From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/8546
Path: news.gmane.org!not-for-mail
From: Rich Felker <dalias@libc.org>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: getaddrinfo usage with wrong ip family
Date: Tue, 22 Sep 2015 11:16:25 -0400
Message-ID: <20150922151625.GX17773@brightrain.aerifal.cx>
References: <06898546-AC9C-40F0-A2F5-2F1CC02E185C@gmail.com>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Trace: ger.gmane.org 1442935065 10425 80.91.229.3 (22 Sep 2015 15:17:45 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Tue, 22 Sep 2015 15:17:45 +0000 (UTC)
To: musl@lists.openwall.com
Original-X-From: musl-return-8558-gllmg-musl=m.gmane.org@lists.openwall.com Tue Sep 22 17:17:45 2015
Return-path: <musl-return-8558-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@m.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <musl-return-8558-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1ZePKC-0003lE-LZ
	for gllmg-musl@m.gmane.org; Tue, 22 Sep 2015 17:17:44 +0200
Original-Received: (qmail 26552 invoked by uid 550); 22 Sep 2015 15:16:39 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
Original-Received: (qmail 26465 invoked from network); 22 Sep 2015 15:16:38 -0000
Content-Disposition: inline
In-Reply-To: <06898546-AC9C-40F0-A2F5-2F1CC02E185C@gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Original-Sender: Rich Felker <dalias@aerifal.cx>
Xref: news.gmane.org gmane.linux.lib.musl.general:8546
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/8546>

On Tue, Sep 22, 2015 at 04:40:30PM +0200, Julien Ramseier wrote:
> Hello,
> 
> I discovered a potential problem in getaddrinfo/__lookup_name.
> When calling getaddrinfo  with an IP string not matching the specified family,
> name_from_numeric() in __lookup_name() will not recognize it and the 
> external dns resolver will be used.
> 
> So the following code:
> 
> const struct addrinfo hints = {
>     .ai_flags = AI_ADDRCONFIG,
>     .ai_family = AF_INET,
>     .ai_socktype = SOCK_STREAM,
> };
> 
> getaddrinfo("::1", NULL, &hints, &result);
> 
> will actually succeed instead of returning EAI_NONAME,
> and perform a "A ::1" query.
> Some misbehaving dns servers will then answer with 0.0.0.1.
> 
> I don’t know if this behavior is desirable. If not, I’m still not sure
> where this should be fixed. Maybe should we prevent sending
> A and AAAA dns queries with IP as hostname in __res_mkquery() ?

Sometime (it's been "soon" for a long time) I intend to add IDN
support, so the same place that goes would be the natural place to
pre-validate strings before sending them off in DNS queries. But I'm
not sure what the right filtering would be.

Another approach might be having __lookup_numeric always parse with
AF_UNSPEC, but return error rather than 0 results if the resulting
family does not match the requested family.

Anyone else have opinions on these ideas?

Rich