nss-resolve: fix blank check using is_blank_object instead of is_blank_array#42610
Conversation
bc2143c to
bf19f79
Compare
|
@yuwata I initially only fixed the p.names check at line 651. After further review, the same bug exists for p.addresses at lines 267 and 432— both fields are declared as SD_JSON_VARIANT_ARRAY in the dispatch table, so the same is_blank_object → is_blank_array fix applies. I've updated the commit to include all three callsites. |
Claude review of PR #42610 (9fc9b4c)The core fix is correct and complete: All robustness and h_errno-consistency gaps raised in earlier review rounds are now addressed: the added Suggestions
Nits
|
bf19f79 to
de6ae11
Compare
|
@bluca Done, added if (n_addresses == 0) goto not_found; after the counting loop in both gethostbyname4_r and gethostbyname3_r paths. Thank you for the review! |
de6ae11 to
10b499a
Compare
Use sd_json_variant_is_blank_array() instead of is_blank_object() for p.addresses and p.names, which are declared as JSON arrays. The wrong predicate never triggered, allowing empty arrays to bypass the guards: for p.names this caused a size_t underflow leading to an out-of-bounds heap write; for p.addresses it returned success with no addresses. Add explicit n_addresses == 0 guards after the family-filter loops so entries with unsupported families also return NOTFOUND rather than crashing on a NULL dereference. In gethostbyname3_r (family-specific entry point), return NO_DATA for all zero-address results — both blank array and all-filtered — since both mean "name resolved, no record of the requested family". Keep HOST_NOT_FOUND in gethostbyname4_r (both-families) where a blank or all-unsupported result genuinely means the name was not found. Signed-off-by: dongshengyuan <dongshengyuan@uniontech.com> Co-developed-by: Claude Opus 4.8 <noreply@anthropic.com>
10b499a to
9fc9b4c
Compare
|
Completed. Please review. |
Use sd_json_variant_is_blank_array() instead of is_blank_object() for
p.addresses and p.names, which are declared as JSON arrays. The wrong
predicate never triggered, allowing empty arrays to bypass the guards:
for p.names this caused a size_t underflow leading to an out-of-bounds
heap write; for p.addresses it returned success with no addresses.
Add explicit n_addresses == 0 guards after the family-filter loops so
entries with unsupported families also return NOTFOUND rather than
crashing on a NULL dereference.
In gethostbyname3_r (family-specific entry point), return NO_DATA for
all zero-address results — both blank array and all-filtered — since
both mean "name resolved, no record of the requested family". Keep
HOST_NOT_FOUND in gethostbyname4_r (both-families) where a blank or
all-unsupported result genuinely means the name was not found.
Signed-off-by: dongshengyuan dongshengyuan@uniontech.com
Co-developed-by: Claude Opus 4.8 noreply@anthropic.com