Bug 514838
| Summary: | adns_strerror() SEGV if there is no error string for a particular error number | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Kyle VanderBeek <kylev> | ||||||
| Component: | adns | Assignee: | Adam Tkac <atkac> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
| Severity: | medium | Docs Contact: | |||||||
| Priority: | medium | ||||||||
| Version: | 11 | CC: | atkac, byte, ovasik, rmaximo, rvokal | ||||||
| Target Milestone: | --- | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | All | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | 1.4-6.fc11 | Doc Type: | Bug Fix | ||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2009-08-07 04:56:57 UTC | Type: | --- | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Attachments: |
|
||||||||
More illustrative if I use the constants from adns.h in my example program; both are valid possible errors.
#include <stdio.h>
#include <adns.h>
int main(void) {
printf("%s\n", adns_strerror(adns_s_inconsistent));
printf("%s\n", adns_strerror(adns_s_max_misconfig));
}
Created attachment 356492 [details]
Improved patch
Thanks for the patch. Unfortunately I have two objections:
- I think "unknown error code" is more meaningful message than empty string.
- patch returns empty string allocated on stack which is wrong and will cause problems
Note that if you are creating a new project which will use adns as a resolving library.
adns upstream is not very active and adns is not able to resolve many new DNS records like AAAA (IPv6 addresses), NSEC{,3},RRSIG,DS and DNSKEY (DNSSEC extensions). Next problem is that adns is still vulnerable to CVE-2008-4100 thus applications which use adns should be used in trusted environments only.
adns-1.4-6.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/adns-1.4-6.fc11 adns-1.4-6.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report. |
Created attachment 355754 [details] Return an empty string if no error message is found for a particular code. Description of problem: If you look up the strerror for a non-existent or under-documented error condition (for which there is no string error text), a SEGV will result when adns dereferences the result of a bsearch() which may be NULL. Version-Release number of selected component (if applicable): adns-1.4-5 How reproducible: Always. Steps to Reproduce: 1. Test program test.c: #include <stdio.h> #include <adns.h> int main(void) { printf("%s\n", adns_strerror(100)); printf("%s\n", adns_strerror(199)); } 2. gcc -g -o testc test.c -ladns 3. ./testc Actual results: [kylev@kylev-dt tmp]$ ./testc Inconsistent resource records in DNS Segmentation fault Expected results: [kylev@kylev-dt tmp]$ ./testc Inconsistent resource records in DNS <blank line> Additional info: The home page for adns seems to have gone AWOL, so I haven't been able to report this to Ian Jackson. Also, feel free to add me (FAS kylev) as a maintainer if you want assistance.