[BZ,21295] getaddrinfo: do not overwrite IPv6 IPs with IPv4 when using AF_UNSPEC
Commit Message
On 03/23/2017 02:21 PM, kmeaw@kmeaw.com wrote:
> CVE-2016-3706 patch introduces a regression which disrupts connectivity
> from IPv6-only to dual-stack hosts. This is caused by
> convert_hostent_to_gaih_addrtuple which frees the result opposed to
> appending to it (prior to the CVE patch in gaih_inet).
>
> This change replaces free(*result) call with a loop which looks for the
> pointer to the end of the linked list (&(*result)->next), so successive
> calls append the result to the list instead of overwriting it.
>
> Bugzilla entry #21295 describes a way to reproduce the issue.
Thanks. I have pushed your patch along with a test case tweak to cover
this area of getaddrinfo.
Thanks,
Florian
resolv/tst-resolv-basic: Add test cases for bug 21295
2017-06-24 Florian Weimer <fweimer@redhat.com>
[BZ #21295]
* resolv/tst-resolv-basic.c (do_test): Add new test cases.
@@ -398,6 +398,22 @@ do_test (void)
check_ai ("t.nxdomain.example", "80", AF_INET6,
"error: Name or service not known\n");
+ /* Test for bug 21295. */
+ check_ai_hints ("www.example", "80",
+ (struct addrinfo) { .ai_family = AF_INET6,
+ .ai_socktype = SOCK_STREAM,
+ .ai_flags = AI_V4MAPPED | AI_ALL, },
+ "flags: AI_V4MAPPED AI_ALL\n"
+ "address: STREAM/TCP 2001:db8::1 80\n"
+ "address: STREAM/TCP ::ffff:192.0.2.17 80\n");
+ check_ai_hints ("t.www.example", "80",
+ (struct addrinfo) { .ai_family = AF_INET6,
+ .ai_socktype = SOCK_STREAM,
+ .ai_flags = AI_V4MAPPED | AI_ALL, },
+ "flags: AI_V4MAPPED AI_ALL\n"
+ "address: STREAM/TCP 2001:db8::3 80\n"
+ "address: STREAM/TCP ::ffff:192.0.2.19 80\n");
+
resolv_test_end (aux);
return 0;