A bug was found in some C++ code recently, in my company. This code is
used on server software for when we have MX lookups for sending mail.
It was found by a customer (*yikes*) after they had applied a Sun
recommended patched cluster on their Solaris server:
if (resState == NULL) {
resState = new __res_state; //__res_state is a struct
if (res_ninit( resState ) < 0)
throw DNSException( "res_ninit failed h_errno=%d",
resState->res_h_errno );
}
What happened was, after the customer put on the patch cluster (which
installed a new copy of libresolv.so, a shared library for DNS
lookups) was that the call to res_ninit() would cause a segmentation
fault.
The issue is that __res_state is a nested struct -- it has anonymous
structs as data members, and of course there is no constructor. When
memory is allocated for it, there are parts of the complex data
structure that are not initialized correctly when using 'new', and the
call to res_ninit would fail as it tried to dereference uninitialized
data.
The solution, as I found in the documentation from Sun, was to
allocate memory and then fill the memory with 0s, using malloc() +
bzero(), or even better, using calloc() (bzero() is a deprecated
system call on Solaris). calloc(), of course, will zero out the
memory, since it's normally used to create arrays, but we create an
array of one element. We were lucky this had been working all along!
-- Brett
------------------------------------------------------------
"In the rhythm of music a secret is hidden;
If I were to divulge it, it would overturn the world."
-- Jelaleddin Rumi
