This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/10021] New: getaddrinfo uses uninitialised value in conditional (glibc-2.9)
- From: "eric dot d dot lambert at gmail dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: 1 Apr 2009 04:11:38 -0000
- Subject: [Bug libc/10021] New: getaddrinfo uses uninitialised value in conditional (glibc-2.9)
- Reply-to: sourceware-bugzilla at sourceware dot org
## DESCRIPTION ##
On my Fedora 10 i686 machine, was running valgrind to validate some code. Noticed that valgrind was
complaining that there was use of an uninitialised value in a conditional inside glibc. Upon further
investigation, it appears that the problem is within glibc itself. Using the simple test at the bottom of
this report, I was able to reproduce the problem at will on my fedora machine (which has glibc-2.9),
but when I run the same code on my ubuntu machine (which has glibc-2.8.90) the problem does not
appear.
I did some digging into the glibc source ( git revision d8f1d9bc9b34b21e322c8607511b40c0ef37038e)
and think I have found the culprit. In sysdeps/posix/getaddrinfo.c in the function gaih_inet at line 709
you will see the following definition:
int herrno;
and on line 720 you will see this value is used in a conditional but has not been explicitly initialized
before so (i assume the call to fct4 implicitly initializes the value)
if (status != NSS_STATUS_TRYAGAIN || rc != ERANGE || herrno != NETDB_INTERNAL)
Note, I am tagging this as p3 and Severity minor as the only issue this causes me is that valgrind
complains. Assuming that it is possible that the herrno value is not be correctly initialized, than I
would imagine this could warrant higher priority.
## SYSTEM INFO ##
[elambert@doh glibc]$ cat /etc/redhat-release
Fedora release 10 (Cambridge)
[elambert@doh glibc]$ uname -a
Linux doh 2.6.27.5-117.fc10.i686 #1 SMP Tue Nov 18 12:19:59 EST 2008 i686 athlon i386 GNU/Linux
[elambert@doh glibc]$ ls -ld /lib/libc.so.6
lrwxrwxrwx 1 root root 11 2009-03-14 19:15 /lib/libc.so.6 -> libc-2.9.so
## HOW TO REPRODUCE ##
1) compile the testgai.c test program (source included below)
[elambert@doh test]$ cc testgai.c -o testgai
2) run the produced binary, using valgrind to check for memory conditions
[elambert@doh test]$ /usr/bin/valgrind --leak-check=yes --show-reachable=yes ./testgai
==5208== Memcheck, a memory error detector.
.....
==5208== Conditional jump or move depends on uninitialised value(s)
==5208== at 0x9B1B23: gaih_inet (in /lib/libc-2.9.so)
==5208== by 0x9B3906: getaddrinfo (in /lib/libc-2.9.so)
==5208== by 0x8048486: main (in /home/elambert/test/testgai)
Note, If you change testgai.c program so that the host value used by getaddrinfo is not an entry in
/etc/hosts or if you just comment out all entries in /etc/hosts and then run the binary this issue does
*not* appear
## SOURCE ##
[elambert@doh test]$ cat testgai.c
#include <netdb.h>
#include <string.h>
main () {
struct addrinfo *ai;
struct addrinfo hints;
int e;
memset(&hints, 0, sizeof(hints));
hints.ai_family= PF_UNSPEC;
hints.ai_socktype= SOCK_STREAM;
hints.ai_protocol= IPPROTO_TCP;
e= getaddrinfo("localhost", "11211", &hints, &ai);
freeaddrinfo(ai);
}
--
Summary: getaddrinfo uses uninitialised value in conditional
(glibc-2.9)
Product: glibc
Version: unspecified
Status: NEW
Severity: minor
Priority: P3
Component: libc
AssignedTo: drepper at redhat dot com
ReportedBy: eric dot d dot lambert at gmail dot com
CC: glibc-bugs at sources dot redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=10021
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.