From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HTML_MESSAGE,MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2 autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 9464 invoked from network); 14 Jan 2023 22:56:47 -0000 Received: from second.openwall.net (193.110.157.125) by inbox.vuxu.org with ESMTPUTF8; 14 Jan 2023 22:56:47 -0000 Received: (qmail 20125 invoked by uid 550); 14 Jan 2023 22:56:43 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 20089 invoked from network); 14 Jan 2023 22:56:42 -0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ajVHWu1kXrBBiHhPGMsoX/Msj2Nc3Cim+bfgFGMdRaIxHOIqkaFyhTjXI92AODASWXzLywMNo7GGrxNyvpkJosJTqusbIgaAwPhGEbIUKuLN6MJdMkL1Ba8oVi6LV+V+rpFKj+uXFN0sD4SQSPFx08obm+hpFCpiPVTjGCJO07pYExgXC4hUJlXHWxiUUPoj8eA+xEz1TGuRoyV6QaDMD7JFEFHY7RbVa/1xQRLgkvtfMFhfDmgCqfToYgImJ5+irdUfyEt3Gt6NiDkWDbKWO4yizRwjacWWeH+VYiTQk0aq2MAfPoPR2Us3eHb70GVccIHx1FrS6vdjz9xpC9BNQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=1mQSeKSxESAVMYIGHlUQNtJxpR+cqDZCPi3iz12Qw2E=; b=DkYiT/wd9pF1PI96KjwDpezZcmYPtnzLOt2+Y9oZPDz7TwpBIfQgA82XScsJ/HKqrkfzCyaPUJD1gsiY7Y2hcbm9okJqbqytY0YmKrX2UciBg4rg5LhIb0DtJDZct+araMBc4zPK2ZC3smUDSjBMpkWKULqlREX3cA08YaEtag8GeRk9V1dQ5Fsgyt42DZ72eulh+/HVWFqB97UY6kIfMu3XQhoo6HcKoj7jFAYMM9CPDWzEFVVH7pnVc2A6QweNWgWCpqI2zp9B5UWz98H0LUH+ZQjMCwBarGi7z5PnsRPIOT771y2kF5gRAhdc6qyX/GlROCw3sJAYUEJK4g9drQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1mQSeKSxESAVMYIGHlUQNtJxpR+cqDZCPi3iz12Qw2E=; b=T/YKffkTNVUBObNHGOyGw5YvK3CSbNbaMHYqQnKhPFwK7mJzRZlMAAtbRrD4bsaj2zWLpUeFtyJWideSBYHK5V+bLw4bCBz0hpVrF9OijoMvIo9hUby8lGs/FL8CqQpI1Ntv02GKb+98PNiFaV+nm2dpGZBd2b5JyVUPyJ+Qgzo= From: Barry Bond To: "musl@lists.openwall.com" Thread-Topic: Behavior change in getaddrbyname() with AF_UNSPEC Thread-Index: Adkoav5p71MTtM4ESZaetbz2cBVolg== Date: Sat, 14 Jan 2023 22:56:28 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=de68fca5-89ba-4e22-9cf6-4e3c65c34169;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2023-01-14T22:41:37Z;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: DM6PR21MB1611:EE_|IA1PR21MB3544:EE_ x-ms-office365-filtering-correlation-id: c91ab3ae-ec60-4e98-df65-08daf6829211 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: rkX9MLzWI/ogcJcHjI27gRKi6Rk4rq/Ync7mTwgeHGPLQ3foXKstWcvPxb6xsZIZNutBqA4jR+92uUJT6pFXWETKyzhpkei87lip5UT6ce+dj/49DvXSIiL+/IQ3CnN9J16Qyv/tjmBTsOojus9wnHXVHwy0Wca5omakdK3cKRT7PlCjWhAZy6dVVQplk9VgDCjky/VJ3jLjYttx6rDPuvvEE79WTfuefzOeLNkXBRyuZArWj8ZFVz3BjqIsUjPMPdCYr9R0E19xE7aicVR+RZpZI2B1WqXwUoctoxMEO68xhnAAu8S4LszI9jaWnfQi+kwadY2H8qBHM0XPdj2bPyd32I8zzXnfBf/mJqsN0JCnbxP9waTIHjuC1Rq2etGcQaKz2iVlZcE9r7cafnPwky0KCUIaXnnvZl17xWqzzJyQV6lexsOEEX7zbcn8bZEQIviRVpxFOuS2oclPCr5l7lnTxjSYiginyb0okCZRR0FfWUaWev8gtbrd5sBZArXhddBRpVRRiUPjWMKTf/teYwZXvnkxGlgSuCCcaCtk7Qu1y7yIrWrEHPB1dWI/cZGzAEu2/axFaPqV/Gz3EYMw3vZ5MzYNQGt/2t5hHYn70pN02rBv7o4DOr32Bk7ux4QXWmhJW2Cmg2DfUAMOGeVX/IZzoR4HIsAoVlYIWM2lNy9rGWcGl/HwAqrr42iJ7ogkrEZeIpQ1dCbY6DWnGIEPI6GjC0OdQzMDcJeK+K9keOmGs2hsUZ3Grf6N9CfFqO0RC61V6ChaBBHNME4L2EYXhQ== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR21MB1611.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(376002)(366004)(136003)(396003)(346002)(39860400002)(451199015)(478600001)(8676002)(38100700002)(66476007)(66556008)(64756008)(66946007)(82950400001)(41300700001)(76116006)(122000001)(5660300002)(66446008)(38070700005)(7696005)(316002)(33656002)(26005)(71200400001)(166002)(8990500004)(83380400001)(966005)(6916009)(10290500003)(52536014)(86362001)(8936002)(2906002)(6506007)(186003)(9686003)(55016003)(82960400001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?2vnc1tBTBuCRP81aXN+Wabkevi8lCC3oBueG7izV4ET6dgDC+0PqpR6qLqMH?