Date: Thu, 24 Dec 1998 11:36:28 -0500 (EST) From: Bill Fumerola <billf@jade.chc-chimes.com> To: FreeBSD-gnats-submit@FreeBSD.ORG Subject: bin/9186: host(1) dumps core when improper arguments are passed Message-ID: <199812241636.LAA02647@jade.chc-chimes.com>
next in thread | raw e-mail | index | archive | help
>Number: 9186 >Category: bin >Synopsis: host(1) dumps core when improper arguments are passed >Confidential: yes >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Dec 24 08:40:00 PST 1998 >Last-Modified: >Originator: Bill Fumerola and Ben Olson >Organization: Computer Horizons Corp >Release: FreeBSD 2.2.7-STABLE i386 >Environment: This bug affects all releases of FreeBSD. >Description: host(1) does not check integers when passed to it's '-t' argument. The error seems to be in the parsetype() function. the atoi(s) portion of the function will return whatever number that was given to parsetype() even if it is invalid. A string will be checked by sym_ston() (from the libresolv) and if invalid, will eventually return an improper query type. Eventually the wrong constant from -t will be used, and the command will core out. Also the code assumes that -t has it's child argument follow it. Even if this is not the case it will still decrement the argument counter "c". This also causes segmentation faults, as host(1) tries to read an argument that does not exist. Finally, host(1) assumes that if an argument follows the '-t' option, then a host will also follow, which isn't always the case, this also results in a core. >How-To-Repeat: $ host -t foo Invalid query type: foo $ host -t 100 Segmentation fault $ host -t a Segmentation fault $ host -t a 206.67.97.83 Name: jade.chc-chimes.com Address: 206.67.97.83 Aliases: >Fix: Some error checking code needs to be implmented in the main() code that reads arguments. Sanity checking code in parseclass() (and probably parsetype()) needs to be added. >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812241636.LAA02647>