17019 – gethostbyname call SIGSEGVs

Bug 17019 - gethostbyname call SIGSEGVs

Summary: gethostbyname call SIGSEGVs

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Raw Hide
Classification:	Retired
Component:	glibc
Sub Component:
Version:	1.0
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Jakub Jelinek
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2000-08-28 00:07 UTC by Dmitry V. Levin
Modified:	2008-05-01 15:37 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2000-09-01 11:59:29 UTC
Embargoed:

Attachments	(Terms of Use)

Description Dmitry V. Levin 2000-08-28 00:07:10 UTC

While using glibc-2.1.92-5, I've noticed, that in certain conditions
call of gethostbyname function SIGSEGVs in function
_nss_files_gethostbyname_r.
Most easy way to reproduce it is to place into /etc/hosts to identic lines
which define traslation of some ipaddr into name with aliases, for example,
1.2.3.4	x	y
or, most commonly used,
127.0.0.1	localhost.localdomain	localhost

(first resolving rule for hosts in /etc/nsswitch.conf is files).

Comment 1 Jakub Jelinek 2000-09-01 10:41:33 UTC

I cannot reproduce this.
My /etc/hosts has now:
127.0.0.1               localhost.localdomain localhost
127.0.0.1               localhost.localdomain localhost
127.0.0.1               localhost.localdomain localhost
127.0.0.1               localhost.localdomain localhost
1.2.3.4                 blabla
and ping blabla nor ping localhost causes any segfaults (nsswitch.conf starts
with files for hosts). Can you tell me which exact program should trigger it,
with what arguments?

Comment 2 Dmitry V. Levin 2000-09-01 11:59:27 UTC

Well, my /etc/hosts now contain
1.2.3.4		x	y
1.2.3.4		x	y
(Duplicated lines are necessary to reproduce the bug.)

Here is a test program which causes segfault when executed:

#include <netdb.h>
int main( int ac, const char *av[] )
{
    if ( ac < 2 ) return 1;
    gethostbyname( av[1] );
    return 0;
}

$ gcc -g -O0 gethostbyname.c -o gethostbyname
$ ./gethostbyname x
Segmentation fault

"ping x" also sigsegvs.

Tested with glibc-2.1.92-5 and glibc-2.1.92-13.

gdb backtrace (glibc-2.1.92-13) is following:
Program received signal SIGSEGV, Segmentation fault.
#0  0x23bda9 in _nss_files_gethostbyname_r (name=0xbffffafd "x",
result=0xbffff7e8, 
    buffer=0x8049578 "\001\002\003\004", buflen=1024, errnop=0x233fa0,
herrnop=0xbffff918)
    at nss_files/files-hosts.c:262
#1  0x2077d6 in __gethostbyname_r (name=0xbffffafd "x", resbuf=0x236000,
buffer=0x8049578 "\001\002\003\004", 
    buflen=1024, result=0xbffff910, h_errnop=0xbffff918) at
../nss/getXXbyYY_r.c:189
#2  0x206573 in gethostbyname (name=0xbffffafd "x") at ../nss/getXXbyYY.c:141
#3  0x8048404 in main (ac=2, av=0xbffff9a4) at gethostbyname.c:6
#4  0x14c89e in __libc_start_main (main=0x80483e0 <main>, argc=2,
ubp_av=0xbffff9a4, init=0x80482a0 <_init>, 
    fini=0x8048454 <_fini>, rtld_fini=0x11c9d4 <_dl_fini>, stack_end=0xbffff99c)
    at ../sysdeps/generic/libc-start.c:111

Note You need to log in before you can comment on or make changes to this bug.