- Subject: Digested Articles
- From: Various
- Date: Sat Jun 12 20:59:00 1999
Topics:
libc/1160: nscd segfaults when attempting to cache host names with multiple IP address matches
libc/1156: Bug in gethostbyname implementation
----------------------------------------------------------------------
Date: Sat, 12 Jun 1999 14:32:39 -0400
From: sba@srl.caltech.edu
To: bugs@gnu.org
Subject: libc/1160: nscd segfaults when attempting to cache host names with multiple IP address matches
Message-Id: <199906121832.OAA06288@delysid.gnu.org>
>Number: 1160
>Category: libc
>Synopsis: nscd segfaults when attempting to cache host names with multiple IP address matches
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: libc-gnats
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Sat Jun 12 14:40:01 EDT 1999
>Last-Modified:
>Originator: sba@srl.caltech.edu
>Organization:
net
>Release: 2.1.1
>Environment:
Intel PII and PIII running RH6.0
>Description:
On both a single and dual processor Intel RH6.0 box, I have found that nscd
will segfault when a user does something as simple as ping aol.com. The
problem persists with both the RH version of glibc-2.1.1 and after compiling
and installing a clean copy of the official glibc-2.1.1 (compiled with -O
using egcs-1.1.2).
Note, the problem appears only when accessing a host name for which nslookup
returns more than one valid IP address.
>How-To-Repeat:
start nscd on a RH6.0 box
ping aol.com
nscd will segfaul
>Fix:
>Audit-Trail:
>Unformatted:
------------------------------
Date: Fri, 11 Jun 1999 21:29:31 +0200
From: Gabor Gombas <gombasg@inf.elte.hu>
To: bugs@gnu.org
Subject: libc/1156: Bug in gethostbyname implementation
Message-Id: <199906111929.VAA17364@babel.inf.elte.hu>
Content-Type: text/plain; charset=us-ascii
>Number: 1156
>Category: libc
>Synopsis: Bug in gethostbyname implementation
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: libc-gnats
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Fri Jun 11 16:20:02 EDT 1999
>Last-Modified: Fri Jun 11 17:52:41 EDT 1999
>Originator: Lord of the Files
>Organization:
>Release:
>Environment:
Host type: i386-pc-linux-gnu
System: Linux babel 2.2.9 #1 SMP Thu Jun 3 10:31:37 CEST 1999 i686 unknown
Architecture: i686
Addons: crypt linuxthreads nss-v1
Build CC: gcc
Compiler version: egcs-2.91.66 Debian GNU/Linux (egcs-1.1.2 release)
Kernel headers: UTS_RELEASE
Symbol versioning: yes
Build static: yes
Build shared: yes
Build pic-default: no
Build profile: yes
Build omitfp: no
Build bounded: no
Build static-nss: no
Stdio: libio
Description:
[the problem was reported by Stuart Anderson <sba@srl.caltech.edu>
on the Linux NIS+ list. I just verified it and provided a stack
trace.]
There seems to be a bug in the gethostbyname function. If I issue
'ping cnn.com' while nscd is running, nscd terminates with SIGSEGV.
Here is a stack trace:
Program received signal SIGSEGV, Segmentation fault.
0x4009c58b in __strcasecmp (s1=0x2e6e6e63 <Address 0x2e6e6e63 out of bounds>,
s2=0xbffff950 "cnn.com") at ../sysdeps/generic/strcasecmp.c:62
62 do
(gdb) bt
#0 0x4009c58b in __strcasecmp (
s1=0x2e6e6e63 <Address 0x2e6e6e63 out of bounds>, s2=0xbffff950 "cnn.com")
at ../sysdeps/generic/strcasecmp.c:62
#1 0x40145a22 in getanswer_r (answer=0xbffff2b0, anslen=468,
qname=0xbffff8c8 "cnn.com", qtype=1, result=0xbffff950,
buffer=0xbffff734 "", buflen=512, errnop=0x4012c2e0, h_errnop=0x4012b124)
at nss_dns/dns-host.c:588
#2 0x40144df6 in _nss_dns_gethostbyname2_r (name=0xbffffae0 "cnn.com", af=2,
result=0xbffff950, buffer=0xbffff734 "", buflen=512, errnop=0x4012c2e0,
h_errnop=0x4012b124) at nss_dns/dns-host.c:174
#3 0x804db4c in __gethostbyname2_r (name=0xbffffae0 "cnn.com", af=2,
resbuf=0xbffff950, buffer=0xbffff734 "", buflen=512, result=0xbffff94c,
h_errnop=0x4012b124) at ../nss/getXXbyYY_r.c:182
#4 0x804d1bd in addhstbyname (db=0x8051388, fd=4, req=0xbffffc2c,
key=0xbffffae0, caller_uid=0) at hstcache.c:415
#5 0x804a965 in handle_request (fd=4, req=0xbffffc2c, key=0xbffffae0,
caller=0xbffffc20) at connections.c:325
#6 0x804aea7 in nscd_run (p=0x0) at connections.c:460
#7 0x804af86 in start_threads () at connections.c:496
#8 0x8049c98 in main (argc=6, argv=0xbffffce4) at nscd.c:166
[Note: I have a somewhat modifed nscd daemon, but the problem is in
the underlying nss code]
How-To-Repeat:
Start nscd, and try 'ping cnn.com'
>Description:
>How-To-Repeat:
>Fix:
>Audit-Trail:
Responsible-Changed-From-To: gnats-admin->libc-gnats
Responsible-Changed-By: jaeger
Responsible-Changed-When: Fri Jun 11 17:52:29 1999
Responsible-Changed-Why:
This is a misfiled glibc report.
Andreas
>Unformatted:
Synopsis: bug in nss layer makes nscd terminate with SIGSEGV
Priority: medium
Category: libc
Class: sw-bug
Release: libc-2.1.1
------------------------------
End of forwardK8H2aF Digest
***************************