aboutsummaryrefslogtreecommitdiff
path: root/resolv
AgeCommit message (Collapse)AuthorFilesLines
2023-11-20resolv: free only initialized items from gai poolJan Palus1-1/+2
pool_max_size denotes total allocated rows in pool but possibly not yet initialized. it's pool_size that represents number of actually occupied rows hence use it when freeing pool to avoid freeing random addresses. Signed-off-by: Jan Palus <jpalus@fastmail.com> Reviewed-by: Florian Weimer <fweimer@redhat.com>
2023-10-02resolve: Remove __res_context_query alloca usageAdhemerval Zanella1-31/+23
The bufsize on current Linux build is: size_t bufsize = (type == 439963904 ? 2 : 1) * (12 + 4 + 255 + 1); So with upper bound as 544 (2 * (12 + 4 + 255 + 1)). However, it might increase to 2 * PACKETSIZE later with malloc. The default scratch_buffer should fullfill the most usual allocation requirement. Checked on x86_64-linux-gnu and i686-linux-gnu. Reviewed-by: Joe Simmons-Talbott <josimmon@redhat.com>
2023-09-29resolv: Fix a comment typo in __resolv_conf_loadArjun Shankar1-1/+1
The file being referred to is host.conf, not hosts.conf.
2023-09-13CVE-2023-4527: Stack read overflow with large TCP responses in no-aaaa modeFlorian Weimer3-1/+132
Without passing alt_dns_packet_buffer, __res_context_search can only store 2048 bytes (what fits into dns_packet_buffer). However, the function returns the total packet size, and the subsequent DNS parsing code in _nss_dns_gethostbyname4_r reads beyond the end of the stack-allocated buffer. Fixes commit f282cdbe7f436c75864e5640a4 ("resolv: Implement no-aaaa stub resolver option") and bug 30842.
2023-09-13resolv: Fix some unaligned accesses in resolver [BZ #30750]John David Anglin2-2/+4
Signed-off-by: John David Anglin <dave.anglin@bell.net>
2023-08-14resolv/nss_dns/dns-host: Get rid of alloca.Joe Simmons-Talbott1-2/+2
Since the alloca is a small constant size use an array instead. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-07-24Restore lookup of IPv4 mapped addresses in files database (bug 25457)Andreas Schwab1-0/+69
This was broken by commit 9c02d0784d ("nss_files: Remove RES_USE_INET6 from hosts processing"), which removed too much.
2023-06-07resolv_conf: release lock on allocation failure (bug 30527)Andreas Schwab1-1/+4
When the initial allocation of global fails, the local lock is left locked. Reported by Steffen Lammel of SAP HANA development.
2023-06-02Fix all the remaining misspellings -- BZ 25337Paul Pluzhnikov20-28/+28
2023-05-19hurd 64bit: Re-introduce gai_suspend symbolSamuel Thibault1-0/+2
4d3f846b88d3 ("hurd: Fix __TIMESIZE on x86_64") incidentaly dropped it because it fixed hurd 64bit into setting __TIMESIZE to 64, and that case was not having gai_suspend defined yet.
2023-05-01hurd 64bit: Add missing libanlSamuel Thibault1-1/+1
The move of libanl to libc was in glibc 2.34 for nptl only.
2023-03-27Move libc_freeres_ptrs and libc_subfreeres to hidden/weak functionsAdhemerval Zanella Netto6-17/+26
They are both used by __libc_freeres to free all library malloc allocated resources to help tooling like mtrace or valgrind with memory leak tracking. The current scheme uses assembly markers and linker script entries to consolidate the free routine function pointers in the RELRO segment and to be freed buffers in BSS. This patch changes it to use specific free functions for libc_freeres_ptrs buffers and call the function pointer array directly with call_function_static_weak. It allows the removal of both the internal macros and the linker script sections. Checked on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2023-02-16C2x strtol binary constant handlingJoseph Myers3-1/+32
C2x adds binary integer constants starting with 0b or 0B, and supports those constants in strtol-family functions when the base passed is 0 or 2. Implement that strtol support for glibc. As discussed at <https://sourceware.org/pipermail/libc-alpha/2020-December/120414.html>, this is incompatible with previous C standard versions, in that such an input string starting with 0b or 0B was previously required to be parsed as 0 (with the rest of the string unprocessed). Thus, as proposed there, this patch adds 20 new __isoc23_* functions with appropriate header redirection support. This patch does *not* do anything about scanf %i (which will need 12 new functions per long double variant, so 12, 24 or 36 depending on the glibc configuration), instead leaving that for a future patch. The function names would remain as __isoc23_* even if C2x ends up published in 2024 rather than 2023. Making this change leads to the question of what should happen to internal uses of these functions in glibc and its tests. The header redirection (which applies for _GNU_SOURCE or any other feature test macros enabling C2x features) has the effect of redirecting internal uses but without those uses then ending up at a hidden alias (see the comment in include/stdio.h about interaction with libc_hidden_proto). It seems desirable for the default for internal uses to be the same versions used by normal code using _GNU_SOURCE, so rather than doing anything to disable that redirection, similar macro definitions to those in include/stdio.h are added to the include/ headers for the new functions. Given that the default for uses in glibc is for the redirections to apply, the next question is whether the C2x semantics are correct for all those uses. Uses with the base fixed to 10, 16 or any other value other than 0 or 2 can be ignored. I think this leaves the following internal uses to consider (an important consideration for review of this patch will be both whether this list is complete and whether my conclusions on all entries in it are correct): benchtests/bench-malloc-simple.c benchtests/bench-string.h elf/sotruss-lib.c math/libm-test-support.c nptl/perf.c nscd/nscd_conf.c nss/nss_files/files-parse.c posix/tst-fnmatch.c posix/wordexp.c resolv/inet_addr.c rt/tst-mqueue7.c soft-fp/testit.c stdlib/fmtmsg.c support/support_test_main.c support/test-container.c sysdeps/pthread/tst-mutex10.c I think all of these places are OK with the new semantics, except for resolv/inet_addr.c, where the POSIX semantics of inet_addr do not allow for binary constants; thus, I changed that file (to use __strtoul_internal, whose semantics are unchanged) and added a test for this case. In the case of posix/wordexp.c I think accepting binary constants is OK since POSIX explicitly allows additional forms of shell arithmetic expressions, and in stdlib/fmtmsg.c SEV_LEVEL is not in POSIX so again I think accepting binary constants is OK. Functions such as __strtol_internal, which are only exported for compatibility with old binaries from when those were used in inline functions in headers, have unchanged semantics; the __*_l_internal versions (purely internal to libc and not exported) have a new argument to specify whether to accept binary constants. As well as for the standard functions, the header redirection also applies to the *_l versions (GNU extensions), and to legacy functions such as strtoq, to avoid confusing inconsistency (the *q functions redirect to __isoc23_*ll rather than needing their own __isoc23_* entry points). For the functions that are only declared with _GNU_SOURCE, this means the old versions are no longer available for normal user programs at all. An internal __GLIBC_USE_C2X_STRTOL macro is used to control the redirections in the headers, and cases in glibc that wish to avoid the redirections - the function implementations themselves and the tests of the old versions of the GNU functions - then undefine and redefine that macro to allow the old versions to be accessed. (There would of course be greater complexity should we wish to make any of the old versions into compat symbols / avoid them being defined at all for new glibc ABIs.) strtol_l.c has some similarity to strtol.c in gnulib, but has already diverged some way (and isn't listed at all at https://sourceware.org/glibc/wiki/SharedSourceFiles unlike strtoll.c and strtoul.c); I haven't made any attempts at gnulib compatibility in the changes to that file. I note incidentally that inttypes.h and wchar.h are missing the __nonnull present on declarations of this family of functions in stdlib.h; I didn't make any changes in that regard for the new declarations added.
2023-01-06Update copyright dates with scripts/update-copyrightsJoseph Myers95-95/+95
2022-12-19Avoid use of atoi in some places in libcJoseph Myers1-3/+3
This patch is split out of <https://sourceware.org/pipermail/libc-alpha/2022-December/144122.html>. atoi has undefined behavior on out-of-range input, which makes it problematic to use anywhere in glibc that might be processing input out-of-range for atoi but not specified to produce undefined behavior for the function calling atoi. Change some uses of atoi to call strtol instead; this avoids the undefined behavior, though there is no guarantee that the overflow handling of strtol is really right in those places either. This also serves to avoid localplt test failures given an installed header redirection for strtol (which means that the call from the inline atoi implementation doesn't end up at a hidden alias from libc_hidden_proto). Certainly, the use of atoi is questionable in argp-help.c (shared with gnulib, so shouldn't depend on glibc implementation details, and processing user-provided input), and maybe also in argp-parse.c (I'm not sure what that code in argp-parse.c is meant to be used for). I also changed inet/rexec.c and resolv/res_init.c similarly to use strtol to avoid such localplt failures, although given those files (in those versions) are only used in glibc it's not problematic for them to rely on the specific behavior of glibc's atoi on out-of-range input (in the absence of compiler optimizations based on the undefined behavior) in the same way it's problematic for gnulib code to do so. There may be other uses of atoi (or atol or atoll), in any of glibc's installed code, for which it would also be appropriate to avoid the undefined behavior on out-of-range input; this patch only fixes the specific cases needed to avoid localplt failures. Tested for x86_64.
