Bug 131307 - inet_pton is corrupting memory
inet_pton is corrupting memory
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: glibc (Show other bugs)
2
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Jakub Jelinek
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-08-30 16:04 EDT by Jonathan Earl Brassow
Modified: 2007-11-30 17:10 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-08-30 16:43:17 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
test program that shows inet_pton(AF_INET6...) memory corruption (1.45 KB, text/plain)
2004-08-30 16:06 EDT, Jonathan Earl Brassow
no flags Details

  None (edit)
Description Jonathan Earl Brassow 2004-08-30 16:04:05 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.3)
Gecko/20040803

Description of problem:
inet_pton, when used with AF_INET6 is corrupting memory.

I will try to add an attachment that illustrates the problem.

Version-Release number of selected component (if applicable):
glibc-2.3.3-27

How reproducible:
Always

Steps to Reproduce:
1. compile the test program:
> sh test.c
2. run the test
> ./test
3. note that printed buffers should be the same, but are not.
    

Actual Results:  # ./test
Using IPv6
 
The buffer before inet_pton:
0000 0000 0000 0000
The new altered buffer:
0000 0000 0000 0001


Expected Results:  # ./test
Using IPv6
 
The buffer before inet_pton:
0000 0000 0000 0000
The new altered buffer:
0000 0000 0000 0000

Additional info:

Note that the memory region should not be altered at all.
Comment 1 Jonathan Earl Brassow 2004-08-30 16:06:28 EDT
Created attachment 103266 [details]
test program that shows inet_pton(AF_INET6...) memory corruption
Comment 2 Jakub Jelinek 2004-08-30 16:43:17 EDT
It is the testcase's fault.
struct sockaddr is not large enough to hold struct sockaddr_in6.
You should either change
  struct sockaddr addr;
into
  struct sockaddr_in6 addr;
or you can use
  struct sockaddr_storage addr;
(POSIX mandates that struct sockaddr_storage is large enough to hold
sockaddr_* structure for all families (with the exception of AF_UNIX).

Note You need to log in before you can comment on or make changes to this bug.