- dtucker@cvs.openbsd.org 2008/06/12 00:03:49
[dns.c canohost.c sshconnect.c]
Do not pass "0" strings as ports to getaddrinfo because the lookups
can slow things down and we never use the service info anyway. bz
#859, patch from YOSHIFUJI Hideaki and John Devitofranceschi. ok
deraadt@ djm@
djm belives that the reason for the "0" strings is to ensure that
it's not possible to call getaddrinfo with both host and port being
NULL. In the case of canohost.c host is a local array. In the
case of sshconnect.c, it's checked for null immediately before use.
In dns.c it ultimately comes from ssh.c:main() and is guaranteed to
be non-null but it's not obvious, so I added a warning message in
case it is ever passed a null.
diff --git a/dns.c b/dns.c
index a89176f..a7da03f 100644
--- a/dns.c
+++ b/dns.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dns.c,v 1.24 2007/01/03 03:01:40 stevesk Exp $ */
+/* $OpenBSD: dns.c,v 1.25 2008/06/12 00:03:49 dtucker Exp $ */
/*
* Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -145,11 +145,20 @@
{
struct addrinfo hints, *ai;
+ /*
+ * We shouldn't ever get a null host but if we do then log an error
+ * and return -1 which stops DNS key fingerprint processing.
+ */
+ if (hostname == NULL) {
+ error("is_numeric_hostname called with NULL hostname");
+ return -1;
+ }
+
memset(&hints, 0, sizeof(hints));
hints.ai_socktype = SOCK_DGRAM;
hints.ai_flags = AI_NUMERICHOST;
- if (getaddrinfo(hostname, "0", &hints, &ai) == 0) {
+ if (getaddrinfo(hostname, NULL, &hints, &ai) == 0) {
freeaddrinfo(ai);
return -1;
}