This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[PATCH] Fix invalid file descriptor reuse while sending DNS query

From: Andreas Schwab <schwab at suse dot de>
To: libc-alpha at sourceware dot org
Date: Mon, 26 May 2014 18:35:08 +0200
Subject: [PATCH] Fix invalid file descriptor reuse while sending DNS query
Authentication-results: sourceware.org; auth=none

When send_dg runs into a timeout it retries with RES_SNGLKUP and then
with RES_SNGLKUPREOP enabled.  With the latter option the dns socket
will be reopend after the first query was sent, but the old file
descriptor is reused for sending the query, which can result in sending
it to an unrelated file in a multithreaded program.

Andreas.

	[BZ #15946]
	* resolv/res_send.c (send_dg): Reload file descriptor after
	calling reopen.
---
 resolv/res_send.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/resolv/res_send.c b/resolv/res_send.c
index 3273d55..af42b8a 100644
--- a/resolv/res_send.c
+++ b/resolv/res_send.c
@@ -1410,6 +1410,7 @@ send_dg(res_state statp,
 					retval = reopen (statp, terrno, ns);
 					if (retval <= 0)
 						return retval;
+					pfd[0].fd = EXT(statp).nssocks[ns];
 				}
 			}
 			goto wait;
-- 
1.9.3

-- 
Andreas Schwab, SUSE Labs, schwab@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE  1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."

Follow-Ups:
- Re: [PATCH] Fix invalid file descriptor reuse while sending DNS query
  - From: Carlos O'Donell

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]