Patchwork [BZ,21295] getaddrinfo: do not overwrite IPv6 IPs with IPv4 when using AF_UNSPEC

login
register
mail settings
Submitter Stefan Liebler
Date July 6, 2017, 9:02 a.m.
Message ID <a0cbf96b-96f0-cf27-37c2-ca13766eade5@linux.vnet.ibm.com>
Download mbox | patch
Permalink /patch/21452/
State Not Applicable
Headers show

Comments

Stefan Liebler - July 6, 2017, 9:02 a.m.
On 06/24/2017 04:59 PM, Florian Weimer wrote:
> On 03/23/2017 02:21 PM, kmeaw@kmeaw.com wrote:
>> CVE-2016-3706 patch introduces a regression which disrupts connectivity
>> from IPv6-only to dual-stack hosts. This is caused by
>> convert_hostent_to_gaih_addrtuple which frees the result opposed to
>> appending to it (prior to the CVE patch in gaih_inet).
>>
>> This change replaces free(*result) call with a loop which looks for the
>> pointer to the end of the linked list (&(*result)->next), so successive
>> calls append the result to the list instead of overwriting it.
>>
>> Bugzilla entry #21295 describes a way to reproduce the issue.
> 
> Thanks.  I have pushed your patch along with a test case tweak to cover
> this area of getaddrinfo.
> 
> Thanks,
> Florian
> 

Hi Florian,

I've recognized the test-fail resolv/tst-resolv-basic on some but not 
all machines of mine on different architectures s390, intel, power and 
according to 2.26 release page, Joseph also recognized it on his arm, 
mips, power32 machines:
warning: could not become root outside namespace (Operation not permitted)
warning: unshare (CLONE_NEWUTS) failed: Operation not permitted
warning: could not enter network namespace
error: addrinfo comparison failure
query: www.example:80 [10]/0x18
error: 2 test failures

Does the ordering of the results matter?

Bye.
Stefan

Patch

--- expected
+++ actual
@@ -1,3 +1,3 @@ 
  flags: AI_V4MAPPED AI_ALL
-address: STREAM/TCP 2001:db8::1 80
  address: STREAM/TCP ::ffff:192.0.2.17 80
+address: STREAM/TCP 2001:db8::1 80
error: addrinfo comparison failure
query: t.www.example:80 [10]/0x18
--- expected
+++ actual
@@ -1,3 +1,3 @@ 
  flags: AI_V4MAPPED AI_ALL
-address: STREAM/TCP 2001:db8::3 80
  address: STREAM/TCP ::ffff:192.0.2.19 80
+address: STREAM/TCP 2001:db8::3 80