From patchwork Thu Jul 6 09:02:59 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Liebler X-Patchwork-Id: 21452 Received: (qmail 111595 invoked by alias); 6 Jul 2017 09:03:08 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 111584 invoked by uid 89); 6 Jul 2017 09:03:08 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-10.9 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_2, GIT_PATCH_3, KAM_LAZY_DOMAIN_SECURITY, RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.2 spammy=ips, connectivity, Bugzilla, his X-HELO: mx0a-001b2d01.pphosted.com Subject: Re: [PATCH][BZ 21295] getaddrinfo: do not overwrite IPv6 IPs with IPv4 when using AF_UNSPEC To: libc-alpha@sourceware.org References: <20170323132130.GA25347@kmeaw.com> <39fd154d-2434-f26a-82ce-09acf743de0b@redhat.com> From: Stefan Liebler Date: Thu, 6 Jul 2017 11:02:59 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.0 MIME-Version: 1.0 In-Reply-To: <39fd154d-2434-f26a-82ce-09acf743de0b@redhat.com> X-TM-AS-GCONF: 00 x-cbid: 17070609-0016-0000-0000-000004CFFF9A X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17070609-0017-0000-0000-000028036C6B Message-Id: X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-07-06_05:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=3 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1703280000 definitions=main-1707060155 On 06/24/2017 04:59 PM, Florian Weimer wrote: > On 03/23/2017 02:21 PM, kmeaw@kmeaw.com wrote: >> CVE-2016-3706 patch introduces a regression which disrupts connectivity >> from IPv6-only to dual-stack hosts. This is caused by >> convert_hostent_to_gaih_addrtuple which frees the result opposed to >> appending to it (prior to the CVE patch in gaih_inet). >> >> This change replaces free(*result) call with a loop which looks for the >> pointer to the end of the linked list (&(*result)->next), so successive >> calls append the result to the list instead of overwriting it. >> >> Bugzilla entry #21295 describes a way to reproduce the issue. > > Thanks. I have pushed your patch along with a test case tweak to cover > this area of getaddrinfo. > > Thanks, > Florian > Hi Florian, I've recognized the test-fail resolv/tst-resolv-basic on some but not all machines of mine on different architectures s390, intel, power and according to 2.26 release page, Joseph also recognized it on his arm, mips, power32 machines: warning: could not become root outside namespace (Operation not permitted) warning: unshare (CLONE_NEWUTS) failed: Operation not permitted warning: could not enter network namespace error: addrinfo comparison failure query: www.example:80 [10]/0x18 error: 2 test failures Does the ordering of the results matter? Bye. Stefan --- expected +++ actual @@ -1,3 +1,3 @@ flags: AI_V4MAPPED AI_ALL -address: STREAM/TCP 2001:db8::1 80 address: STREAM/TCP ::ffff:192.0.2.17 80 +address: STREAM/TCP 2001:db8::1 80 error: addrinfo comparison failure query: t.www.example:80 [10]/0x18 --- expected +++ actual @@ -1,3 +1,3 @@ flags: AI_V4MAPPED AI_ALL -address: STREAM/TCP 2001:db8::3 80 address: STREAM/TCP ::ffff:192.0.2.19 80 +address: STREAM/TCP 2001:db8::3 80