PHP :: Bug #78479 :: gethostbyname can incorrectly return 0.0.0.0

Bug #78479

gethostbyname can incorrectly return 0.0.0.0

Submitted:

2019-08-30 21:17 UTC

Modified:

2019-09-04 07:32 UTC

Votes:	2
Avg. Score:	4.0 ± 1.0
Reproduced:	2 of 2 (100.0%)
Same Version:	1 (50.0%)
Same OS:	1 (50.0%)

From:

ryan at arctype dot co

Assigned:

Status:

Open

Package:

*Network Functions

PHP Version:

master-Git-2019-08-30 (Git)

OS:

Ubuntu Linux

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	ryan at arctype dot co
New email:
PHP Version:		OS:

New Comment:

[2019-08-30 21:17 UTC] ryan at arctype dot co

Description:
------------
Consider: 

<?php echo gethostbyname("www.google.com"); ?>
38.7.248.176

<?php echo gethostbyname("downloads.wordpress.org"); ?>
0.0.0.0

;; ANSWER SECTION:
www.google.com.		229	IN	A	216.58.193.196

;; ANSWER SECTION:
downloads.wordpress.org. 300	IN	A	198.143.164.250

The DNS on the host is running fine, DNS for downloads.wordpress.org is ok. We are however running on a dual-stack ipv4/v6 host. 

www.google.com has an AAAA record, downloads.wordpress.org does not. 

I suspect that gethostbyname() is returning an AAAA record from the system call to gethostbyname(3), which returns a struct hostent: 

           struct hostent {
               char  *h_name;            /* official name of host */
               char **h_aliases;         /* alias list */
               int    h_addrtype;        /* host address type */
               int    h_length;          /* length of address */
               char **h_addr_list;       /* list of addresses */
           }

While the PHP docs explicitly state that PHP's gethostbyname() returns the IPv4 address, the implementation does not restrict or check if the system call actually returns an AF_INET h_addrtype instead of AF_INET6, always assuming a v4 and copying sizeof(in_addr): https://github.com/php/php-src/blob/master/ext/standard/dns.c#L272 

According to the Linux man pages, "The gethostbyname*(), gethostbyaddr*(), herror(), and hstrerror() functions are obsolete.  Applications should use getaddrinfo(3), getnameinfo(3), and gai_strerror(3) instead."

"The  gethostbyaddr()  function  returns  a  structure  of  type  hostent  for the given host address addr of length len and address type type.  Valid address types are AF_INET and
       AF_INET6."

 
This problem has manifested elsewhere in this Wordpress bug report from a dual-stack host: https://core.trac.wordpress.org/ticket/38291

Patches

Pull Requests

Pull requests:

Fix #78479: Use gethostbyname2_r to specify AF_INET (php-src/6302)

History

AllCommentsChangesGit/SVN commitsRelated reports

[2019-08-31 01:44 UTC] zhangwenchao001 at gmail dot com

# chaochao @ KVM-Ubuntu in ~ [9:36:43]
$ php -a
Interactive mode enabled

php > echo gethostbyname("downloads.wordpress.org");
198.143.164.250

I have IPv4/IPv6, found no problems.

[2019-09-04 07:32 UTC] ryan at arctype dot co

Reproduced with docker-compose.yml:

version: '2.4'
services:
  php:
    image: php
    dns:
      - "4.2.2.2"
    dns_opt:
      - inet6
    command:
      - "sh"
      - "-c"
      - "echo '<?php echo gethostbyname(\"www.google.com\"); echo \"\\n\"; echo gethostbyname(\"downloads.wordpress.org\"); echo \"\\n\"; ?>' | php"


$ docker-compose up
Recreating php-bug_php_1 ... done
Attaching to php-bug_php_1
php_1  | 38.7.248.176
php_1  | 0.0.0.0
php-bug_php_1 exited with code 0

[2020-10-08 19:40 UTC] me at n-thumann dot de

The following pull request has been associated:

Patch Name: Fix #78479: Use gethostbyname2_r to specify AF_INET
On GitHub:  https://github.com/php/php-src/pull/6302
Patch:      https://github.com/php/php-src/pull/6302.patch

[2022-12-06 08:47 UTC] asri dot jasemi102 at gmail dot com

If you truly need to say thank you ! We'd really appreciate and be thankful expecting you leave a decent report on the module page. This is the best procedure for guiding say thank you to this undertaking and sponsorship bundle. (https://www.mylincolnportal.net/)github.com

[2022-12-07 06:01 UTC] amin dot jabari242 at gmail dot com

Keep sharing such informative post keep suggesting such post.   (https://www.surgecardinfo.us/)github.com

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 19:01:29 2024 UTC