Red Hat Bugzilla – Bug 21934
glibc 2.2-5 has broken getnameinfo
Last modified: 2016-11-24 10:05:40 EST
The new glibc-2.2-5 has a broken getnameinfo function. Specifically, the sense of the NI_NOFQDN flag is reversed.
Calling getnameinfo(sa, salen, host, hostlen, serv, servlen, 0)
returns ONLY THE INITIAL SEGMENT OF THE HOST NAME, whereas
getnameinfo(sa, salen, host, hostlen, serv, servlen, NI_NOFQDN)
returns the fully qualified domain name. This is the reverse of the
proper behaviour (a flag of 0 should return the FQDN, and a flag of NI_NOFQDN should return only the host portion).
I have classed this as a security bug since it breaks a lot of security-sensitive software (such as openssh with RSARhosts authentication). I cannot think of any way to exploit it, but anything that messes with hostname lookup in this manner is inherently dangerous.
Fixed in glibc-2.2-9.