GNU bug report logs - #22811
adns crash bugfix/patch

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: adns; Reported by: Jared Mauch <jared@HIDDEN>; dated Fri, 26 Feb 2016 01:40:01 UTC; Maintainer for adns is adns-discuss@HIDDEN.

Message received at 22811 <at> debbugs.gnu.org:

Received: (at 22811) by debbugs.gnu.org; 12 Aug 2016 21:12:43 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Aug 12 17:12:43 2016
Received: from localhost ([127.0.0.1]:55485 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1bYJkx-0004ks-4n
	for submit <at> debbugs.gnu.org; Fri, 12 Aug 2016 17:12:43 -0400
Received: from chiark.greenend.org.uk ([212.13.197.229]:60701
 ident=Debian-exim) by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ijackson@HIDDEN>) id 1bYJkv-0004kk-Cr
 for 22811 <at> debbugs.gnu.org; Fri, 12 Aug 2016 17:12:41 -0400
Received: by chiark.greenend.org.uk (Debian Exim 4.84_2 #1) with local
 (return-path ijackson@HIDDEN)
 id 1bYJku-0001jm-JB; Fri, 12 Aug 2016 22:12:40 +0100
From: Ian Jackson <ijackson@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <22446.15304.528894.311459@HIDDEN>
Date: Fri, 12 Aug 2016 22:12:40 +0100
To: Jared Mauch <jared@HIDDEN>
Subject: Re: bug#22811: adns crash bugfix/patch
Newsgroups: chiark.mail.adns.discuss
In-Reply-To: <FDEA0E83-E654-40F2-8D3F-545E82371402@HIDDEN>
References: <FDEA0E83-E654-40F2-8D3F-545E82371402@HIDDEN>
X-Mailer: VM 8.2.0b under 24.4.1 (i586-pc-linux-gnu)
X-Spam-Score: -2.8 (--)
X-Debbugs-Envelope-To: 22811
Cc: 22811 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.8 (--)

Jared Mauch writes ("bug#22811: adns crash bugfix/patch"):
> This occurs when something is queried and comes back bogus/semi-bogus, eg:

Thanks.  I have a different fix for this in my tree which I am about
to release.

Regards,
Ian.

Information forwarded to adns-discuss@HIDDEN:
bug#22811; Package adns. Full text available.

Message received at submit <at> debbugs.gnu.org:

Received: (at submit) by debbugs.gnu.org; 26 Feb 2016 01:39:39 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Feb 25 20:39:39 2016
Received: from localhost ([127.0.0.1]:46492 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1aZ7Nb-0003Lb-5g
	for submit <at> debbugs.gnu.org; Thu, 25 Feb 2016 20:39:39 -0500
Received: from puck.nether.net ([204.42.254.5]:60674)
 by debbugs.gnu.org with esmtp (Exim 4.84)
 (envelope-from <jared@HIDDEN>) id 1aZ7Dk-00035w-L1
 for submit <at> debbugs.gnu.org; Thu, 25 Feb 2016 20:29:28 -0500
Received: from [IPv6:2601:401:3:6a00:9121:4b53:2e29:c38e] (unknown
 [IPv6:2601:401:3:6a00:9121:4b53:2e29:c38e])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by puck.nether.net (Postfix) with ESMTPSA id B0756540760;
 Thu, 25 Feb 2016 20:29:25 -0500 (EST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3120\))
Subject: adns crash bugfix/patch
From: Jared Mauch <jared@HIDDEN>
Date: Thu, 25 Feb 2016 20:29:26 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <FDEA0E83-E654-40F2-8D3F-545E82371402@HIDDEN>
To: submit <at> debbugs.gnu.org
X-Mailer: Apple Mail (2.3120)
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: submit
X-Mailman-Approved-At: Thu, 25 Feb 2016 20:39:37 -0500
Cc: ijackson@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.0 (/)

Package: adns


diff --git a/src/types.c b/src/types.c
index d65e155..55bf098 100644
--- a/src/types.c
+++ b/src/types.c
@@ -984,12 +984,13 @@ static int di_hostaddr(adns_state ads,
 }
=20
 static void mfp_hostaddr(adns_query qu, adns_rr_hostaddr *rrp) {
-  void *tablev;
+  void *tablev =3D NULL;
   size_t addrsz=3D gsz_addr(0, qu->answer->type);
=20
   adns__makefinal_str(qu,&rrp->host);
   tablev=3D rrp->addrs;
-  adns__makefinal_block(qu, &tablev, rrp->naddrs*addrsz);
+  if (rrp->naddrs > 0)
+    adns__makefinal_block(qu, &tablev, rrp->naddrs*addrsz);
   rrp->addrs=3D tablev;
 }
=20

This occurs when something is queried and comes back bogus/semi-bogus, =
eg:

