Received: (at 25757) by debbugs.gnu.org; 1 Mar 2017 18:44:00 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Mar 01 13:44:00 2017
Received: from localhost ([127.0.0.1]:34783 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1cj9EE-000750-HP
for submit <at> debbugs.gnu.org; Wed, 01 Mar 2017 13:43:59 -0500
Received: from chiark.greenend.org.uk ([212.13.197.229]:33250
ident=Debian-exim) by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ijackson@HIDDEN>) id 1cj9EC-00074r-90
for 25757 <at> debbugs.gnu.org; Wed, 01 Mar 2017 13:43:56 -0500
Received: by chiark.greenend.org.uk (Debian Exim 4.84_2 #1) with local
(return-path ijackson@HIDDEN)
id 1cj9EA-0000n5-Q5; Wed, 01 Mar 2017 18:43:54 +0000
From: Ian Jackson <ijackson@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <22711.5738.705303.168620@HIDDEN>
Date: Wed, 1 Mar 2017 18:43:54 +0000
To: Tomas Hozza <thozza@HIDDEN>
Subject: Re: bug#25757: Fix segfault when adns_strerror() is called with a
value, for which there is no message defined
In-Reply-To: <c68deba4-307a-1c22-f193-181025e956a0@HIDDEN>
References: <89d0baf6-7216-499f-ba18-9f5ae7909be6@HIDDEN>
<22708.25081.508647.685714@HIDDEN>
<c68deba4-307a-1c22-f193-181025e956a0@HIDDEN>
X-Mailer: VM 8.2.0b under 24.4.1 (i586-pc-linux-gnu)
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 25757
Cc: 25757 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.3 (--)
(CCing the bug report again. Please let us keep the bug in the CC, so
that others can see and help and so on. Thanks.)
Tomas Hozza writes ("Re: bug#25757: Fix segfault when adns_strerror() is called with a value, for which there is no message defined"):
> The reproducer is actually also:
>
> int main(void) {
> printf("%s\n", adns_strerror(adns_s_inconsistent));
> printf("%s\n", adns_strerror(adns_s_max_misconfig));
> }
>
> which uses values defined by adns.
The header file says:
> > You MUST NOT call these functions with status values
> > not returned by the same adns library.
These values were not `returned'. Perhaps this could be clarified in
the documentation.
> In my opinion NULL is not really a good option, as the function is expected to return a string and therefore people will usually use it in print functions. Maybe the same approach as used by strerror() could be used:
The real question for me is why someone would do
adns_strerror(adns_s_inconsistent))
at all. If we knew that we might be able to help them out. I don't
think this is useful. adns will never return that value from an
actual adns function.
Is it possible that in fact this whole thing is the result of a static
analysis tool observing that this code might segfault ?
> "The strerror(), strerror_l(), and the GNU-specific strerror_r() functions return the appropriate error description string, or an "Unknown error nnn" message if the error number is unknown."
>
> This means the call would return the message with the error number, so that it is not lost.
This would be an option but this would involve dynamic allocation and
there is no good place to memoise the result.
> Do you want me to modify the fix or you'll implement something on your own?
Do you have an answer to my point about memoisation ?
Thanks,
Ian.
adns-discuss@HIDDEN:bug#25757; Package adns.
Full text available.
Received: (at 25757) by debbugs.gnu.org; 27 Feb 2017 17:29:32 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Feb 27 12:29:32 2017
Received: from localhost ([127.0.0.1]:58615 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1ciP76-0001pd-Ez
for submit <at> debbugs.gnu.org; Mon, 27 Feb 2017 12:29:32 -0500
Received: from chiark.greenend.org.uk ([212.13.197.229]:38756
ident=Debian-exim) by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ijackson@HIDDEN>) id 1ciP74-0001pV-Oq
for 25757 <at> debbugs.gnu.org; Mon, 27 Feb 2017 12:29:31 -0500
Received: by chiark.greenend.org.uk (Debian Exim 4.84_2 #1) with local
(return-path ijackson@HIDDEN)
id 1ciP73-00037K-Jc; Mon, 27 Feb 2017 17:29:29 +0000
From: Ian Jackson <ijackson@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <22708.25081.508647.685714@HIDDEN>
Date: Mon, 27 Feb 2017 17:29:29 +0000
To: Tomas Hozza <thozza@HIDDEN>
Subject: Re: bug#25757: Fix segfault when adns_strerror() is called with a
value, for which there is no message defined
Newsgroups: chiark.mail.adns.discuss
In-Reply-To: <89d0baf6-7216-499f-ba18-9f5ae7909be6@HIDDEN>
References: <89d0baf6-7216-499f-ba18-9f5ae7909be6@HIDDEN>
X-Mailer: VM 8.2.0b under 24.4.1 (i586-pc-linux-gnu)
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 25757
Cc: 25757 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.3 (--)
Tomas Hozza writes ("bug#25757: Fix segfault when adns_strerror() is called with a value, for which there is no message defined"):
> In Fedora, we are carrying a downstream patch to fix segfault when adns_strerror() is called with a value, for which there is no message defined. You can find more info in https://bugzilla.redhat.com/show_bug.cgi?id=514838
Hi. Thanks for getting in touch.
