Fix use of half-initialized result in getaddrinfo when using nscd (bug 16743)

This fixes a bug in the way the results from __nscd_getai are collected:
for every returned result a new entry is first added to the
gaih_addrtuple list, but if that result doesn't match the request this
entry remains uninitialized.  So for this non-matching result an extra
result with uninitialized content is returned.

To reproduce (with nscd running):

	$ getent ahostsv4 localhost
	127.0.0.1       STREAM localhost
	127.0.0.1       DGRAM
	127.0.0.1       RAW
	(null)          STREAM
	(null)          DGRAM
	(null)          RAW

diff --git a/ChangeLog b/ChangeLog
index ab98fa6..d406f35 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2014-03-20  Andreas Schwab  <schwab@suse.de>
+
+       [BZ #16743]
+       * sysdeps/posix/getaddrinfo.c (gaih_inet): Properly skip over
+       non-matching result from nscd.
+
 2014-03-24  Siddhesh Poyarekar  <siddhesh@redhat.com>
 
        * scripts/bench.py: Moved to ...

diff --git a/NEWS b/NEWS
index 9418390..a5540f1 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -11,7 +11,8 @@ Version 2.20
 
   15347, 15804, 15894, 16002, 16284, 16447, 16532, 16545, 16574, 16600,
   16609, 16610, 16611, 16613, 16623, 16632, 16639, 16642, 16649, 16670,
-  16674, 16677, 16680, 16683, 16689, 16695, 16701, 16706, 16707, 16731.
+  16674, 16677, 16680, 16683, 16689, 16695, 16701, 16706, 16707, 16731,
+  16743.
 
 * Running the testsuite no longer terminates as soon as a test fails.
   Instead, a file tests.sum (xtests.sum from "make xcheck") is generated,

diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c
index e1a399b..3385bed 100644 (file)
--- a/sysdeps/posix/getaddrinfo.c
+++ b/sysdeps/posix/getaddrinfo.c
@@ -710,6 +710,14 @@ gaih_inet (const char *name, const struct gaih_service *service,
                  struct gaih_addrtuple *addrfree = addrmem;
                  for (int i = 0; i < air->naddrs; ++i)
                    {
+                     if (!((air->family[i] == AF_INET
+                            && req->ai_family == AF_INET6
+                            && (req->ai_flags & AI_V4MAPPED) != 0)
+                           || req->ai_family == AF_UNSPEC
+                           || air->family[i] == req->ai_family))
+                       /* Skip over non-matching result.  */
+                       continue;
+
                      socklen_t size = (air->family[i] == AF_INET
                                        ? INADDRSZ : IN6ADDRSZ);
                      if (*pat == NULL)