From: Rich Felker <dalias@libc.org>
To: Markus Wichmann <nullplan@gmx.net>
Cc: musl@lists.openwall.com
Subject: Re: [musl] IPv4 fallback in __res_msend_rc not functional
Date: Wed, 24 Aug 2022 19:26:58 -0400 [thread overview]
Message-ID: <20220824232657.GL7074@brightrain.aerifal.cx> (raw)
In-Reply-To: <20220824190349.GB1923@voyager>
On Wed, Aug 24, 2022 at 09:03:49PM +0200, Markus Wichmann wrote:
> Hi all,
>
> I noticed something while reading some code: There is a fallback in
> __res_msend_rc(), in case an IPv6 socket is requested but cannot be
> allocated. In that case, the function tries to create an IPv4 socket
> instead. However, I do not think this code can work that way. For
> reference, this is the code:
>
> /* Get local address and open/bind a socket */
> sa.sin.sin_family = family;
> fd = socket(family, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
>
> /* Handle case where system lacks IPv6 support */
> if (fd < 0 && family == AF_INET6 && errno == EAFNOSUPPORT) {
> fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
> family = AF_INET;
> }
> if (fd < 0 || bind(fd, (void *)&sa, sl) < 0) {
> if (fd >= 0) close(fd);
> pthread_setcancelstate(cs, 0);
> return -1;
> }
>
> The problem is, if the fallback is triggered, the local address is still
> set to be an IPv6 address, and so the bind() must necessarily fail with
> EINVAL.
>
> The fix depends on whether the fallback is still intended functionality
> or not. If not, then the easiest would be to just get rid of the entire
> fallback block. If the fallback is still intended to work, then the
> fallback block must reset sl to the length of an IPv4 socket, and the
> setting of sa.sin.sin_family must be delayed until after that block.
>
> There is also the issue of the sendto() loop further down in the
> function. If it is intended that the socket can be an IPv4 socket but
> there can be IPv6 addresses in the list, then it might be prudent to
> prevent sendto() from sending to the wrong address family. Or not, I
> mean, you do not test for errors from sendto(), and the sends to the
> wrong address family are just going to fail. So they would only waste
> time and change errno, but not much of a visible side effect.
Thanks for reporting this! It's intended to be functional, but it's
probably of little consequence whether it works since the issue seems
to arise only when resolv.conf requested IPv6 nameservers but the
system doesn't support IPv6. I'll look at what it'll take to fix it...
hopefully it won't be too bad.
Rich
next prev parent reply other threads:[~2022-08-24 23:27 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-24 19:03 Markus Wichmann
2022-08-24 23:26 ` Rich Felker [this message]
2022-08-24 23:32 ` Rich Felker
2022-08-25 2:58 ` Markus Wichmann
2022-08-25 13:26 ` Rich Felker
2022-08-26 16:16 ` Rich Felker
2022-08-26 16:28 ` Rich Felker
2022-08-26 17:48 ` Markus Wichmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220824232657.GL7074@brightrain.aerifal.cx \
--to=dalias@libc.org \
--cc=musl@lists.openwall.com \
--cc=nullplan@gmx.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).