017-08-08 Florian Weimer [BZ #21915] [BZ #21922] * sysdeps/posix/getaddrinfo.c (gethosts): Look at NSS function result to determine success or failure, not the errno value. * nss/Makefile (tests): Add tst-nss-files-hosts-erange. (tst-nss-files-hosts-erange): Link with -ldl. * nss/tst-nss-files-hosts-erange.c: New file. * nss/tst-resolv-basic.c (response): Handle nodata.example. (do_test): Add NO_DATA tests. * resolv/tst-resolv-basic.c (test_nodata_nxdomain): New function. (do_test): Call it. diff --git a/nss/Makefile b/nss/Makefile index d9f6d41..91b1c21 100644 --- a/nss/Makefile +++ b/nss/Makefile @@ -58,6 +58,11 @@ tests = test-netdb test-digits-dots tst-nss-getpwent bug17079 \ tst-nss-test5 xtests = bug-erange +# Tests which need libdl +ifeq (yes,$(build-shared)) +tests += tst-nss-files-hosts-erange +endif + # If we have a thread library then we can test cancellation against # some routines like getpwuid_r. ifeq (yes,$(have-thread-library)) @@ -154,3 +159,5 @@ $(patsubst %,$(objpfx)%.out,$(tests)) : \ ifeq (yes,$(have-thread-library)) $(objpfx)tst-cancel-getpwuid_r: $(shared-thread-library) endif + +$(objpfx)tst-nss-files-hosts-erange: $(libdl) diff --git a/nss/tst-nss-files-hosts-erange.c b/nss/tst-nss-files-hosts-erange.c new file mode 100644 index 0000000..beb7aa9 --- /dev/null +++ b/nss/tst-nss-files-hosts-erange.c @@ -0,0 +1,109 @@ +/* Parse /etc/hosts in multi mode with a trailing long line (bug 21915). + Copyright (C) 2017 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +struct support_chroot *chroot_env; + +#define X10 "XXXXXXXXXX" +#define X100 X10 X10 X10 X10 X10 X10 X10 X10 X10 X10 +#define X1000 X100 X100 X100 X100 X100 X100 X100 X100 X100 X100 + +static void +prepare (int argc, char **argv) +{ + chroot_env = support_chroot_create + ((struct support_chroot_configuration) + { + .resolv_conf = "", + .hosts = + "127.0.0.1 localhost localhost.localdomain\n" + "::1 localhost localhost.localdomain\n" + "192.0.2.1 example.com\n" + "#" X1000 X100 "\n", + .host_conf = "multi on\n", + }); +} + +static int +do_test (void) +{ + support_become_root (); + if (!support_can_chroot ()) + return EXIT_UNSUPPORTED; + + __nss_configure_lookup ("hosts", "files"); + if (dlopen (LIBNSS_FILES_SO, RTLD_LAZY) == NULL) + FAIL_EXIT1 ("could not load " LIBNSS_DNS_SO ": %s", dlerror ()); + + xchroot (chroot_env->path_chroot); + + errno = ERANGE; + h_errno = NETDB_INTERNAL; + check_hostent ("gethostbyname example.com", + gethostbyname ("example.com"), + "name: example.com\n" + "address: 192.0.2.1\n"); + errno = ERANGE; + h_errno = NETDB_INTERNAL; + check_hostent ("gethostbyname2 AF_INET example.com", + gethostbyname2 ("example.com", AF_INET), + "name: example.com\n" + "address: 192.0.2.1\n"); + { + struct addrinfo hints = + { + .ai_family = AF_UNSPEC, + .ai_socktype = SOCK_STREAM, + .ai_protocol = IPPROTO_TCP, + }; + errno = ERANGE; + h_errno = NETDB_INTERNAL; + struct addrinfo *ai; + int ret = getaddrinfo ("example.com", "80", &hints, &ai); + check_addrinfo ("example.com AF_UNSPEC", ai, ret, + "address: STREAM/TCP 192.0.2.1 80\n"); + if (ret == 0) + freeaddrinfo (ai); + + hints.ai_family = AF_INET; + errno = ERANGE; + h_errno = NETDB_INTERNAL; + ret = getaddrinfo ("example.com", "80", &hints, &ai); + check_addrinfo ("example.com AF_INET", ai, ret, + "address: STREAM/TCP 192.0.2.1 80\n"); + if (ret == 0) + freeaddrinfo (ai); + } + + support_chroot_free (chroot_env); + return 0; +} + +#define PREPARE prepare +#include diff --git a/resolv/tst-resolv-basic.c b/resolv/tst-resolv-basic.c index 64eedbb..66a0e8a 100644 --- a/resolv/tst-resolv-basic.c +++ b/resolv/tst-resolv-basic.c @@ -50,7 +50,7 @@ response (const struct resolv_response_context *ctx, qname_compare = qname + 2; else qname_compare = qname; - enum {www, alias, nxdomain, long_name} requested_qname; + enum {www, alias, nxdomain, long_name, nodata} requested_qname; if (strcmp (qname_compare, "www.example") == 0) requested_qname = www; else if (strcmp (qname_compare, "alias.example") == 0) @@ -59,6 +59,8 @@ response (const struct resolv_response_context *ctx, requested_qname = nxdomain; else if (strcmp (qname_compare, LONG_NAME) == 0) requested_qname = long_name; + else if (strcmp (qname_compare, "nodata.example") == 0) + requested_qname = nodata; else { support_record_failure (); @@ -87,6 +89,8 @@ response (const struct resolv_response_context *ctx, resolv_response_close_record (b); resolv_response_open_record (b, "www.example", qclass, qtype, 0); break; + case nodata: + return; case nxdomain: FAIL_EXIT1 ("unreachable"); } @@ -267,6 +271,55 @@ test_bug_21295 (void) } } +/* Run tests which do not expect any data. */ +static void +test_nodata_nxdomain (void) +{ + /* Iterate through different address families. */ + int families[] = { AF_UNSPEC, AF_INET, AF_INET6, -1 }; + for (int i = 0; families[i] >= 0; ++i) + /* If do_tcp, prepend "t." to the name to trigger TCP + fallback. */ + for (int do_tcp = 0; do_tcp < 2; ++do_tcp) + /* If do_nxdomain, trigger an NXDOMAIN error (DNS failure), + otherwise use a NODATA response (empty but successful + answer). */ + for (int do_nxdomain = 0; do_nxdomain < 2; ++do_nxdomain) + { + int family = families[i]; + char *name = xasprintf ("%s%s.example", + do_tcp ? "t." : "", + do_nxdomain ? "nxdomain" : "nodata"); + + if (family != AF_UNSPEC) + { + if (do_nxdomain) + check_h (name, family, "error: HOST_NOT_FOUND\n"); + else + check_h (name, family, "error: NO_ADDRESS\n"); + } + + const char *expected; + if (do_nxdomain) + expected = "error: Name or service not known\n"; + else + expected = "error: No address associated with hostname\n"; + + check_ai (name, "80", family, expected); + + struct addrinfo hints = + { + .ai_family = family, + .ai_flags = AI_V4MAPPED | AI_ALL, + }; + check_ai_hints (name, "80", hints, expected); + hints.ai_flags |= AI_CANONNAME; + check_ai_hints (name, "80", hints, expected); + + free (name); + } +} + static int do_test (void) { @@ -439,29 +492,8 @@ do_test (void) "address: DGRAM/UDP 2001:db8::4 80\n" "address: RAW/IP 2001:db8::4 80\n"); - check_h ("nxdomain.example", AF_INET, - "error: HOST_NOT_FOUND\n"); - check_h ("nxdomain.example", AF_INET6, - "error: HOST_NOT_FOUND\n"); - check_ai ("nxdomain.example", "80", AF_UNSPEC, - "error: Name or service not known\n"); - check_ai ("nxdomain.example", "80", AF_INET, - "error: Name or service not known\n"); - check_ai ("nxdomain.example", "80", AF_INET6, - "error: Name or service not known\n"); - - check_h ("t.nxdomain.example", AF_INET, - "error: HOST_NOT_FOUND\n"); - check_h ("t.nxdomain.example", AF_INET6, - "error: HOST_NOT_FOUND\n"); - check_ai ("t.nxdomain.example", "80", AF_UNSPEC, - "error: Name or service not known\n"); - check_ai ("t.nxdomain.example", "80", AF_INET, - "error: Name or service not known\n"); - check_ai ("t.nxdomain.example", "80", AF_INET6, - "error: Name or service not known\n"); - test_bug_21295 (); + test_nodata_nxdomain (); resolv_test_end (aux); diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c index 0cf87c2..2c4b6d6 100644 --- a/sysdeps/posix/getaddrinfo.c +++ b/sysdeps/posix/getaddrinfo.c @@ -242,28 +242,26 @@ convert_hostent_to_gaih_addrtuple (const struct addrinfo *req, #define gethosts(_family, _type) \ { \ struct hostent th; \ - struct hostent *h; \ char *localcanon = NULL; \ no_data = 0; \ - while (1) { \ - status = DL_CALL_FCT (fct, (name, _family, &th, \ - tmpbuf->data, tmpbuf->length, \ - &errno, &h_errno, NULL, &localcanon)); \ - if (errno != ERANGE || h_errno != NETDB_INTERNAL) \ - break; \ - if (!scratch_buffer_grow (tmpbuf)) \ - { \ - __resolv_context_enable_inet6 (res_ctx, res_enable_inet6); \ - __resolv_context_put (res_ctx); \ - result = -EAI_MEMORY; \ - goto free_and_return; \ - } \ - } \ - if (status == NSS_STATUS_SUCCESS && errno == 0) \ - h = &th; \ - else \ - h = NULL; \ - if (errno != 0) \ + while (1) \ + { \ + status = DL_CALL_FCT (fct, (name, _family, &th, \ + tmpbuf->data, tmpbuf->length, \ + &errno, &h_errno, NULL, &localcanon)); \ + if (status != NSS_STATUS_TRYAGAIN || h_errno != NETDB_INTERNAL \ + || errno != ERANGE) \ + break; \ + if (!scratch_buffer_grow (tmpbuf)) \ + { \ + __resolv_context_enable_inet6 (res_ctx, res_enable_inet6); \ + __resolv_context_put (res_ctx); \ + result = -EAI_MEMORY; \ + goto free_and_return; \ + } \ + } \ + if (status == NSS_STATUS_NOTFOUND \ + || status == NSS_STATUS_TRYAGAIN || status == NSS_STATUS_UNAVAIL) \ { \ if (h_errno == NETDB_INTERNAL) \ { \ @@ -277,9 +275,9 @@ convert_hostent_to_gaih_addrtuple (const struct addrinfo *req, else \ no_data = h_errno == NO_DATA; \ } \ - else if (h != NULL) \ + else if (status == NSS_STATUS_SUCCESS) \ { \ - if (!convert_hostent_to_gaih_addrtuple (req, _family,h, &addrmem)) \ + if (!convert_hostent_to_gaih_addrtuple (req, _family, &th, &addrmem)) \ { \ __resolv_context_enable_inet6 (res_ctx, res_enable_inet6); \ __resolv_context_put (res_ctx); \