Date: Tue, 13 Apr 2004 15:16:11 -0400 (EDT) From: Matthew George <mdg@secureworks.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/65501: [MAINTAINER] net-mgmt/arpwatch-devel: dns resolution bug Message-ID: <20040413150222.E31183@localhost> Resent-Message-ID: <200404131920.i3DJKKli059029@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 65501 >Category: ports >Synopsis: [MAINTAINER] net-mgmt/arpwatch-devel: dns resolution bug >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Tue Apr 13 12:20:19 PDT 2004 >Closed-Date: >Last-Modified: >Originator: Matthew George >Release: FreeBSD 5.2-CURRENT i386 >Organization: SecureWorks >Environment: System: FreeBSD mdg.secureworks.net 5.2-CURRENT FreeBSD 5.2-CURRENT #2: Mon Mar 29 12:02:58 EST 2004 mdg@mdg.secureworks.net:/usr/obj/usr/src/sys/GENERIC i386 >Description: The function used to resolve hostnames was using an isdigit() check. This fails to resolve valid domains that begin with a number. >How-To-Repeat: Trigger an arpwatch event pertaining to a host that resolves to a problem domain. >Fix: Thanks to Scott Allendorf for the heads up (and patches) --- Makefile.orig Tue Apr 13 15:00:04 2004 +++ Makefile Tue Apr 13 15:00:44 2004 @@ -7,7 +7,7 @@ PORTNAME= arpwatch PORTVERSION= 2.1.a11 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= net-mgmt MASTER_SITES= http://www.Awfulhak.org/arpwatch/ \ ftp://ftp.ee.lbl.gov/ --- patch-ai.orig Tue Mar 30 04:11:56 2004 +++ patch-ai Tue Apr 13 14:41:13 2004 @@ -1,22 +1,22 @@ --- db.c.orig Sat Sep 30 19:39:58 2000 -+++ db.c Mon Mar 29 14:26:14 2004 ++++ db.c Tue Apr 13 14:39:50 2004 @@ -41,6 +41,7 @@ #include <string.h> #include <syslog.h> #include <unistd.h> +#include <pthread.h> - + #include "gnuc.h" #ifdef HAVE_OS_PROTO_H @@ -54,18 +55,9 @@ #include "report.h" #include "util.h" - + -#define HASHSIZE (2 << 15) - #define NEWACTIVITY_DELTA (6*30*24*60*60) /* 6 months in seconds */ #define FLIPFLIP_DELTA (24*60*60) /* 24 hours in seconds */ - + -/* Ethernet info */ -struct einfo { - u_char e[6]; /* ether address */ @@ -30,7 +30,7 @@ @@ -78,22 +70,69 @@ /* Address hash table */ static struct ainfo ainfo_table[HASHSIZE]; - + + +/* Ethernet hash table */ +struct einfo einfo_table[HASHSIZE]; @@ -44,7 +44,7 @@ +static struct einfo *einfo_find(u_char *); static void check_hname(struct ainfo *); struct ainfo *newainfo(void); - + +pthread_mutex_t mtx_einfo, mtx_ainfo; + int @@ -75,7 +75,7 @@ + BCOPY(e, ep->e, sizeof(ep->e)); + if (h == NULL) + h = getsname(a); -+ if (h != NULL && !isdigit((int)*h)) ++ if (h != NULL) + strncpy(ep->h, h, sizeof(ep->h)); + ep->t = t; + strncpy(ep->iface, interface, sizeof(ep->iface)); @@ -97,7 +97,7 @@ + + pthread_mutex_unlock(&mtx_einfo); + pthread_mutex_lock(&mtx_ainfo); - + /* Lookup ip address */ ap = ainfo_find(a); @@ -101,28 +140,30 @@ @@ -117,7 +117,7 @@ - return (1); } } - + /* Check for a virgin ainfo record */ if (ap->ecount == 0) { ap->ecount = 1; @@ -129,7 +129,7 @@ + e2 = NULL; + t2 = 0; } - + /* Check for a flip-flop */ if (ap->ecount > 1) { ep = ap->elist[1]; @@ -160,7 +160,7 @@ - return (1); } } - + for (i = 2; i < ap->ecount; ++i) { ep = ap->elist[i]; - if (MEMCMP(e, ep->e, 6) == 0) { @@ -180,7 +180,7 @@ - return (1); } } - + - /* New ether address */ - e2 = ap->elist[0]->e; - t2 = ap->elist[0]->t; @@ -230,7 +230,7 @@ + + return(NULL); } - + static struct ainfo * @@ -259,7 +328,7 @@ /* Allocate and initialize a elist struct */ @@ -242,15 +242,16 @@ register struct einfo *ep; register u_int size; @@ -280,12 +349,16 @@ - + ep = elist++; --eleft; - BCOPY(e, ep->e, 6); + BCOPY(e, ep->e, sizeof(ep->e)); if (h == NULL && !initializing) h = getsname(a); - if (h != NULL && !isdigit((int)*h)) +- if (h != NULL && !isdigit((int)*h)) - strcpy(ep->h, h); ++ if (h != NULL) + strncpy(ep->h, h, sizeof(ep->h)); ep->t = t; + @@ -259,13 +260,17 @@ + return (ep); } - -@@ -304,7 +377,7 @@ - if (!isdigit((int)*h) && strcmp(h, ep->h) != 0) { + +@@ -301,10 +374,10 @@ + return; + ep = ap->elist[0]; + h = getsname(ap->a); +- if (!isdigit((int)*h) && strcmp(h, ep->h) != 0) { ++ if (h != NULL && strcmp(h, ep->h) != 0) { syslog(LOG_INFO, "hostname changed %s %s %s -> %s", intoa(ap->a), e2str(ep->e), ep->h, h); - strcpy(ep->h, h); + strncpy(ep->h, h, sizeof(ep->h)); } } - + --- patch-an.orig Tue Mar 30 04:11:56 2004 +++ patch-an Tue Apr 13 14:40:51 2004 @@ -1,7 +1,7 @@ --- report.c.orig Sat Sep 30 19:41:10 2000 -+++ report.c Mon Mar 29 14:24:36 2004 ++++ report.c Tue Apr 13 14:39:50 2004 @@ -45,6 +45,8 @@ - + #include <ctype.h> #include <errno.h> +#include <fcntl.h> @@ -10,17 +10,17 @@ #include <stdio.h> #include <stdlib.h> @@ -70,6 +72,8 @@ - + #define PLURAL(n) ((n) == 1 || (n) == -1 ? "" : "s") - + +extern char *Watcher; + static int cdepth; /* number of outstanding children */ - + static char *fmtdate(time_t); @@ -232,15 +236,16 @@ } - + void -report(register char *title, register u_int32_t a, register u_char *e1, - register u_char *e2, register time_t *t1p, register time_t *t2p) @@ -41,7 +41,7 @@ @@ -251,9 +256,15 @@ if (initializing) return; - + + /* these types are sent to syslog instead of reported on. + * only continue if there are other events as well + */ @@ -57,18 +57,20 @@ f = stdout; @@ -270,7 +281,7 @@ } - + /* Syslog this event too */ - dosyslog(LOG_NOTICE, title, a, e1, e2); + dosyslog(LOG_NOTICE, "event", a, e1, e2); - + /* Update child depth */ ++cdepth; -@@ -304,12 +315,31 @@ +@@ -303,13 +314,32 @@ + (void)fprintf(f, "From: %s\n", watchee); (void)fprintf(f, "To: %s\n", watcher); hn = gethname(a); - if (!isdigit(*hn)) +- if (!isdigit(*hn)) - (void)fprintf(f, "Subject: %s (%s)\n", title, hn); ++ if (hn != NULL) + (void)fprintf(f, "Subject: Arpwatch Event (%s)\n", hn); else { - (void)fprintf(f, "Subject: %s\n", title); # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # patch-ar # echo x - patch-ar sed 's/^X//' >patch-ar << 'END-of-patch-ar' X--- dns.c.orig Fri Oct 13 21:50:52 2000 X+++ dns.c Tue Apr 13 14:39:50 2004 X@@ -137,7 +137,7 @@ X return (0); X } X X-/* Return the cannonical name of the host */ X+/* Return the canonical name of the host (NULL if not found) */ X char * X gethname(u_int32_t a) X { X@@ -150,18 +150,18 @@ X hp = gethostbyaddr((char *)&a, sizeof(a), AF_INET); X _res.options = options; X if (hp == NULL) X- return (intoa(a)); X+ return NULL; X return (hp->h_name); X } X X-/* Return the simple name of the host */ X+/* Return the simple name of the host (NULL if not found) */ X char * X getsname(register u_int32_t a) X { X register char *s, *cp; X X s = gethname(a); X- if (!isdigit((int)*s)) { X+ if (s != NULL) { X cp = strchr(s, '.'); X if (cp != NULL) X *cp = '\0'; END-of-patch-ar exit -- Matthew George SecureWorks Technical Operations >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040413150222.E31183>