(gdb) bt
#0  __memcpy_sse2_unaligned () at =
../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S:116
#1  0x00007ff5811c0b68 in memcpy (__len=3D18446744073709551584, =
__src=3D0x25fb6a8, __dest=3D<optimized out>) at =
/usr/include/x86_64-linux-gnu/bits/string3.h:51
#2  adns__makefinal_block (qu=3Dqu@entry=3D0x2478590, =
blpp=3Dblpp@entry=3D0x7ffd2c153db8, sz=3D18446744073709551584) at =
../src/query.c:675
#3  0x00007ff5811bb8ae in mfp_hostaddr (qu=3D0x2478590, rrp=3D0x24af8f0) =
at ../src/types.c:992
#4  0x00007ff5811c0d5c in makefinal_query (qu=3D0x2478590) at =
../src/query.c:593
#5  adns__query_done (qu=3D0x2478590) at ../src/query.c:646
#6  0x00007ff5811c097a in adns__returning (ads=3Dads@entry=3D0x242a010, =
qu_for_caller=3Dqu_for_caller@entry=3D0x0) at ../src/query.c:514
#7  0x00007ff5811be988 in adns_processreadable (ads=3D0x242a010, fd=3D3, =
now=3D0x7ffd2c154148) at ../src/event.c:429
#8  0x00007ff5811bf854 in fd_event (ads=3D0x242a010, fd=3D39827112, =
fd@entry=3D3, revent=3D-32, revent@entry=3D7, pollflag=3D526672, =
pollflag@entry=3D1, maxfd=3D32917, maxfd@entry=3D6, =
fds=3D0xffffffffffffffe, fds@entry=3D0x7ffd2c1542d0,=20
    func=3Dfunc@entry=3D0x7ff5811be7b0 <adns_processreadable>, now=3D..., =
r_r=3Dr_r@entry=3D0x0) at ../src/event.c:519
#9  0x00007ff5811bf94e in adns__fdevents (ads=3Dads@entry=3D0x242a010, =
pollfds=3Dpollfds@entry=3D0x7ffd2c154210, npollfds=3D<optimized out>, =
maxfd=3Dmaxfd@entry=3D6, readfds=3Dreadfds@entry=3D0x7ffd2c1542d0, =
writefds=3Dwritefds@entry=3D0x7ffd2c154350,=20
    exceptfds=3Dexceptfds@entry=3D0x7ffd2c1543d0, now=3D..., =
r_r=3Dr_r@entry=3D0x0) at ../src/event.c:544
#10 0x00007ff5811bfaa5 in adns_afterselect (ads=3D0x242a010, maxfd=3D6, =
readfds=3Dreadfds@entry=3D0x7ffd2c1542d0, =
writefds=3Dwritefds@entry=3D0x7ffd2c154350, =
exceptfds=3Dexceptfds@entry=3D0x7ffd2c1543d0, now=3D0x7ffd2c154200, =
now@entry=3D0x0) at ../src/event.c:599
#11 0x000000000040166c in main (argc=3D<optimized out>, argv=3D<optimized =
out>) at adh-main.c:268
(gdb) up
#4  0x00007ff5811c0d5c in makefinal_query (qu=3D0x2478590) at =
../src/query.c:593
593	      qu->typei->makefinal(qu, ans->rrs.bytes + rrn*ans->rrsz);
(gdb) up
#5  adns__query_done (qu=3D0x2478590) at ../src/query.c:646
646	    makefinal_query(qu);
(gdb) print qu
$6 =3D (adns_query) 0x2478590
(gdb) up
#6  0x00007ff5811c097a in adns__returning (ads=3Dads@entry=3D0x242a010, =
qu_for_caller=3Dqu_for_caller@entry=3D0x0) at ../src/query.c:514
514	    iq->ctx.callback(parent,iq);
(gdb) print parent
$7 =3D <optimized out>
(gdb) print iq
$8 =3D (adns_query) 0x24d8db0
(gdb) down
#5  adns__query_done (qu=3D0x2478590) at ../src/query.c:646
646	    makefinal_query(qu);
(gdb) down
#4  0x00007ff5811c0d5c in makefinal_query (qu=3D0x2478590) at =
../src/query.c:593
593	      qu->typei->makefinal(qu, ans->rrs.bytes + rrn*ans->rrsz);
(gdb) down
#3  0x00007ff5811bb8ae in mfp_hostaddr (qu=3D0x2478590, rrp=3D0x24af8f0) =
at ../src/types.c:992
992	  adns__makefinal_block(qu, &tablev, rrp->naddrs*addrsz);
(gdb) print rrp->naddrs
$9 =3D -1

Acknowledgement sent to Jared Mauch <jared@HIDDEN>:
New bug report received and forwarded. Copy sent to adns-discuss@HIDDEN. Full text available.

Report forwarded to adns-discuss@HIDDEN:
bug#22811; Package adns. Full text available.

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Last modified: Mon, 25 Nov 2019 12:00:02 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #22811 adns crash bugfix/patch

Message received at 22811 <at> debbugs.gnu.org:

Message received at submit <at> debbugs.gnu.org:

GNU bug report logs - #22811
adns crash bugfix/patch