Date: Wed, 14 Nov 2001 07:32:10 -0800 (PST) From: James Carlson <james.d.carlson@sun.com> To: freebsd-gnats-submit@FreeBSD.org Subject: misc/31981: (mis)feature in getnetent parsing -- comments affect parsing results Message-ID: <200111141532.fAEFWA601961@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 31981
>Category: misc
>Synopsis: (mis)feature in getnetent parsing -- comments affect parsing results
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Nov 14 07:40:03 PST 2001
>Closed-Date:
>Last-Modified:
>Originator: James Carlson
>Release: 4.1-RELEASE #0
>Organization:
Sun Microsystems
>Environment:
FreeBSD pemphredo.east.sun.com 4.1-RELEASE FreeBSD 4.1-RELEASE #0: Fri Jul 28 14:30:31 GMT 2000 jkh@ref4.freebsd.org:/usr/src/sys/compile/GENERIC i386
>Description:
The problem actually goes back to ancient releases of BSD. I looked
back to 4.2BSD, and the problem exists there.
Consider the following two entries in /etc/networks:
test1 10
test2 11 alias2
test3 12 # hi there
On Solaris getnetbyname (and getnetent), we treat "test1", "test2",
and "test3" as the real network names, and "alias2" as an alias for
just network "test2." This appears to be fairly reasonable.
On BSD, it interprets the second entry the same way we do -- network
"test2", single alias "alias2", and "test3" with no aliases. However,
it *intentionally* treats the first case differently. On BSD, that's
interpreted as network "test1" with alias "10".
The offending lines in /usr/src/lib/libc/net/getnetbyht.c are:
p = strpbrk(cp, " \t");
if (p != NULL)
*p++ = '\0';
net.n_net = inet_network(cp);
net.n_addrtype = AF_INET;
q = net.n_aliases = net_aliases;
if (p != NULL)
---> cp = p;
This sets the initial pointer to the next character after the first
blank following the network number. If there is no such character,
then this is NULL, and we just fall through with cp set to the start
of the network number.
>How-To-Repeat:
#include <stdlib.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
int
main(int argc, char **argv)
{
struct netent *np;
unsigned char *cp;
unsigned long ina;
char **cpp;
np = getnetbyname(argv[1]);
if (np == NULL) {
printf("getnetbyname: NULL\n");
} else {
cp = (unsigned char *)&np->n_net;
printf("getnetbyname: %d %d %d %d '%s'\n", cp[0], cp[1], cp[2],
cp[3], np->n_name);
if (*np->n_aliases != NULL) {
printf(" aliases:");
for (cpp = np->n_aliases; *cpp != NULL; cpp++)
printf(" '%s'", *cpp);
putchar('\n');
}
}
ina = inet_network(argv[1]);
cp = (unsigned char *)&ina;
printf("inet_network: %d %d %d %d\n", cp[0], cp[1], cp[2],
cp[3]);
return 0;
}
>Fix:
Remove the "if (p != NULL)" line.
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200111141532.fAEFWA601961>