> It would be great if you could consider including this change also in the upstream sources. If you have any questions, please reach out to me.
The bug report gives a step to reproduce of
printf("%s\n", adns_strerror(100));
But the documentation for adns_strerror in adns.h says
You MUST NOT call these functions with status values
not returned by the same adns library.
So I think this test case is caller error. Presumably there was some
real application that went wrong, but the bug report doesn't say what
the motivation or context was for this change.
It would perhaps be possible to improve adns here to make this use
not segfault, but:
* I don't think it would be right to return a fixed string,
for different error codes (since the caller might print the
string _instead of_ the invalid error code)
* Variable strings would have to be allocated somewhere and
there is nowhere suitable
* So probably adns_strerror would return NULL, rather than crashing,
which is perhaps preferable but not much of an improvement.
Regards,
Ian.
adns-discuss@HIDDEN:bug#25757; Package adns.
Full text available.
Received: (at submit) by debbugs.gnu.org; 16 Feb 2017 16:35:04 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Feb 16 11:35:04 2017
Received: from localhost ([127.0.0.1]:42412 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1ceP1M-0003tU-4p
for submit <at> debbugs.gnu.org; Thu, 16 Feb 2017 11:35:04 -0500
Received: from mx1.redhat.com ([209.132.183.28]:50404)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <thozza@HIDDEN>) id 1ceN8h-0000xi-Cl
for submit <at> debbugs.gnu.org; Thu, 16 Feb 2017 09:34:31 -0500
Received: from int-mx10.intmail.prod.int.phx2.redhat.com
(int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by mx1.redhat.com (Postfix) with ESMTPS id 312428123E
for <submit <at> debbugs.gnu.org>; Thu, 16 Feb 2017 14:34:26 +0000 (UTC)
Received: from thozza-pc.brq.redhat.com (thozza-pc.brq.redhat.com
[10.34.4.205])
by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id
v1GEYOrH018565
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
for <submit <at> debbugs.gnu.org>; Thu, 16 Feb 2017 09:34:25 -0500
To: submit <at> debbugs.gnu.org
From: Tomas Hozza <thozza@HIDDEN>
Subject: Fix segfault when adns_strerror() is called with a value, for which
there is no message defined
Message-ID: <89d0baf6-7216-499f-ba18-9f5ae7909be6@HIDDEN>
Date: Thu, 16 Feb 2017 15:34:23 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
Thunderbird/45.7.0
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="------------757F7769311812187734BFAB"
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
(mx1.redhat.com [10.5.110.25]); Thu, 16 Feb 2017 14:34:26 +0000 (UTC)
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: submit
X-Mailman-Approved-At: Thu, 16 Feb 2017 11:35:03 -0500
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)
This is a multi-part message in MIME format.
--------------757F7769311812187734BFAB
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Package: adns
Hello.
In Fedora, we are carrying a downstream patch to fix segfault when adns_strerror() is called with a value, for which there is no message defined. You can find more info in https://bugzilla.redhat.com/show_bug.cgi?id=514838
It would be great if you could consider including this change also in the upstream sources. If you have any questions, please reach out to me.
Regards,
Tomas
--
Tomas Hozza
Associate Manager, Software Engineering - EMEA ENG Mainstream RHEL
PGP: 1D9F3C2D
UTC+1 (CET)
Red Hat Inc. http://cz.redhat.com
--------------757F7769311812187734BFAB
Content-Type: text/x-patch;
name="adns14-rh514838.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename="adns14-rh514838.patch"
diff --git a/src/general.c b/src/general.c
index c4d1f55..bacdd81 100644
--- a/src/general.c
+++ b/src/general.c
@@ -272,6 +272,8 @@ static const struct sinfo {
SINFO( nodata, "No such data" )
};
+static const char *unknown_error_str = "unknown error code";
+
static int si_compar(const void *key, const void *elem) {
const adns_status *st= key;
const struct sinfo *si= elem;
@@ -288,7 +290,7 @@ const char *adns_strerror(adns_status st) {
const struct sinfo *si;
si= findsinfo(st);
- return si->string;
+ return (si == NULL) ? unknown_error_str : si->string;
}
const char *adns_errabbrev(adns_status st) {
--------------757F7769311812187734BFAB--
Tomas Hozza <thozza@HIDDEN>:adns-discuss@HIDDEN.
Full text available.adns-discuss@HIDDEN:bug#25757; Package adns.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.