addr_list and alias where on the same buffer offset. This led to corrupt addr_list which was overwritten by the resolved name.
Signed-off-by: Nikolaus Voss <[email protected]> --- libc/inet/resolv.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/libc/inet/resolv.c b/libc/inet/resolv.c index 021d5bf..4d96c5c 100644 --- a/libc/inet/resolv.c +++ b/libc/inet/resolv.c @@ -2402,6 +2402,8 @@ int gethostbyaddr_r(const void *addr, socklen_t addrlen, */ #define in6 ((struct in6_addr *)in) alias = (char **)buf; + buf += sizeof(*addr_list) * 2; + buflen -= sizeof(*addr_list) * 2; addr_list = (struct in_addr**)buf; buf += sizeof(*addr_list) * 2; buflen -= sizeof(*addr_list) * 2; -- 1.7.5.4 _______________________________________________ uClibc mailing list [email protected] http://lists.busybox.net/mailman/listinfo/uclibc