2022-11-01configure: Use -Wno-ignored-attributes if compiler warns about multiple aliasesAdhemerval Zanella1-0/+1
clang emits an warning when a double alias redirection is used, to warn the the original symbol will be used even when weak definition is overridden. However, this is a common pattern for weak_alias, where multiple alias are set to same symbol. Reviewed-by: Fangrui Song <maskray@google.com>
2022-08-30resolv: Fix building tst-resolv-invalid-cname for earlier C standardsFlorian Weimer1-1/+1
This fixes this compiler error: tst-resolv-invalid-cname.c: In function ‘test_mode_to_string’: tst-resolv-invalid-cname.c:164:10: error: label at end of compound statement case test_mode_num: ^~~~~~~~~~~~~ Fixes commit 9caf782276ecea4bc86fc94fbb52779736f3106d ("resolv: Add new tst-resolv-invalid-cname").
2022-08-30nss_dns: Rewrite _nss_dns_gethostbyname4_r using current interfacesFlorian Weimer1-281/+162
Introduce struct alloc_buffer to this function, and use it and struct ns_rr_cursor in gaih_getanswer_slice. Adjust gaih_getanswer and gaih_getanswer_noaaaa accordingly. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-08-30resolv: Add new tst-resolv-invalid-cnameFlorian Weimer2-0/+409
This test checks resolution through CNAME chains that do not contain host names (bug 12154). Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-08-30nss_dns: In gaih_getanswer_slice, skip strange aliases (bug 12154)Florian Weimer1-4/+4
If the name is not a host name, skip adding it to the result, instead of reporting query failure. This fixes bug 12154 for getaddrinfo. This commit still keeps the old parsing code, and only adjusts when a host name is copied. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-08-30nss_dns: Rewrite getanswer_r to match getanswer_ptr (bug 12154, bug 29305)Florian Weimer1-298/+180
Allocate the pointer arrays only at the end, when their sizes are known. This addresses bug 29305. Skip over invalid names instead of failing lookups. This partially fixes bug 12154 (for gethostbyname, fixing getaddrinfo requires different changes). Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-08-30nss_dns: Remove remnants of IPv6 address mappingFlorian Weimer4-201/+9
res_use_inet6 always returns false since commit 3f8b44be0a658266adff5 ("resolv: Remove support for RES_USE_INET6 and the inet6 option"). Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-08-30nss_dns: Rewrite _nss_dns_gethostbyaddr2_r and getanswer_ptrFlorian Weimer1-303/+102
The simplification takes advantage of the split from getanswer_r. It fixes various aliases issues, and optimizes NSS buffer usage. The new DNS packet parsing helpers are used, too. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-08-30nss_dns: Split getanswer_ptr from getanswer_rFlorian Weimer1-52/+268
And expand the use of name_ok and qtype in getanswer_ptr (the former also in getanswer_r). After further cleanups, not much code will be shared between the two functions. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-08-30resolv: Add DNS packet parsing helpers geared towards wire formatFlorian Weimer4-0/+369
The public parser functions around the ns_rr record type produce textual domain names, but usually, this is not what we need while parsing DNS packets within glibc. This commit adds two new helper functions, __ns_rr_cursor_init and __ns_rr_cursor_next, for writing packet parsers, and struct ns_rr_cursor, struct ns_rr_wire as supporting types. In theory, it is possible to avoid copying the owner name into the rname field in __ns_rr_cursor_next, but this would need more functions that work on compressed names. Eventually, __res_context_send could be enhanced to preserve the result of the packet parsing that is necessary for matching the incoming UDP packets, so that this works does not have to be done twice. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-08-30resolv: Add internal __ns_name_length_uncompressed functionFlorian Weimer3-0/+212
This function is useful for checking that the question name is uncompressed (as it should be). Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-08-30resolv: Add the __ns_samebinaryname functionFlorian Weimer3-0/+122
During packet parsing, only the binary name is available. If the name equality check is performed before conversion to text, we can sometimes skip the last step. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-08-30resolv: Add internal __res_binary_hnok functionFlorian Weimer1-5/+9
During package parsing, only the binary representation is available, and it is convenient to check that directly for conformance with host name requirements. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-08-30resolv: Add tst-resolv-aliasesFlorian Weimer2-0/+256
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-08-30resolv: Add tst-resolv-byaddr for testing reverse lookupFlorian Weimer3-0/+360
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-06-24resolv/tst-resolv-noaaaa: Support building for older C standardsFlorian Weimer1-5/+9
This avoids a compilation error: tst-resolv-noaaaa.c: In function 'response': tst-resolv-noaaaa.c:74:11: error: a label can only be part of a statement and a declaration is not a statement char ipv4[4] = {192, 0, 2, i + 1}; ^~~~ tst-resolv-noaaaa.c:79:11: error: a label can only be part of a statement and a declaration is not a statement char *name = xasprintf ("ptr-%d", i); ^~~~
2022-06-24resolv: Implement no-aaaa stub resolver optionFlorian Weimer11-12/+773
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2022-04-13Replace {u}int_fast{16|32} with {u}int32_tNoah Goldstein1-1/+1
On 32-bit machines this has no affect. On 64-bit machines {u}int_fast{16|32} are set as {u}int64_t which is often not ideal. Particularly x86_64 this change both saves code size and may save instruction cost. Full xcheck passes on x86_64.
2022-03-31resolv: Initialize loop variable on tst-resolv-trailingAdhemerval Zanella1-1/+1
Checked on x86_64-linux-gnu and i686-linux-gnu.
2022-03-22resolv: Fix unaligned accesses to fields in HEADER structJohn David Anglin3-14/+21
The structure HEADER is normally aligned to a word boundary but sometimes it needs to be accessed when aligned on a byte boundary. This change defines a new typedef, UHEADER, with alignment 1. It is used to ensure the fields are accessed with byte loads and stores when necessary. V4: Change to res_mkquery.c deleted. Small whitespace fix. V5: Move UHEADER typedef to resolv/resolv-internal.h. Replace all HEADER usage with UHEADER in resolv/res_send.c. Signed-off-by: John David Anglin <dave.anglin@bell.net> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2022-02-24resolv: Fix tst-resolv tests for 2.35 ABIs and laterStafford Horne1-9/+9
The commit 737e873b30 ("resolv: Do not build libanl.so for ABIs starting at 2.35") disabled building libanl for ports supporting only 2.35 and later like OpenRISC. However, the if statement was not updated quite correctly and the change ends up disabling many tst-resolv* tests. This was not supposed to be done and it causes test dependency errors like: make: Entering directory 'gnu-home/glibc/resolv' make: *** No rule to make target 'gnu-home/build-glibc/resolv/tst-resolv-res_ninit.out', needed by 'gnu-home/build-glibc/resolv/mtrace-tst-resolv-res_ninit.out'. Stop. make: Leaving directory 'gnu-home/glibc/resolv' This patch move the extra-libs += libanl definition and condition down to be closer to other libanl definitions. The $(have-GLIBC_2.34) condition now includes libanl-routines and libanl-shared-only-routines as well. Also, I have added a comment to endif of $(have-thread-library) to help show the bondary of the have-thread-library definitions. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2022-01-01Update copyright dates with scripts/update-copyrightsPaul Eggert82-82/+82
I used these shell commands: ../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright (cd ../glibc && git commit -am"[this commit message]") and then ignored the output, which consisted lines saying "FOO: warning: copyright statement not found" for each of 7061 files FOO. I then removed trailing white space from math/tgmath.h, support/tst-support-open-dev-null-range.c, and sysdeps/x86_64/multiarch/strlen-vec.S, to work around the following obscure pre-commit check failure diagnostics from Savannah. I don't know why I run into these diagnostics whereas others evidently do not. remote: *** 912-#endif remote: *** 913: remote: *** 914- remote: *** error: lines with trailing whitespace found ... remote: *** error: sysdeps/unix/sysv/linux/statx_cp.c: trailing lines
2021-12-30resolv: Do not install libanl.so symbolic linkAdhemerval Zanella1-0/+5
2021-12-30resolv: Do not build libanl.so for ABIs starting at 2.35Adhemerval Zanella1-1/+5
2021-10-11resolv: Avoid GCC 12 false positive warning [BZ #28439].Martin Sebor1-1/+3
Replace a call to sprintf with an equivalent pair of stpcpy/strcpy calls to avoid a GCC 12 -Wformat-overflow false positive due to recent optimizer improvements.
2021-10-08resolv: make res_randomid use random_bits()Cristian Rodríguez1-1/+2
It is at least "more random" than 0xffff & __getpid (); Signed-off-by: Cristian Rodríguez <crrodriguez@opensuse.org> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2021-09-03Remove "Contributed by" linesSiddhesh Poyarekar12-12/+0
We stopped adding "Contributed by" or similar lines in sources in 2012 in favour of git logs and keeping the Contributors section of the glibc manual up to date. Removing these lines makes the license header a bit more consistent across files and also removes the possibility of error in attribution when license blocks or files are copied across since the contributed-by lines don't actually reflect reality in those cases. Move all "Contributed by" and similar lines (Written by, Test by, etc.) into a new file CONTRIBUTED-BY to retain record of these contributions. These contributors are also mentioned in manual/contrib.texi, so we just maintain this additional record as a courtesy to the earlier developers. The following scripts were used to filter a list of files to edit in place and to clean up the CONTRIBUTED-BY file respectively. These were not added to the glibc sources because they're not expected to be of any use in future given that this is a one time task: https://gist.github.com/siddhesh/b5ecac94eabfd72ed2916d6d8157e7dc https://gist.github.com/siddhesh/15ea1f5e435ace9774f485030695ee02 Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-22Move malloc hooks into a compat DSOSiddhesh Poyarekar1-3/+6
Remove all malloc hook uses from core malloc functions and move it into a new library libc_malloc_debug.so. With this, the hooks now no longer have any effect on the core library. libc_malloc_debug.so is a malloc interposer that needs to be preloaded to get hooks functionality back so that the debugging features that depend on the hooks, i.e. malloc-check, mcheck and mtrace work again. Without the preloaded DSO these debugging features will be nops. These features will be ported away from hooks in subsequent patches. Similarly, legacy applications that need hooks functionality need to preload libc_malloc_debug.so. The symbols exported by libc_malloc_debug.so are maintained at exactly the same version as libc.so. Finally, static binaries will no longer be able to use malloc debugging features since they cannot preload the debugging DSO. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-07-20resolv: Do not install libnss_dns.a, libnss_dns.soFlorian Weimer1-0/+8
Fixes commit e1fcf21474c5b522f ("resolv: Move nss_dns into libc").
2021-07-19nss: Directly load nss_dns, without going through dlsym/dlopenFlorian Weimer2-0/+41
This partially fixes static-only NSS support (bug 27959): The dns module no longer needs dlopen. Support for disabling dlopen altogher remains to be added. This commit introduces module_load_builtin into nss/nss_module.c, which handles the common parts of loading the built-in nss_files and nss_dns modules. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-07-19resolv: Move nss_dns into libcFlorian Weimer5-57/+46
No abilist updates are needed because the symbols were GLIBC_PRIVATE. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-07-19resolv: Move res_query functions into libcFlorian Weimer5-52/+76
This switches to public symbols without __ prefixes, due to improved namespace management in glibc. The script was used with --no-new-version to move the symbols __res_nquery, __res_nquerydomain, __res_nsearch, __res_query, __res_querydomain, __res_search, res_query, res_querydomain, res_search. The public symbols res_nquery, res_nquerydomain, res_nsearch, res_ownok, res_query, res_querydomain, res_search were added with make update-all-abi. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-07-19resolv: Move res_mkquery, res_nmkquery into libcFlorian Weimer5-28/+40
This switches to public symbols without __ prefixes, due to improved namespace management in glibc. The symbols res_mkquery, __res_mkquery, __res_nmkquery were moved with the script (using --no-new-version). res_mkquery@@GLIBC_2.34, res_nmkquery@@GLIBC_2.34 were added using make update-all-abi. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2021-07-19resolv: Move res_send, res_nsend into libcFlorian Weimer6-30/+45
Switch to public symbols without __ prefix (due to improved namespace management). __res_send, __res_nsend were moved using the script (with --no-new-version). res_send@@GLIBC_2.34 and res_nsend@@GLIBC_2.34 were added using make update-all-abi. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-07-19resolv: Move res_hostalias into its own file, along with hostaliasFlorian Weimer3-30/+52
These deprecated symbols continue to be exported from libresolv. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>