Date: Mon, 19 Jan 2004 07:31:36 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Saint Aardvark the Carpeted <aardvark@saintaardvarkthecarpeted.com> Cc: freebsd-questions@freebsd.org Subject: Re: ypset(8) attempts to bind to Weird IP (and possible solution) Message-ID: <20040119073136.GA8185@happy-idiot-talk.infracaninophile.co.uk> In-Reply-To: <20040118211958.GP11291@hardesty.saintaardvarkthecarpeted.com> References: <20040118211958.GP11291@hardesty.saintaardvarkthecarpeted.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
On Sun, Jan 18, 2004 at 01:19:58PM -0800, Saint Aardvark the Carpeted wrote:
> The problem seems to come in at lines 142/143: before this,
> sin.sin_addr.s_addr is localhost (as set at line 130), as is
> hent->h_addr_list[0][0]. *After* this, it's set with the Weird IP,
> bind_tohost() is called, and packets go off to the Weird IP.
>
> ObDisclaimer: I Am Not A Programmer, and my knowledge of C is pretty
> slim. But: if I change lines 142/143 to:
>
> bcopy(&hent->h_addr_list[0][0], &sin.sin_addr, sizeof sin.sin_addr);
>
> then the Weird IP doesn't show up in sin, and ypset only tries to bind
> to the IP address listed in its arguments.
>
> Looking through man pages and header files, it looks like
> hostent->h_addr_list is an array of pointers to chars (is that the
> right term?):
>
> char **h_addr_list
>
> and so gethostbyname is returning the IP address as the *first entry*
> in that list. It makes sense to me, then, that bcopy should have
> h_addr_list[0][0] as its first argument.
Nice analysis. Yes, it looks to me like you've discovered a real bug
here. Someone is taking the address of what is already a pointer --
an equivalent to the fix you show would be:
bcopy(hent->h_addr_list[0], &sin.sin_addr, sizeof sin.sin_addr);
which is possibly slightly clearer as to intent.
Another point in your argument would be to convert those weird IP
addresses to hexadecimal:
164.110.15.40 = 0xa46e0f28
132.110.15.40 = 0x846e0f28
and use gdb to compare those values with the contents of the *hent
structure.
Please do submit a PR with your analysis and a patch. It's slightly
perturbing that no-one spotted this a long time ago, but these things
happen from time to time.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFAC4fYdtESqEQa7a0RAtPrAKCRRhvNZadt8R9NjSTrihvjMQjVWgCeI0i+
yOoQ8onWxymY7QcsQ4qS00o=
=EQgP
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040119073136.GA8185>