Bug 21934

Summary: glibc 2.2-5 has broken getnameinfo
Product: [Retired] Red Hat Linux Reporter: Philip Spencer <pspencer>
Component: glibcAssignee: Jakub Jelinek <jakub>
Status: CLOSED ERRATA QA Contact: Aaron Brown <abrown>
Severity: medium Docs Contact:
Priority: high    
Version: 7.0CC: dr, fweimer, jarno.huuskonen
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-12-08 23:10:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Philip Spencer 2000-12-08 05:35:10 UTC
The new glibc-2.2-5 has a broken getnameinfo function. Specifically, the sense of the NI_NOFQDN flag is reversed.





Calling getnameinfo(sa, salen, host, hostlen, serv, servlen, 0)





    returns ONLY THE INITIAL SEGMENT OF THE HOST NAME, whereas





 getnameinfo(sa, salen, host, hostlen, serv, servlen, NI_NOFQDN)





returns the fully qualified domain name. This is the reverse of the


proper behaviour (a flag of 0 should return the FQDN, and a flag of NI_NOFQDN should return only the host portion).





I have classed this as a security bug since it breaks a lot of security-sensitive software (such as openssh with RSARhosts authentication). I cannot think of any way to exploit it, but anything that messes with hostname lookup in this manner is inherently dangerous.

Comment 1 Jakub Jelinek 2000-12-19 09:35:18 UTC
Fixed in glibc-2.2-9.