Re: [PATCH] ftpfs: fix host lookup error handling

[Krzysztof Piecuch]

Sorry, I forgot to remove silly debugging code.

Attaching the *proper* patch.

Kind regards,
Krzysztof Piecuch

Sent with [ProtonMail](https://protonmail.com) Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Monday, August 26, 2019 6:50 PM, Krzysztof Piecuch <piec...@protonmail.com> 
wrote:

> Hello,
>
> I'm attaching a small patch to ftpfs. This fixes:
> * ftpfs null pointer dereference when provided with an invalid hostname
> * gethostbyname_r invocation
>
> Thank you,
> Chris
From 0c87f704a0355f3732d82d9703d7449f55436876 Mon Sep 17 00:00:00 2001
From: Krzysztof Piecuch <piec...@protonmail.com>
Date: Mon, 26 Aug 2019 13:43:18 -0400
Subject: [PATCH] ftpfs: fix host lookup error handling

---
 ftpfs/host.c | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/ftpfs/host.c b/ftpfs/host.c
index cd6fd4c0..ba1689b1 100644
--- a/ftpfs/host.c
+++ b/ftpfs/host.c
@@ -101,7 +101,10 @@ split_server_name (const char *server, char **host, char **user, char **passwd)
 error_t
 lookup_server (const char *server, struct ftp_conn_params **params, int *h_err)
 {
-  char hostent_data[2048];	/* XXX what size should this be???? */
+  size_t bufsize = 64;
+  const size_t bufsizemax = 4096;
+  int retval;
+  char *hostent_data = NULL;
   struct hostent _he, *he;
   char *host, *user, *passwd;
   error_t err = split_server_name (server, &host, &user, &passwd);
@@ -114,8 +117,16 @@ lookup_server (const char *server, struct ftp_conn_params **params, int *h_err)
      thread could have inserted a duplicate entry for the same host name, but
      this isn't really a problem, just annoying.  */
 
-  if (gethostbyname_r (host, &_he, hostent_data, sizeof hostent_data,
-		       &he, h_err) == 0)
+  do {
+    bufsize *= 2;
+    hostent_data = realloc(hostent_data, bufsize);
+    if (!hostent_data)
+      err = ENOMEM;
+    retval = gethostbyname_r (host, &_he, hostent_data, bufsize,
+                              &he, h_err);
+  }  while (!err && retval == ERANGE && bufsize < bufsizemax);
+
+  if (retval == 0 && he)
     {
       *params = malloc (sizeof (struct ftp_conn_params));
       if (! *params)
@@ -143,6 +154,7 @@ lookup_server (const char *server, struct ftp_conn_params **params, int *h_err)
     err = EINVAL;
 
   free (host);
+  free (hostent_data);
 
   if (err)
     {
-- 
2.20.1