mirror/glibc
2
0
Fork 0
mirror of git://sourceware.org/git/glibc.git synced 2025-03-31 14:01:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

getaddrinfo: Fix leak with AI_ALL [BZ #28852]

Browse Source 
Use realloc in convert_hostent_to_gaih_addrtuple and fix up pointers in
the result list so that a single block is maintained for
hostbyname3_r/hostbyname2_r and freed in gaih_inet.  This result is
never merged with any other results, since the hosts database does not
permit merging.

Resolves BZ #28852.

Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: DJ Delorie <dj@redhat.com>
This commit is contained in:
Siddhesh Poyarekar 2022-03-03 23:07:42 +05:30 committed by Pranav Kant
parent be3c0fe888
commit 82dcfc6d7b
1 changed files with 25 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
sysdeps/posix/getaddrinfo.c
View File

@ -186,19 +186,16 @@ gaih_inet_serv (const char *servicename, const struct gaih_typeproto *tp,
return 0;
}
/* Convert struct hostent to a list of struct gaih_addrtuple objects.
h_name is not copied, and the struct hostent object must not be
deallocated prematurely. *RESULT must be NULL or a pointer to a
linked-list. The new addresses are appended at the end. */
/* Convert struct hostent to a list of struct gaih_addrtuple objects. h_name
is not copied, and the struct hostent object must not be deallocated
prematurely. The new addresses are appended to the tuple array in
RESULT. */
static bool
convert_hostent_to_gaih_addrtuple (const struct addrinfo *req,
int family,
struct hostent *h,
struct gaih_addrtuple **result)
{
while (*result)
result = &(*result)->next;
/* Count the number of addresses in h->h_addr_list. */
size_t count = 0;
for (char **p = h->h_addr_list; *p != NULL; ++p)
@ -209,10 +206,30 @@ convert_hostent_to_gaih_addrtuple (const struct addrinfo *req,
if (count == 0 || h->h_length > sizeof (((struct gaih_addrtuple) {}).addr))
return true;
struct gaih_addrtuple *array = calloc (count, sizeof (*array));
struct gaih_addrtuple *array = *result;
size_t old = 0;
while (array != NULL)
{
old++;
array = array->next;
}
array = realloc (*result, (old + count) * sizeof (*array));
if (array == NULL)
return false;
*result = array;
/* Update the next pointers on reallocation. */
for (size_t i = 0; i < old; i++)
array[i].next = array + i + 1;
array += old;
memset (array, 0, count * sizeof (*array));
for (size_t i = 0; i < count; ++i)
{
if (family == AF_INET && req->ai_family == AF_INET6)
@ -232,7 +249,6 @@ convert_hostent_to_gaih_addrtuple (const struct addrinfo *req,
array[0].name = h->h_name;
array[count - 1].next = NULL;
*result = array;
return true;
}