Public bug reported: The bug is present in raring, but also in the upstream 3.0.0 release.
This code from newsocket in sock.c: int herrno; struct sockaddr_in cli; struct hostent *hp; ... { struct hostent hent; char hbf[8192]; memset(hbf, '\0', sizeof hbf); /* for systems using GNU libc */ if((gethostbyname_r(hostparam, &hent, hbf, sizeof(hbf), &hp, &herrno) < 0)){ hp = NULL; } } if(hp == NULL){ return -1; } memset((void*) &cli, 0, sizeof(cli)); memcpy(&cli.sin_addr, hp->h_addr, hp->h_length); invokes undefined behaviour because gethostbyname_r points hp at the 'hent' automatic variable but hp is used after the execution of the scope that declared it, in violation of section 6.2.4 of the C99 standard. The particular undefined behaviour I see is that cli.sin_addr ends up being all bits 0, and so the connection goes to localhost. ** Affects: siege (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1175869 Title: coding error can lead to connections going to localhost rather than desired system To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/siege/+bug/1175869/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs