summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAurelien Jarno <aurel32@debian.org>2012-11-30 15:04:27 -0500
committerDavid S. Miller <davem@davemloft.net>2012-11-30 15:04:27 -0500
commitcc8bb21c8ad619148c022af6e39ca8a5086a6a88 (patch)
treef3410b5396aad70d5fcc55913c8781c8abfb5581
parentb062e14ff3df0942d21c8904e3fca87fac25b85b (diff)
downloadglibc-cc8bb21c8ad619148c022af6e39ca8a5086a6a88.tar.gz
Fix assertion failures in resolver (BZ #13013).
[BZ #13013] * resolv/res_query.c(__libc_res_nquery): Assign hp and hp2 depending n and resplen2 to catch cases where answer equals answerp2.
-rw-r--r--ChangeLog7
-rw-r--r--NEWS4
-rw-r--r--resolv/res_query.c30
3 files changed, 24 insertions, 17 deletions
diff --git a/ChangeLog b/ChangeLog
index dabb7d13f3..bc0f71cbfb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2011-11-30 Aurelien Jarno <aurel32@debian.org>
+
+ [BZ #13013]
+ * resolv/res_query.c(__libc_res_nquery): Assign hp and hp2
+ depending n and resplen2 to catch cases where answer
+ equals answerp2.
+
2012-11-29 Carlos O'Donell <carlos@systemhalted.org>
* elf/get-dynamic-info.h (elf_get_dynamic_info): Warn
diff --git a/NEWS b/NEWS
index 79d29709a5..744df37833 100644
--- a/NEWS
+++ b/NEWS
@@ -10,8 +10,8 @@ Version 2.17
* The following bugs are resolved with this release:
1349, 3439, 3479, 3665, 5044, 5246, 5298, 5400, 6530, 6677, 6778, 6808,
- 9685, 9914, 10014, 10038, 10631, 10873, 11438, 11607, 11638, 11741,
- 12140, 13412, 13542, 13601, 13603, 13604, 13629, 13679, 13696, 13698,
+ 9685, 9914, 10014, 10038, 10631, 10873, 11438, 11607, 11638, 11741, 12140,
+ 13013, 13412, 13542, 13601, 13603, 13604, 13629, 13679, 13696, 13698,
13717, 13741, 13759, 13761, 13763, 13881, 13939, 13950, 13952, 13966,
14042, 14047, 14090, 14150, 14151, 14152, 14154, 14157, 14166, 14173,
14195, 14197, 14237, 14251, 14252, 14283, 14298, 14303, 14307, 14328,
diff --git a/resolv/res_query.c b/resolv/res_query.c
index abccd4a921..1325f9772d 100644
--- a/resolv/res_query.c
+++ b/resolv/res_query.c
@@ -122,6 +122,7 @@ __libc_res_nquery(res_state statp,
int *resplen2)
{
HEADER *hp = (HEADER *) answer;
+ HEADER *hp2;
int n, use_malloc = 0;
u_int oflags = statp->_flags;
@@ -239,26 +240,25 @@ __libc_res_nquery(res_state statp,
/* __libc_res_nsend might have reallocated the buffer. */
hp = (HEADER *) *answerp;
- /* We simplify the following tests by assigning HP to HP2. It
- is easy to verify that this is the same as ignoring all
- tests of HP2. */
- HEADER *hp2 = answerp2 ? (HEADER *) *answerp2 : hp;
-
- if (n < (int) sizeof (HEADER) && answerp2 != NULL
- && *resplen2 > (int) sizeof (HEADER))
+ /* We simplify the following tests by assigning HP to HP2 or
+ vice versa. It is easy to verify that this is the same as
+ ignoring all tests of HP or HP2. */
+ if (answerp2 == NULL || *resplen2 < (int) sizeof (HEADER))
{
- /* Special case of partial answer. */
- assert (hp != hp2);
- hp = hp2;
+ hp2 = hp;
}
- else if (answerp2 != NULL && *resplen2 < (int) sizeof (HEADER)
- && n > (int) sizeof (HEADER))
+ else
{
- /* Special case of partial answer. */
- assert (hp != hp2);
- hp2 = hp;
+ hp2 = (HEADER *) *answerp2;
+ if (n < (int) sizeof (HEADER))
+ {
+ hp = hp2;
+ }
}
+ /* Make sure both hp and hp2 are defined */
+ assert((hp != NULL) && (hp2 != NULL));
+
if ((hp->rcode != NOERROR || ntohs(hp->ancount) == 0)
&& (hp2->rcode != NOERROR || ntohs(hp2->ancount) == 0)) {
#ifdef DEBUG