- dtucker@cvs.openbsd.org 2008/06/12 00:03:49

     [dns.c canohost.c sshconnect.c]
     Do not pass "0" strings as ports to getaddrinfo because the lookups
     can slow things down and we never use the service info anyway. bz
     #859, patch from YOSHIFUJI Hideaki and John Devitofranceschi.  ok
     deraadt@ djm@
     djm belives that the reason for the "0" strings is to ensure that
     it's not possible to call getaddrinfo with both host and port being
     NULL.  In the case of canohost.c host is a local array.  In the
     case of sshconnect.c, it's checked for null immediately before use.
     In dns.c it ultimately comes from ssh.c:main() and is guaranteed to
     be non-null but it's not obvious, so I added a warning message in
     case it is ever passed a null.

1 files changed, 11 insertions, 2 deletions

diff --git a/dns.c b/dns.c
index a89176f88..a7da03fa3 100644
--- a/dns.c
+++ b/dns.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dns.c,v 1.24 2007/01/03 03:01:40 stevesk Exp $ */
+/* $OpenBSD: dns.c,v 1.25 2008/06/12 00:03:49 dtucker Exp $ */
 
 /*
  * Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -145,11 +145,20 @@ is_numeric_hostname(const char *hostname)
 {
         struct addrinfo hints, *ai;
 
+        /*
+         * We shouldn't ever get a null host but if we do then log an error
+         * and return -1 which stops DNS key fingerprint processing.
+         */
+        if (hostname == NULL) {
+                error("is_numeric_hostname called with NULL hostname");
+                return -1;
+        }
+
         memset(&hints, 0, sizeof(hints));
         hints.ai_socktype = SOCK_DGRAM;
         hints.ai_flags = AI_NUMERICHOST;
 
-        if (getaddrinfo(hostname, "0", &hints, &ai) == 0) {
+        if (getaddrinfo(hostname, NULL, &hints, &ai) == 0) {
                 freeaddrinfo(ai);
                 return -1;
         }