This is the mail archive of the
libc-alpha@sourceware.cygnus.com
mailing list for the glibc project.
Re: Bug reports for nscd
- To: Andreas Jaeger <aj@arthur.rhein-neckar.de>
- Subject: Re: Bug reports for nscd
- From: Thorsten Kukuk <kukuk@suse.de>
- Date: Sat, 12 Jun 1999 21:48:03 +0200
- Cc: libc-alpha Mailinglist <libc-alpha@sourceware.cygnus.com>,sba@srl.caltech.edu, Gabor Gombas <gombasg@inf.elte.hu>
- References: <u8yahpw8fo.fsf@arthur.rhein-neckar.de>
Hello,
On Sat, Jun 12, Andreas Jaeger wrote:
>
> We've received the two appended bug reports which describe the same problem.
> Any volunteers for checking nscd?
Uli has fixed this yesterday:
1999-06-11 Ulrich Drepper <drepper@cygnus.com>
* resolv/nss_dns/dns-host.c (getanswer_r): Correctly track usage
of user-provided buffer.
I haven't test it myself yet.
Thorsten
> Date: Sat Jun 12 20:59:00 1999
> From: Various
> Subject: Digested Articles
>
> Topics:
> libc/1160: nscd segfaults when attempting to cache host names with multiple IP address matches
> libc/1156: Bug in gethostbyname implementation
>
>
> ----------------------------------------------------------------------
>
> Date: Sat, 12 Jun 1999 14:32:39 -0400
> From: sba@srl.caltech.edu
> To: bugs@gnu.org
> Subject: libc/1160: nscd segfaults when attempting to cache host names with multiple IP address matches
> Message-Id: <199906121832.OAA06288@delysid.gnu.org>
>
>
> >Number: 1160
> >Category: libc
> >Synopsis: nscd segfaults when attempting to cache host names with multiple IP address matches
> >Confidential: no
> >Severity: critical
> >Priority: medium
> >Responsible: libc-gnats
> >State: open
> >Class: sw-bug
> >Submitter-Id: unknown
> >Arrival-Date: Sat Jun 12 14:40:01 EDT 1999
> >Last-Modified:
> >Originator: sba@srl.caltech.edu
> >Organization:
> net
> >Release: 2.1.1
> >Environment:
> Intel PII and PIII running RH6.0
> >Description:
> On both a single and dual processor Intel RH6.0 box, I have found that nscd
> will segfault when a user does something as simple as ping aol.com. The
> problem persists with both the RH version of glibc-2.1.1 and after compiling
> and installing a clean copy of the official glibc-2.1.1 (compiled with -O
> using egcs-1.1.2).
>
> Note, the problem appears only when accessing a host name for which nslookup
> returns more than one valid IP address.
> >How-To-Repeat:
> start nscd on a RH6.0 box
> ping aol.com
> nscd will segfaul
> >Fix:
> >Audit-Trail:
> >Unformatted:
>
>
> ------------------------------
>
> Date: Fri, 11 Jun 1999 21:29:31 +0200
> From: Gabor Gombas <gombasg@inf.elte.hu>
> To: bugs@gnu.org
> Subject: libc/1156: Bug in gethostbyname implementation
> Message-Id: <199906111929.VAA17364@babel.inf.elte.hu>
> Content-Type: text/plain; charset=us-ascii
>
> >Number: 1156
> >Category: libc
> >Synopsis: Bug in gethostbyname implementation
> >Confidential: no
> >Severity: serious
> >Priority: medium
> >Responsible: libc-gnats
> >State: open
> >Class: sw-bug
> >Submitter-Id: unknown
> >Arrival-Date: Fri Jun 11 16:20:02 EDT 1999
> >Last-Modified: Fri Jun 11 17:52:41 EDT 1999
> >Originator: Lord of the Files
> >Organization:
>
> >Release:
> >Environment:
>
> Host type: i386-pc-linux-gnu
> System: Linux babel 2.2.9 #1 SMP Thu Jun 3 10:31:37 CEST 1999 i686 unknown
> Architecture: i686
>
> Addons: crypt linuxthreads nss-v1
>
> Build CC: gcc
> Compiler version: egcs-2.91.66 Debian GNU/Linux (egcs-1.1.2 release)
> Kernel headers: UTS_RELEASE
> Symbol versioning: yes
> Build static: yes
> Build shared: yes
> Build pic-default: no
> Build profile: yes
> Build omitfp: no
> Build bounded: no
> Build static-nss: no
> Stdio: libio
>
> Description:
> [the problem was reported by Stuart Anderson <sba@srl.caltech.edu>
> on the Linux NIS+ list. I just verified it and provided a stack
> trace.]