= =?us-ascii?Q?2wJG8dsrMnB+TstXw9+z2f/32bTcRVNOWYfmrZ9RbHkgS67A47Tkxr44gmiH?= =?us-ascii?Q?4iGrRoh31pF164LCwCcL6imZHZBfSJe0VoM9tGYhi+LTARPzERa5+yJesHnr?= =?us-ascii?Q?w5juRqWcmcFr976QADwsQGoS5/g2S5kouVKtrcRsIFRhRnrIvS1f5au/HlQY?= =?us-ascii?Q?IDjg/TJqAJZKwHkHWpjajSEFpaaqtOH+Sp6yVU2je9WUKveCDijAH5lt5rOO?= =?us-ascii?Q?RzyaGqdmA/YMSDP0YXO9Ix05ehqWoEb5/7GCScJ/4BZEq5G/mo9PJMciXfDH?= =?us-ascii?Q?uTUqX0R9MK5Hr7zr4NymMMdIrcDmaLAYUUMgubsMnLtChjjAN42HfC/VETvJ?= =?us-ascii?Q?/i7GRtLtVXu5RkMOdPyZ5xetvoHf9BjrLJ13SyzKLV9fsszkIDsZKRpQMUWc?= =?us-ascii?Q?sHZtHvXeaBjw4pBPP4K2RnmQShHWLBYZKd9ZxUYhWEp49unhXtSxZDXHpIse?= =?us-ascii?Q?wfe8kySnLAzrGjKJKETxYTlspd1sZCnPWTInEh15T3QnbPjiCENUu5o8w5hZ?= =?us-ascii?Q?1UXF7DLjl5gykD5IoGy7AfMNhrAnvtD9RP5dWWYQjj+5exOFFoMHqOKdvfQX?= =?us-ascii?Q?YRfKTnA+8v0vx9Qg+xH6s6r7Gqq90q6fjapx1cMGyv0UgGMK4kuxeEasycaa?= =?us-ascii?Q?G4VgeHp7NhaDZw7k/0Xx12Zno5ODMH0CIPeitA1Om0QVhElxEShk2PTktVNk?= =?us-ascii?Q?n0VEbXU62pIwsGEPXMND0HtBs5C/NbEMaBykKJmv2FRX/J769rcs412WTvAz?= =?us-ascii?Q?aezGhn4lXFf4H0Lqs4iVX2E/o/UijvGwMSCK8cuucvT0buoodB/t+HqbRAxP?= =?us-ascii?Q?jeyu4xws3c5PN036wOPmuoPGMH3KqG/ZDCDQXlF+HJiYQD/XkwHmMMat02IY?= =?us-ascii?Q?6MDWe8bTnxRYXwk/Ba7TBKgrYiEnqjmqm6HLKRVpi7bQoZDQxcV9ZZxKoOvW?= =?us-ascii?Q?3OIVXyVjzTeUFs5njk+16pYrKmzgmGee0z7PFoxnPorS5NkRqlz7U4DcQVQW?= =?us-ascii?Q?YTJH3aD2zShYREbRrPhZMkf3hauG/Oa57ze5buWU7NJ1ND8MW+74CA+zS18W?= =?us-ascii?Q?eSK/VG+XTSvOmZ3EMSh5FRGZN7/Z41UFBasT0fN6EAG2NytO0LYdGbHYx/EE?= =?us-ascii?Q?kGHSI25ZfXyq7X4fjyWTkXACxnVHx3nynDV2omB3PO0jMdyS49WUbzsHczeV?= =?us-ascii?Q?eXoXoxjhc66Bx6XkwhSJ117R8bBauwcU2pPpkF6JQL9weKafZ9s37MjZ5Kny?= =?us-ascii?Q?ETX4uQNQYXHlN/mw3l/6/GNDqs/o+CXMKdH1E8WcKJ4c0BxyUqucUHE8jHfq?= =?us-ascii?Q?BtBKA3tSi+h6R6OqQC4opeBlT3Tr1rGAWsUQJSiyGh5E4w7tfC8/JT6f1M14?= =?us-ascii?Q?4hemoJ/qJCKY7ADnYH9qnRZpmYGT3bD+p4H6O7ZFocq23QR/z/iWCc1r2cX9?= =?us-ascii?Q?c6PTVxZNsIPSBMkfVx9Ec7GuCs53OyidqEiER8x01DOna0AZ5SMcKZnkwTNF?= =?us-ascii?Q?YMNkF8ePjCBzsj3F/fdQQiyf6/BQK5J8zSVuOOOz?= Content-Type: multipart/alternative; boundary="_000_DM6PR21MB16119FB8E9D5AE1E364D42ABB6C39DM6PR21MB1611namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DM6PR21MB1611.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: c91ab3ae-ec60-4e98-df65-08daf6829211 X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Jan 2023 22:56:28.3016 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: pHlYru5KxfrgEzeWLLljKQgDidqfg6756+ZhaC6BJbbLpZR6XF/IYg0mZ77jKL3UgfsVfwjGt5hVFiJyWoPZkQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR21MB3544 Subject: [musl] Behavior change in getaddrbyname() with AF_UNSPEC --_000_DM6PR21MB16119FB8E9D5AE1E364D42ABB6C39DM6PR21MB1611namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable This is related to this change: https://git.musl-libc.org/cgit/musl/commit= /?id=3D5cf1ac2443ad0dba263559a3fe043d929e0e5c4c made back in 2020. In the repro case, getaddrbyname() with AF_UNSPEC sends out two requests, b= ut only gets back a single response, with the ipv4 address. There is no i= pv6 on the network. name_from_dns() contains the relevant code. After __res_msend_rc() returns= , 'nq' is 2, and 'alens' is [96, 0], indicating that there was an ipv4 resp= onse of 96 bytes, but no response for ipv6. Then the validation code runs: for (i=3D0; i

