From: Peter Wagner <tripolar@gmx.at>
To: Chuck Lever <chuck.lever@oracle.com>
Cc: linux-nfs@vger.kernel.org, SteveD@redhat.com
Subject: Re: [PATCH v2] Remove abuse of ai_canonname
Date: Thu, 21 Feb 2019 12:25:05 +0100 [thread overview]
Message-ID: <20190221122505.1fae70a7@onion.lan> (raw)
In-Reply-To: <20190219155220.17240.31293.stgit@manet.1015granger.net>
On Tue, 19 Feb 2019 10:52:36 -0500
Chuck Lever <chuck.lever@oracle.com> wrote:
> Peter Wagner <tripolar@gmx.at> reports a portability issue with
> freeing ai_canonname (and subsequently replacing that pointer via
> strdup(3)). The relevant standards text is:
>
> > If nodename is not null, and if requested by the AI_CANONNAME
> > flag, the ai_canonname field of the first returned addrinfo
> > structure shall point to a null-terminated string containing the
> > canonical name corresponding to the input nodename; if the
> > canonical name is not available, then ai_canonname shall refer to
> > the nodename argument or a string with the same contents.
>
> There is no indication that this string may be freed using free(3).
> Eg, the library could have allocated it as part of the addrinfo
> struct itself, or it could point to static memory. The Linux man
> page is equally silent on this issue.
>
> There is only one caller to host_reliable_addrinfo() that actually
> uses the string in ai->ai_canonname, and then only for debugging
> messages. Change those to display the IP address instead.
>
> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Peter Wagner <tripolar@gmx.at>
> ---
> support/export/hostname.c | 58
> +++++++++------------------------------------
> utils/mountd/auth.c | 16 ++++++------ 2 files changed, 20
> insertions(+), 54 deletions(-)
>
>
> Compile-tested only.
>
>
> diff --git a/support/export/hostname.c b/support/export/hostname.c
> index 5c4c824..96c5449 100644
> --- a/support/export/hostname.c
> +++ b/support/export/hostname.c
> @@ -264,9 +264,9 @@ host_canonname(const struct sockaddr *sap)
> * Reverse and forward lookups are performed to ensure the address
> has
> * matching forward and reverse mappings.
> *
> - * Returns addrinfo structure with just the provided address with
> - * ai_canonname filled in. If there is a problem with resolution or
> - * the resolved records don't match up properly then it returns NULL
> + * Returns addrinfo structure with just the provided address. If
> there
> + * is a problem with resolution or the resolved records don't match
> up
> + * properly then returns NULL.
> *
> * Caller must free the returned structure with freeaddrinfo(3).
> */
> @@ -277,13 +277,15 @@ host_reliable_addrinfo(const struct sockaddr
> *sap) struct addrinfo *ai, *a;
> char *hostname;
>
> + ai = NULL;
> hostname = host_canonname(sap);
> if (hostname == NULL)
> - return NULL;
> + goto out;
>
> ai = host_addrinfo(hostname);
> + free(hostname);
> if (!ai)
> - goto out_free_hostname;
> + goto out;
>
> /* make sure there's a matching address in the list */
> for (a = ai; a; a = a->ai_next)
> @@ -291,22 +293,15 @@ host_reliable_addrinfo(const struct sockaddr
> *sap) break;
>
> freeaddrinfo(ai);
> + ai = NULL;
> if (!a)
> - goto out_free_hostname;
> + goto out;
>
> /* get addrinfo with just the original address */
> ai = host_numeric_addrinfo(sap);
> - if (!ai)
> - goto out_free_hostname;
>
> - /* and populate its ai_canonname field */
> - free(ai->ai_canonname);
> - ai->ai_canonname = hostname;
> +out:
> return ai;
> -
> -out_free_hostname:
> - free(hostname);
> - return NULL;
> }
>
> /**
> @@ -323,7 +318,6 @@ host_numeric_addrinfo(const struct sockaddr *sap)
> {
> socklen_t salen = nfs_sockaddr_length(sap);
