If we get an allocation failure on 2nd or later entry in the sortlist, the
code would return ENOMEM but still leave the initial entries allocated.
Ensure that *sortlist is set to NULL whenever ENOMEM is returned.
If the attempt to transfer IPv6 servers from the old to the new channel
fails, the previous code would still return a channel to the user even though
an error return code was generated. This makes it likely that users would
leak the channel, so explicitly clear the channel in this case.
If (say) init_by_options() fails, the subsequent call to
init_by_defaults() was overwriting the return code with
success. Still call init_by_defaults() regardless, but track
its return value separately
If an AF_UNSPEC query gets a valid response to its AAAA query,
but which has no IPv6 addresses in it, then the code chains on to
a A record query. However, the hostent from the AAAA response
was being leaked along the way (because it gets replaced before
the follow-on end_hquery() invocation).
If we get an allocation failure when processing a particular substring in a
TXT record, that failure is silently lost; fix that by propagating errors from
the inner loop to the outer loop.
When a server rejects an EDNS-equipped request, we retry without
the EDNS option. However, in TCP mode, the 2-byte length prefix was
being calculated wrong -- it was built from the answer length rather than
the length of the original request.
Also, it is theoretically possible that the call to realloc() might change
the data pointed to; to allow for this, qbuf also needs updating.
(Both these fixes were actually included in a patchset sent on the mailing
list in Oct 2012, but were included with other functional changes that
didn't get merged:
http://c-ares.haxx.se/mail/c-ares-archive-2012-10/0004.shtml)
The top two bits of the label length indicate whether this is a
label length (00) or an index to a name elsewhere in the message
(11). RFC1035 4.1.4 says that the other possible values for the
top two bits (01, 10) are reserved for future use.
CID 56884, pointed out by Coverity. We really should make this function
return an error code so that a malloc() failure can return back a major
failure.
Update for commit affc63cba8.
The original patch from Gregor Jasny did not have the break
statement; I incorrectly added it to prevent continuing the loop.
However, the later entries in the array would then be left
uninitialized, causing problems for later cleanup.
So fix to match Gregor's original patch, with apologies.
On iPhone targets like iOS, watchOS or tvOS the file
/etc/resolv.conf cannot be used to configure cares.
Instead the resolver library is queried for configuration
values.
CC: Yury Kirpichev <ykirpichev@yandex-team.ru>
This patch is fixing the dns lookup issue due to dummy dns information
of a disconnected adapter(in my case is a bluetooth adapter). I changed
the dns lookup policy to try GetNetworkParams first because the
GetNetworkParams provides the most reliable dns information (lots of
checks were done by system). I also filter out inoperable adapter in
DNS_AdaptersAddresses in case GetNetworkParams fail.
It's possible that, if ares_save_options failed, the opts structure
would contain some allocated memory. Calling ares_destroy_options in
this case is safe, because ares_save_options zeroes out the memory
initially.
When attempting to build a search domain from the local hostname
(used as a fallback when no other methods have given a search
domain), the code doubles the buffer size on each loop iteration.
However, the loop previously had a WHILE_FALSE terminator so the continue
statement exited the loop rather than going round again.
The problem occurs if at the start of the loop the sockindex is at the
last valid ARES_GETSOCK_MAXNUM position. If then both udp_socket and
tcp_socket are valid, sockindex gets incremented for UDP first and
points one entry behind the array for the tcp block.
So the fix is to check after every increment of sockindex if it is still
valid.
Fix Coverity error CID 56878
Signed-off-by: Gregor Jasny <gjasny@googlemail.com>
Previously, when an ares_gethostbyname() searched with AF_UNSPEC and the
first AF_INET6 call only returned CNAMEs, the host_callback never
retried AF_INET.
This patch makes sure than on ARES_SUCCESS, the result of AF_INET6 is
taken as authoritative only if the result contains some addresses.
Commit ee22246507 added the -s <domain> option to the
ahost command, but neglected to update the man page to
describe it.
Also fix typo in description of -t option.
There are two issues.
1. gcc actually does not use __ppc__ and __ppc64__ but __PPC__ and
__PPC64__. The tests of __ILP32__ and __LP64__ are sufficient for gcc.
2. clang defines __GNU__ and defines both __ppc64__ and __ppc__ when
targeting ppc64. This makes CARES_SIZEOF_LONG to be 4 on a ppc64 system
when building with clang.
My patch is two change the order of the checks so that we check the
64-bit case first.
We noticed a small buglet in ares_search() when it gets an empty string
as input -- the single_domain() utility function in ares_search.c
accesses invalid memory (before the start of the string).