Bug 139983 - newaliases segfaults when gethostbyname or gethostbyaddr fails
newaliases segfaults when gethostbyname or gethostbyaddr fails
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: postfix (Show other bugs)
3
All Linux
medium Severity medium
: ---
: ---
Assigned To: Thomas Woerner
:
: 143900 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-11-18 20:09 EST by Joseph Dunn
Modified: 2007-11-30 17:10 EST (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-02-11 09:47:54 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Corrected postfix-hostname-fqdn.patch (1.25 KB, patch)
2005-01-29 13:29 EST, Joseph Dunn
no flags Details | Diff

  None (edit)
Description Joseph Dunn 2004-11-18 20:09:34 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5)
Gecko/20041107 Firefox/1.0

Description of problem:
The segfault occurs because the returns of gethostbyname and
gethostbyaddr are not checked for validity.  If DNS cannot resolve the
hostname these functions return NULL.  This bug was introduced
sometime between postfix-2.0.18-4 (core 2) and postfix-2.1.5-2.2 (core
3), and is still present in postfix-2.1.5-2.3.FC3.  The problem code
is in postfix-2.1.5/src/util/get_hostname.c:

        /* Sometimes gethostname does not return a FQDN, usually
gethostbyaddr()
 will */
        byName = gethostbyname(namebuf);
        if (byName->h_addr) {
          memcpy((char *) &hostaddr, byName->h_addr, sizeof(hostaddr));
          byAddr = gethostbyaddr((char *)&hostaddr, sizeof(hostaddr),
AF_INET);
          strncpy(namebuf, byAddr->h_name, sizeof(namebuf));
          namebuf[MAXHOSTNAMELEN] = 0;
        }

patch:
--- get_hostname.c.old  2004-11-18 16:51:42.000000000 -0700
+++ get_hostname.c.new  2004-11-18 16:56:08.140604880 -0700
@@ -72,11 +72,14 @@

        /* Sometimes gethostname does not return a FQDN, usually
gethostbyaddr() will */
        byName = gethostbyname(namebuf);
-       if (byName->h_addr) {
+       if (byName != NULL &&
+           byName->h_addr) {
          memcpy((char *) &hostaddr, byName->h_addr, sizeof(hostaddr));
          byAddr = gethostbyaddr((char *)&hostaddr, sizeof(hostaddr),
AF_INET);
-         strncpy(namebuf, byAddr->h_name, sizeof(namebuf));
-         namebuf[MAXHOSTNAMELEN] = 0;
+         if (byAddr != NULL) {
+           strncpy(namebuf, byAddr->h_name, sizeof(namebuf));
+           namebuf[MAXHOSTNAMELEN] = 0;
+         }
        }

        if (valid_hostname(namebuf, DO_GRIPE) == 0)


Version-Release number of selected component (if applicable):
postfix-2.1.5-2.2

How reproducible:
Always

Steps to Reproduce:
1. run newaliases and see that it works
2. change hostname to something without a corresponding DNS entry
3. run newaliases and watch it crash


Actual Results:  -bash-3.00# newaliases
-bash-3.00# hostname dummy
-bash-3.00# newaliases
Segmentation fault


Expected Results:  no crash....


Additional info:
Comment 1 Matthew Kent 2004-11-24 13:07:50 EST
Yes thank you! That's what this is. I was trying to figure out why
postfixes 'postalias' was segfaulting after a fresh demo kickstart
install. Added my hostname to the loopback in /etc/hosts and
everything is fine.

An updated rpm would be nice, I'd imagine a few people are going to
scratch their heads at this cryptic behavior and open more tickets :)
Comment 2 Chris Ricker 2005-01-28 11:20:17 EST
*** Bug 143900 has been marked as a duplicate of this bug. ***
Comment 3 Petri Koistinen 2005-01-29 11:28:34 EST
If you have problem with Postfix, why don't you post patch to Wietse
Venema?
Comment 4 Joseph Dunn 2005-01-29 13:29:21 EST
Created attachment 110397 [details]
Corrected postfix-hostname-fqdn.patch
Comment 5 Joseph Dunn 2005-01-29 13:43:59 EST
This problem is actually in the postfix-hostname-fqdn.patch that the
fedora project applies to the original postfix sources.  The code is
from someone other than Wietse Venema, and according to <a
href="https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=143900">Bug
143900</a> comment #1 under that bug Wietse Venema is aware of it. 
Basically, it's not his problem, it's a problem introduced by the
patch redhat/fedora chooses to apply.  I included a fix in my original
posting.  This time I've reworked the postfix-hostname-fqdn.patch and
attached it below.  It's the same fix I gave before (so there could
definitely be a better way to fix this).  If you unpack the source
rpm, then overwrite the postfix-hostname-fqdn.patch with the contents
of postfix-hostname-fqdn.new.patch it should fix the problem.
Comment 6 Thomas Woerner 2005-02-11 09:47:54 EST
Fixed in 
FC3-updates: postfix-2.1.5-5
and rawhide: postfix-2.1.5-5.1
Comment 7 Mark J. Cox (Product Security) 2005-03-16 09:56:30 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-152.html

Note You need to log in before you can comment on or make changes to this bug.