Bug#600228: marked as done (byte order bug in afsconf_LookupServer())

Thu, 06 Jan 2011 19:51:27 -0800 

Your message dated Thu, 06 Jan 2011 19:49:36 -0800
with message-id <[email protected]>
and subject line SRV record byte order problem should now be fixed
has caused the Debian Bug report #600228,
regarding byte order bug in afsconf_LookupServer()
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
600228: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600228
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: openafs-krb5
Severity: normal

Hi,

found while using aklog, so reporting against -krb5...

=> src/auth/cellconfig.c:

] int
] afsconf_GetAfsdbInfo(char *acellName, char *aservice,
]                      struct afsconf_cell *acellInfo)
] {
]   [...]
]   code = afsconf_LookupServer((const char *)service, "udp",
]                               (const char *)acellName, afsdbport,
]                               cellHostAddrs, cellHostNames,
]                               ports, ipRanks, &numServers, &ttl,
]                               &realCellName);
]   [...]
]   acellInfo->hostAddr[i].sin_port = ports[i];

] int
] afsconf_LookupServer(const char *service, const char *protocol,
]                      const char *cellName, unsigned short afsdbPort,
]                      int *cellHostAddrs, char cellHostNames[][MAXHOSTCHARS],
]                      unsigned short ports[], unsigned short ipRanks[],
]                      int *numServers, int *ttl, char **arealCellName)
] {
]   [...]
    /* p[] is a byte pointer into the DNS answer to a type SRV query
       and points into the contents of the SRV RR right at the priority,
       so the dest port is at (p+4) */
]   ports[server_num] = (p[4] << 8) | p[5];

So ports[] is manually extracted from the DNS answer and thus implicitely
converted from network to host byte order, but not converted back when
assigning the (struct sin_addr).sin_port member.

Suggestion: Wrap either assignment with htons().


Regards,

Jan

--- End Message ---
--- Begin Message --- 
Version: 1.6.0~pre1-1

This should now be fixed in the current version in experimental.

-- 
Russ Allbery ([email protected])               <http://www.eyrie.org/~eagle/>

--- End Message ---

Reply via email to