ports/65501: [MAINTAINER] net-mgmt/arpwatch-devel: dns resolution bug

Tue Apr 13 19:20:20 UTC 2004

>Number:         65501
>Category:       ports
>Synopsis:       [MAINTAINER] net-mgmt/arpwatch-devel: dns resolution bug
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Apr 13 12:20:19 PDT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Matthew George
>Release:        FreeBSD 5.2-CURRENT i386
>Organization:
SecureWorks
>Environment:
System: FreeBSD mdg.secureworks.net 5.2-CURRENT FreeBSD 5.2-CURRENT #2: Mon Mar 29 12:02:58 EST 2004 mdg at mdg.secureworks.net:/usr/obj/usr/src/sys/GENERIC i386


>Description:

	The function used to resolve hostnames was using an isdigit()
check. This fails to resolve valid domains that begin with a number.

>How-To-Repeat:

	Trigger an arpwatch event pertaining to a host that resolves to a
problem domain.

>Fix:

	Thanks to Scott Allendorf for the heads up (and patches)

--- Makefile.orig	Tue Apr 13 15:00:04 2004
+++ Makefile	Tue Apr 13 15:00:44 2004
@@ -7,7 +7,7 @@

 PORTNAME=	arpwatch
 PORTVERSION=	2.1.a11
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	net-mgmt
 MASTER_SITES=	http://www.Awfulhak.org/arpwatch/ \
 		ftp://ftp.ee.lbl.gov/

--- patch-ai.orig	Tue Mar 30 04:11:56 2004
+++ patch-ai	Tue Apr 13 14:41:13 2004
@@ -1,22 +1,22 @@
 --- db.c.orig	Sat Sep 30 19:39:58 2000
-+++ db.c	Mon Mar 29 14:26:14 2004
++++ db.c	Tue Apr 13 14:39:50 2004
 @@ -41,6 +41,7 @@
  #include <string.h>
  #include <syslog.h>
  #include <unistd.h>
 +#include <pthread.h>
-
+
  #include "gnuc.h"
  #ifdef HAVE_OS_PROTO_H
 @@ -54,18 +55,9 @@
  #include "report.h"
  #include "util.h"
-
+
 -#define HASHSIZE (2 << 15)
 -
  #define NEWACTIVITY_DELTA (6*30*24*60*60)	/* 6 months in seconds */
  #define FLIPFLIP_DELTA (24*60*60)		/* 24 hours in seconds */
-
+
 -/* Ethernet info */
 -struct einfo {
 -	u_char e[6];		/* ether address */
@@ -30,7 +30,7 @@
 @@ -78,22 +70,69 @@
  /* Address hash table */
  static struct ainfo ainfo_table[HASHSIZE];
-
+
 +
 +/* Ethernet hash table */
 +struct einfo einfo_table[HASHSIZE];
@@ -44,7 +44,7 @@
 +static struct einfo *einfo_find(u_char *);
  static void check_hname(struct ainfo *);
  struct ainfo *newainfo(void);
-
+
 +pthread_mutex_t mtx_einfo, mtx_ainfo;
 +
  int
@@ -75,7 +75,7 @@
 +		  BCOPY(e, ep->e, sizeof(ep->e));
 +		  if (h == NULL)
 +		    h = getsname(a);
-+		  if (h != NULL && !isdigit((int)*h))
++		  if (h != NULL)
 +		    strncpy(ep->h, h, sizeof(ep->h));
 +		  ep->t = t;
 +		  strncpy(ep->iface, interface, sizeof(ep->iface));
@@ -97,7 +97,7 @@
 +
 +	pthread_mutex_unlock(&mtx_einfo);
 +	pthread_mutex_lock(&mtx_ainfo);
-
+
  	/* Lookup ip address */
  	ap = ainfo_find(a);
 @@ -101,28 +140,30 @@
@@ -117,7 +117,7 @@
 -			return (1);
  		}
  	}
-
+
  	/* Check for a virgin ainfo record */
  	if (ap->ecount == 0) {
  		ap->ecount = 1;
@@ -129,7 +129,7 @@
 +		e2 = NULL;
 +		t2 = 0;
  	}
-
+
  	/* Check for a flip-flop */
  	if (ap->ecount > 1) {
  		ep = ap->elist[1];
@@ -160,7 +160,7 @@
 -			return (1);
  		}
  	}
-
+
  	for (i = 2; i < ap->ecount; ++i) {
  		ep = ap->elist[i];
 -		if (MEMCMP(e, ep->e, 6) == 0) {
@@ -180,7 +180,7 @@
 -			return (1);
  		}
  	}
-
+
 -	/* New ether address */
 -	e2 = ap->elist[0]->e;
 -	t2 = ap->elist[0]->t;
@@ -230,7 +230,7 @@
 +
 +	return(NULL);
  }
-
+
  static struct ainfo *
 @@ -259,7 +328,7 @@
  /* Allocate and initialize a elist struct */
@@ -242,15 +242,16 @@
  	register struct einfo *ep;
  	register u_int size;
 @@ -280,12 +349,16 @@
-
+
  	ep = elist++;
  	--eleft;
 -	BCOPY(e, ep->e, 6);
 +	BCOPY(e, ep->e, sizeof(ep->e));
  	if (h == NULL && !initializing)
  		h = getsname(a);
- 	if (h != NULL && !isdigit((int)*h))
+-	if (h != NULL && !isdigit((int)*h))
 -		strcpy(ep->h, h);
++	if (h != NULL)
 +		strncpy(ep->h, h, sizeof(ep->h));
  	ep->t = t;
 +
@@ -259,13 +260,17 @@
 +
  	return (ep);
  }
-
-@@ -304,7 +377,7 @@
- 	if (!isdigit((int)*h) && strcmp(h, ep->h) != 0) {
+
+@@ -301,10 +374,10 @@
+ 		return;
+ 	ep = ap->elist[0];
+ 	h = getsname(ap->a);
+-	if (!isdigit((int)*h) && strcmp(h, ep->h) != 0) {
++	if (h != NULL && strcmp(h, ep->h) != 0) {
  		syslog(LOG_INFO, "hostname changed %s %s %s -> %s",
  		    intoa(ap->a), e2str(ep->e), ep->h, h);
 -		strcpy(ep->h, h);
 +		strncpy(ep->h, h, sizeof(ep->h));
  	}
  }
-
+