> char buf[INET6_ADDRSTRLEN];
> - struct addrinfo *ai;
> int error;
>
> if (salen == 0) {
> @@ -348,21 +342,7 @@ host_numeric_addrinfo(const struct sockaddr *sap)
> return NULL;
> }
>
> - ai = host_pton(buf);
> -
> - /*
> - * getaddrinfo(AI_NUMERICHOST) never fills in ai_canonname
> - */
> - if (ai != NULL) {
> - free(ai->ai_canonname); /* just in
> case */
> - ai->ai_canonname = strdup(buf);
> - if (ai->ai_canonname == NULL) {
> - freeaddrinfo(ai);
> - ai = NULL;
> - }
> - }
> -
> - return ai;
> + return host_pton(buf);
> }
> #else /* !HAVE_GETNAMEINFO */
> __attribute__((__malloc__))
> @@ -372,7 +352,6 @@ host_numeric_addrinfo(const struct sockaddr *sap)
> const struct sockaddr_in *sin = (const struct sockaddr_in
> *)sap; const struct in_addr *addr = &sin->sin_addr;
> char buf[INET_ADDRSTRLEN];
> - struct addrinfo *ai;
>
> if (sap->sa_family != AF_INET)
> return NULL;
> @@ -382,19 +361,6 @@ host_numeric_addrinfo(const struct sockaddr *sap)
> (socklen_t)sizeof(buf)) ==
> NULL) return NULL;
>
> - ai = host_pton(buf);
> -
> - /*
> - * getaddrinfo(AI_NUMERICHOST) never fills in ai_canonname
> - */
> - if (ai != NULL) {
> - ai->ai_canonname = strdup(buf);
> - if (ai->ai_canonname == NULL) {
> - freeaddrinfo(ai);
> - ai = NULL;
> - }
> - }
> -
> - return ai;
> + return host_pton(buf);
> }
> #endif /* !HAVE_GETNAMEINFO */
> diff --git a/utils/mountd/auth.c b/utils/mountd/auth.c
> index 8299256..cb4848c 100644
> --- a/utils/mountd/auth.c
> +++ b/utils/mountd/auth.c
> @@ -261,40 +261,40 @@ auth_authenticate(const char *what, const
> struct sockaddr *caller, *p = '\0';
> }
>
> + host_ntop(caller, buf, sizeof(buf));
> switch (error) {
> case bad_path:
> xlog(L_WARNING, "bad path in %s request from %s:
> \"%s\"",
> - what, host_ntop(caller, buf, sizeof(buf)),
> path);
> + what, buf, path);
> break;
>
> case unknown_host:
> xlog(L_WARNING, "refused %s request from %s for %s
> (%s): unmatched host",
> - what, host_ntop(caller, buf, sizeof(buf)),
> path, epath);
> + what, buf, path, epath);
> break;
>
> case no_entry:
> xlog(L_WARNING, "refused %s request from %s for %s
> (%s): no export entry",
> - what, ai->ai_canonname, path, epath);
> + what, buf, path, epath);
> break;
>
> case not_exported:
> xlog(L_WARNING, "refused %s request from %s for %s
> (%s): not exported",
> - what, ai->ai_canonname, path, epath);
> + what, buf, path, epath);
> break;
>
> case illegal_port:
> xlog(L_WARNING, "refused %s request from %s for %s
> (%s): illegal port %u",
> - what, ai->ai_canonname, path, epath,
> nfs_get_port(caller));
> + what, buf, path, epath, nfs_get_port(caller));
> break;
>
> case success:
> xlog(L_NOTICE, "authenticated %s request from %s:%u
> for %s (%s)",
> - what, ai->ai_canonname, nfs_get_port(caller),
> path, epath);
> + what, buf, nfs_get_port(caller), path, epath);
> break;
> default:
> xlog(L_NOTICE, "%s request from %s:%u for %s (%s)
> gave %d",
> - what, ai->ai_canonname, nfs_get_port(caller),
> - path, epath, error);
> + what, buf, nfs_get_port(caller), path, epath,
> error); }
>
> freeaddrinfo(ai);
>
next prev parent reply other threads:[~2019-02-21 11:24 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-19 15:52 [PATCH v2] Remove abuse of ai_canonname Chuck Lever
2019-02-19 18:57 ` Peter Wagner
2019-02-19 19:40 ` Chuck Lever
2019-02-20 18:12 ` Steve Dickson
2019-02-21 11:25 ` Peter Wagner [this message]
2019-02-27 16:53 ` Steve Dickson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190221122505.1fae70a7@onion.lan \
--to=tripolar@gmx.at \
--cc=SteveD@redhat.com \
--cc=chuck.lever@oracle.com \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).