>
> There seems to be a bug in the gethostbyname function. If I issue
> 'ping cnn.com' while nscd is running, nscd terminates with SIGSEGV.
> Here is a stack trace:
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x4009c58b in __strcasecmp (s1=0x2e6e6e63 <Address 0x2e6e6e63 out of bounds>,
> s2=0xbffff950 "cnn.com") at ../sysdeps/generic/strcasecmp.c:62
> 62 do
> (gdb) bt
> #0 0x4009c58b in __strcasecmp (
> s1=0x2e6e6e63 <Address 0x2e6e6e63 out of bounds>, s2=0xbffff950 "cnn.com")
> at ../sysdeps/generic/strcasecmp.c:62
> #1 0x40145a22 in getanswer_r (answer=0xbffff2b0, anslen=468,
> qname=0xbffff8c8 "cnn.com", qtype=1, result=0xbffff950,
> buffer=0xbffff734 "", buflen=512, errnop=0x4012c2e0, h_errnop=0x4012b124)
> at nss_dns/dns-host.c:588
> #2 0x40144df6 in _nss_dns_gethostbyname2_r (name=0xbffffae0 "cnn.com", af=2,
> result=0xbffff950, buffer=0xbffff734 "", buflen=512, errnop=0x4012c2e0,
> h_errnop=0x4012b124) at nss_dns/dns-host.c:174
> #3 0x804db4c in __gethostbyname2_r (name=0xbffffae0 "cnn.com", af=2,
> resbuf=0xbffff950, buffer=0xbffff734 "", buflen=512, result=0xbffff94c,
> h_errnop=0x4012b124) at ../nss/getXXbyYY_r.c:182
> #4 0x804d1bd in addhstbyname (db=0x8051388, fd=4, req=0xbffffc2c,
> key=0xbffffae0, caller_uid=0) at hstcache.c:415
> #5 0x804a965 in handle_request (fd=4, req=0xbffffc2c, key=0xbffffae0,
> caller=0xbffffc20) at connections.c:325
> #6 0x804aea7 in nscd_run (p=0x0) at connections.c:460
> #7 0x804af86 in start_threads () at connections.c:496
> #8 0x8049c98 in main (argc=6, argv=0xbffffce4) at nscd.c:166
>
> [Note: I have a somewhat modifed nscd daemon, but the problem is in
> the underlying nss code]
>
> How-To-Repeat:
> Start nscd, and try 'ping cnn.com'
> >Description:
> >How-To-Repeat:
> >Fix:
> >Audit-Trail:
>
> Responsible-Changed-From-To: gnats-admin->libc-gnats
> Responsible-Changed-By: jaeger
> Responsible-Changed-When: Fri Jun 11 17:52:29 1999
> Responsible-Changed-Why:
> This is a misfiled glibc report.
> Andreas
> >Unformatted:
> Synopsis: bug in nss layer makes nscd terminate with SIGSEGV
> Priority: medium
> Category: libc
> Class: sw-bug
> Release: libc-2.1.1
>
>
> ------------------------------
>
> End of forwardK8H2aF Digest
> ***************************
>
> --
> Andreas Jaeger aj@arthur.rhein-neckar.de jaeger@informatik.uni-kl.de
> for pgp-key finger ajaeger@aixd1.rhrk.uni-kl.de
--
Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de
SuSE GmbH Schanzaeckerstr. 10 90443 Nuernberg
Linux is like a Vorlon. It is incredibly powerful, gives terse,
cryptic answers and has a lot of things going on in the background.