--- patch-an.orig	Tue Mar 30 04:11:56 2004
+++ patch-an	Tue Apr 13 14:40:51 2004
@@ -1,7 +1,7 @@
 --- report.c.orig	Sat Sep 30 19:41:10 2000
-+++ report.c	Mon Mar 29 14:24:36 2004
++++ report.c	Tue Apr 13 14:39:50 2004
 @@ -45,6 +45,8 @@
-
+
  #include <ctype.h>
  #include <errno.h>
 +#include <fcntl.h>
@@ -10,17 +10,17 @@
  #include <stdio.h>
  #include <stdlib.h>
 @@ -70,6 +72,8 @@
-
+
  #define PLURAL(n) ((n) == 1 || (n) == -1 ? "" : "s")
-
+
 +extern char *Watcher;
 +
  static int cdepth;	/* number of outstanding children */
-
+
  static char *fmtdate(time_t);
 @@ -232,15 +236,16 @@
  }
-
+
  void
 -report(register char *title, register u_int32_t a, register u_char *e1,
 -    register u_char *e2, register time_t *t1p, register time_t *t2p)
@@ -41,7 +41,7 @@
 @@ -251,9 +256,15 @@
  	if (initializing)
  		return;
-
+
 +	/* these types are sent to syslog instead of reported on.
 +	 * only continue if there are other events as well
 +	 */
@@ -57,18 +57,20 @@
  		f = stdout;
 @@ -270,7 +281,7 @@
  		}
-
+
  		/* Syslog this event too */
 -		dosyslog(LOG_NOTICE, title, a, e1, e2);
 +		dosyslog(LOG_NOTICE, "event", a, e1, e2);
-
+
  		/* Update child depth */
  		++cdepth;
-@@ -304,12 +315,31 @@
+@@ -303,13 +314,32 @@
+ 	(void)fprintf(f, "From: %s\n", watchee);
  	(void)fprintf(f, "To: %s\n", watcher);
  	hn = gethname(a);
- 	if (!isdigit(*hn))
+-	if (!isdigit(*hn))
 -		(void)fprintf(f, "Subject: %s (%s)\n", title, hn);
++	if (hn != NULL)
 +		(void)fprintf(f, "Subject: Arpwatch Event (%s)\n", hn);
  	else {
 -		(void)fprintf(f, "Subject: %s\n", title);


# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	patch-ar
#
echo x - patch-ar
sed 's/^X//' >patch-ar << 'END-of-patch-ar'
X--- dns.c.orig	Fri Oct 13 21:50:52 2000
X+++ dns.c	Tue Apr 13 14:39:50 2004
X@@ -137,7 +137,7 @@
X 	return (0);
X }
X
X-/* Return the cannonical name of the host */
X+/* Return the canonical name of the host (NULL if not found) */
X char *
X gethname(u_int32_t a)
X {
X@@ -150,18 +150,18 @@
X 	hp = gethostbyaddr((char *)&a, sizeof(a), AF_INET);
X 	_res.options = options;
X 	if (hp == NULL)
X-		return (intoa(a));
X+		return NULL;
X 	return (hp->h_name);
X }
X
X-/* Return the simple name of the host */
X+/* Return the simple name of the host (NULL if not found) */
X char *
X getsname(register u_int32_t a)
X {
X 	register char *s, *cp;
X
X 	s = gethname(a);
X-	if (!isdigit((int)*s)) {
X+	if (s != NULL) {
X 		cp = strchr(s, '.');
X 		if (cp != NULL)
X 			*cp = '\0';
END-of-patch-ar
exit


-- 
Matthew George
SecureWorks Technical Operations

>Release-Note:
>Audit-Trail:
>Unformatted:

