#1 resolver initialisation unstable/missing

[J. E. Klasek]

Applications using libspf2 1.2.5 in Solaris 9 or Solaris 8 with
with a newer libresolv patch 114354 (Sol9_x86) dumps core.

Analysis of this behaviour:

The core dump shows that libresolv wants to free memory
never aquired leading to a raise of SIGSEGV.
The root of this problem is sitting in
libspf2/spf_dns_resolv.c, where the resolver state information
buffer is dynamically allocated but *not* initialized before
the first call to res_ninit()! Newer bind resolver libraries
seem to try to cleanup the "old" structure before they start
using it. If this structure contains garbage which may lead to
closing of not existing descriptors and freeing of never allocated memory regions ...
Fixing this is easy: just check if malloc() is successful *and*
set the buffer to zero!

My suggested change of code (works at least for me):

res_state = (struct __res_state *)
malloc(sizeof(struct __res_state));
if (res_state == NULL) {
SPF_error("Failed to aquire res_state memory");
return NULL;
}
/* Always initialize to zero, some resolver libary may
* try to expect an old state which will then used
* to cleanup from this previous state - if this is garbage
* the resolver library could raise a fault after some time ...
*/
memset((void *)res_state, 0, sizeof(struct __res_state));

See attached patch (diff -c).

Johann Klasek

[J. E. Klasek]

Patch (diff -c)