Ubuntu
nginx package

Trouble if mapping hostname with multiple address

Bug #691871 reported by Mahyuddin Susanto
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
nginx (Ubuntu)
Fix Released
Undecided
Mahyuddin Susanto

Bug Description

Binary package hint: nginx

As describe at: http://nginx.org/pipermail/nginx/2010-December/024229.html
---
In ngx_inet.c, there is a code piece of function
"ngx_inet_resolve_host". If I set u->one_addr to 1, but unfortunately
this hostname map to multiple IP addresses, such as
[code]
10.37.4.92 myhost
127.0.0.1 myhost
[/code]
in /etc/hosts.

h->h_addr_list will be 2 entries before NULL. Each of them will be
converted to human readable format and assigned to u->addrs[ i ].
However, when one_addr is set, [b]u->addrs will be allocated ONLY ONE
ngx_addr_t mem.[/b] In this way, a mem crash is inevitable.

I set one_addr to 1 because I'm writing a custom module and want to
connect another server. Sadly the server is also running on the local
host with multiple IP in /etc/hosts. I want to connect the first IP
match that host name (10.37.4.92) because that server require a
non-lookback IP. I thought "one_addr" means "fetch the first found IP".
But seems I was wrong.

Besides this, I insist alloc mem with "i", but loop will h->h_addr_list
is very dangerous. Report an error is more suitable rather than leave a
time bomb.

Affected version: all versions!!!
--

$ apt-cache policy nginx
nginx:
  Installed: 0.7.65-1ubuntu2
  Candidate: 0.7.65-1ubuntu2
  Version table:
 *** 0.7.65-1ubuntu2 0
        500 http://mirrors.kernel.org/ubuntu/ lucid/universe Packages
        100 /var/lib/dpkg/status

$ nginx -V
nginx version: nginx/0.7.65
TLS SNI support enabled
configure arguments: --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx.pid --lock-path=/var/lock/nginx.lock --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/body --http-proxy-temp-path=/var/lib/nginx/proxy --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --with-debug --with-http_stub_status_module --with-http_flv_module --with-http_ssl_module --with-http_dav_module --with-http_gzip_static_module --with-http_realip_module --with-mail --with-mail_ssl_module --with-ipv6 --add-module=/build/buildd/nginx-0.7.65/modules/nginx-upstream-fair

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 10.04.1 LTS
Release: 10.04
Codename: lucid

See original description
Tags: patch
Revision history for this message
Mahyuddin Susanto (udienz) wrote :
Changed in nginx (Ubuntu):
assignee: nobody → Mahyuddin Susanto (udienz)
summary: - Trouble if mapping hostname mapping with multiple address
+ Trouble if mapping hostname with multiple address
tags: added: patch
Mahyuddin Susanto (udienz)
description: updated
Revision history for this message
Daniel Hahler (blueyed) wrote :

Just for reference, the proposed patch is taken from the mailing list, at http://nginx.org/pipermail/nginx/2010-December/024235.html

Revision history for this message
Mahyuddin Susanto (udienz) wrote :

@Daniel
yes already writing at patch file

Revision history for this message
Michael Lustfield (michaellustfield) wrote :

This is being dealt with upstream. It will be taken care of before Natty release. Please see bug 692087 and note the comment requesting a wait on the sync until 0.8.54-1 where the source is already patched.

Revision history for this message
Mahyuddin Susanto (udienz) wrote :

This is SRU updates, not natty

Revision history for this message
Mahyuddin Susanto (udienz) wrote :

This is SRU updates for lucid, not for natty

Changed in nginx (Ubuntu):
assignee: Mahyuddin Susanto (udienz) → nobody
Mahyuddin Susanto (udienz)
Changed in nginx (Ubuntu):
status: New → In Progress
tags: added: regression-proposed
Mahyuddin Susanto (udienz)
Changed in nginx (Ubuntu):
assignee: nobody → Mahyuddin Susanto (udienz)
Mahyuddin Susanto (udienz)
tags: removed: regression-proposed
Revision history for this message
Michael Lustfield (michaellustfield) wrote :

This has been fixed in Debian. I don't see where this bug should be SRU'ed. However, the new version of Nginx could be proposed for backports.

Changed in nginx (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Michael Lustfield (michaellustfield) wrote :

Marking as Fix Released as this has been resolved in Debian and the package has since been sync'ed to Ubuntu.

Changed in nginx (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.