Bug 1693293 - Perl inet_aton is not thread-safe
Summary: Perl inet_aton is not thread-safe
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: perl-Socket
Version: 7.6
Hardware: All
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Petr Pisar
QA Contact: Jakub Heger
Mariya Pershina
URL:
Whiteboard:
Depends On:
Blocks: 1716962
TreeView+ depends on / blocked
 
Reported: 2019-03-27 13:23 UTC by Paulo Andrade
Modified: 2020-03-31 19:09 UTC (History)
5 users (show)

Fixed In Version: perl-Socket-2.010-5.el7
Doc Type: Bug Fix
Doc Text:
.`Socket::inet_aton()` can now be used from multiple threads safely Previously, the `Socket::inet_aton()` function, used for resolving a domain name from multiple Perl threads, called the unsafe `gethostbyname()` `glibc` function. Consequently, an incorrect IPv4 address was occasionally returned, or the Perl interpreter terminated unexpectedly. With this update, the `Socket::inet_aton()` implementation has been changed to use the thread-safe `getaddrinfo()` `glibc` function instead of `gethostbyname()`. As a result, the `inet_aton()` function from Perl `Socket` module can be used from multiple threads safely.
Clone Of:
: 1699793 (view as bug list)
Environment:
Last Closed: 2020-03-31 19:09:42 UTC
Target Upstream Version:


Attachments (Terms of Use)
Proposed fix ported to 2.010 (1.77 KB, patch)
2019-04-15 09:35 UTC, Petr Pisar
no flags Details | Diff


Links
System ID Priority Status Summary Last Updated
CPAN 129189 None None None 2019-04-15 08:31:04 UTC
Red Hat Product Errata RHBA-2020:0997 None None None 2020-03-31 19:09:44 UTC

Comment 2 Petr Pisar 2019-03-27 16:22:18 UTC
Thank you for the report. I confirm I can reproduce the issue.

The inet_aton() function is provided by Socket Perl module and it indeed calls gethostbyname() that is not thread-safe:

void
inet_aton(host)
    char *  host
    CODE:
    {
    struct in_addr ip_address;
    struct hostent * phe;

    if ((*host != '\0') && inet_aton(host, &ip_address)) {
        ST(0) = sv_2mortal(newSVpvn((char *)&ip_address, sizeof(ip_address)));
        XSRETURN(1);
    }

→   phe = gethostbyname(host);
    if (phe && phe->h_addrtype == AF_INET && phe->h_length == 4) {
        ST(0) = sv_2mortal(newSVpvn((char *)phe->h_addr, phe->h_length));
        XSRETURN(1);
    }

    XSRETURN_UNDEF;
    }

As a workaround I recommend using getaddrinfo() from the same Socket module instead. It's thread safe and supports IPv6. As replacement for IO:Socket::INET I recommend IO::Socket::IP instead.

Comment 4 Petr Pisar 2019-04-15 09:35:35 UTC
Created attachment 1555175 [details]
Proposed fix ported to 2.010

Comment 15 errata-xmlrpc 2020-03-31 19:09:42 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0997


Note You need to log in before you can comment on or make changes to this bug.