This is related to this change:  https://git.musl-libc.org/cgit/musl/commit/?id=3D5cf1ac2443ad0dba263559a3fe= 043d929e0e5c4c made back in 2020.

 

In the repro case, getaddrbyname() with AF_UNSPEC se= nds out two requests, but only gets back a single response, with the ipv4 a= ddress.   There is no ipv6 on the network.

 

name_from_dns() contains the relevant code.  Af= ter __res_msend_rc() returns, ‘nq’ is 2, and ‘alens’= ; is [96, 0], indicating that there was an ipv4 response of 96 bytes, but n= o response for ipv6.  Then the validation code runs:

 

        &nbs= p;       for (i=3D0; i<nq; i++) {

        &nbs= p;            &= nbsp;          if (alens[i] &l= t; 4 || (abuf[i][3] & 15) =3D=3D 2) return EAI_AGAIN;

        &nbs= p;            &= nbsp;          if ((abuf[i][3]= & 15) =3D=3D 3) return 0;

        &nbs= p;            &= nbsp;          if ((abuf[i][3]= & 15) !=3D 0) return EAI_FAIL;

        &nbs= p;       }

 

and the result is EAI_AGAIN, because alens[1]=3D=3D0= .

 

Before this patch, the code would have parsed the ip= v4 response via __dns_parse(), failed to parse the empty second response be= cause alens[1]<12, and the function would return with ctx.cnt=3D=3D1.

 

I propose adding one new check at the top of the for= () loop:

        &nbs= p;       if (alens[i] =3D=3D 0) continue; /* = response timed out */

 

Thanks!

Barry – Microsoft Azure Sphere

 

--_000_DM6PR21MB16119FB8E9D5AE1E364D42ABB6C39DM6PR21MB1611namp_--