Handle running out of buffer space with IPv6 mapping enabled.

With big DNS answers like the one you get for goodtimesdot.com you can
get a truncated address list if IPv6 mapping is enabled.  Instead tell
the caller to resize the buffer.

diff --git a/ChangeLog b/ChangeLog
index ac8baf13bebc061b1f34fd59d0a46d3c53da87db..49c2e08a4a6c22457a39bdbcba9b2f4f3b14d297 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,7 +1,15 @@
+2009-11-10  Andreas Schwab  <schwab@redhat.com>
+
+       * resolv/mapv4v6hostent.h (map_v4v6_hostent): Return non-zero if
+       out of buffer space.
+       * resolv/nss_dns/dns-host.c (getanswer_r): Check for
+       map_v4v6_hostent running out of space.
+
 2009-11-10  Ulrich Drepper  <drepper@redhat.com>
 
        * string/bits/string3.h (memset): If the second parameter is constant
        and zero there is likely no transposition.
+       Patch by Caolan McNamara <caolanm@redhat.com.
 
 2009-11-04  Philippe De Muyter  <phdm@macqel.be>
 

diff --git a/resolv/mapv4v6hostent.h b/resolv/mapv4v6hostent.h
index 4151ce3639c5677044255c2a467645acf2e8f1b5..c11038adf33f154da06fedc8b7fdfad83c378b8b 100644 (file)
--- a/resolv/mapv4v6hostent.h
+++ b/resolv/mapv4v6hostent.h
@@ -57,13 +57,13 @@ typedef union {
     char ac;
 } align;
 
-static void
+static int
 map_v4v6_hostent (struct hostent *hp, char **bpp, int *lenp)
 {
   char **ap;
 
   if (hp->h_addrtype != AF_INET || hp->h_length != INADDRSZ)
-    return;
+    return 0;
   hp->h_addrtype = AF_INET6;
   hp->h_length = IN6ADDRSZ;
   for (ap = hp->h_addr_list; *ap; ap++)
@@ -71,11 +71,8 @@ map_v4v6_hostent (struct hostent *hp, char **bpp, int *lenp)
       int i = sizeof (align) - ((u_long) *bpp % sizeof (align));
 
       if (*lenp < (i + IN6ADDRSZ))
-       {
-         /* Out of memory.  Truncate address list here.  XXX */
-         *ap = NULL;
-         return;
-       }
+       /* Out of memory.  */
+       return 1;
       *bpp += i;
       *lenp -= i;
       map_v4v6_address (*ap, *bpp);
@@ -83,4 +80,5 @@ map_v4v6_hostent (struct hostent *hp, char **bpp, int *lenp)
       *bpp += IN6ADDRSZ;
       *lenp -= IN6ADDRSZ;
     }
+  return 0;
 }

diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
index 62e67e8b01bd42aedb85f200f5dadccce7370c9f..818a40a898c54dd71dc422eda8c46ecb0e6be63f 100644 (file)
--- a/resolv/nss_dns/dns-host.c
+++ b/resolv/nss_dns/dns-host.c
@@ -878,7 +878,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
                }
              bp += n;
              linebuflen -= n;
-             map_v4v6_hostent (result, &bp, &linebuflen);
+             if (map_v4v6_hostent (result, &bp, &linebuflen))
+               goto too_small;
            }
          *h_errnop = NETDB_SUCCESS;
          return NSS_STATUS_SUCCESS;
@@ -953,7 +954,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
        }
 
       if (have_to_map)
-       map_v4v6_hostent (result, &bp, &linebuflen);
+       if (map_v4v6_hostent (result, &bp, &linebuflen))
+         goto too_small;
       *h_errnop = NETDB_SUCCESS;
       return NSS_STATUS_SUCCESS;
     }