Bug 131307 - inet_pton is corrupting memory
Summary: inet_pton is corrupting memory
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: glibc   
(Show other bugs)
Version: 2
Hardware: i386 Linux
medium
high
Target Milestone: ---
Assignee: Jakub Jelinek
QA Contact: Brian Brock
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-08-30 20:04 UTC by Jonathan Earl Brassow
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-08-30 20:43:17 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
test program that shows inet_pton(AF_INET6...) memory corruption (1.45 KB, text/plain)
2004-08-30 20:06 UTC, Jonathan Earl Brassow
no flags Details

Description Jonathan Earl Brassow 2004-08-30 20:04:05 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.3)
Gecko/20040803

Description of problem:
inet_pton, when used with AF_INET6 is corrupting memory.

I will try to add an attachment that illustrates the problem.

Version-Release number of selected component (if applicable):
glibc-2.3.3-27

How reproducible:
Always

Steps to Reproduce:
1. compile the test program:
> sh test.c
2. run the test
> ./test
3. note that printed buffers should be the same, but are not.
    

Actual Results:  # ./test
Using IPv6
 
The buffer before inet_pton:
0000 0000 0000 0000
The new altered buffer:
0000 0000 0000 0001


Expected Results:  # ./test
Using IPv6
 
The buffer before inet_pton:
0000 0000 0000 0000
The new altered buffer:
0000 0000 0000 0000

Additional info:

Note that the memory region should not be altered at all.

Comment 1 Jonathan Earl Brassow 2004-08-30 20:06:28 UTC
Created attachment 103266 [details]
test program that shows inet_pton(AF_INET6...) memory corruption

Comment 2 Jakub Jelinek 2004-08-30 20:43:17 UTC
It is the testcase's fault.
struct sockaddr is not large enough to hold struct sockaddr_in6.
You should either change
  struct sockaddr addr;
into
  struct sockaddr_in6 addr;
or you can use
  struct sockaddr_storage addr;
(POSIX mandates that struct sockaddr_storage is large enough to hold
sockaddr_* structure for all families (with the exception of AF_UNIX).


Note You need to log in before you can comment on or make changes to this bug.