|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #43853 Some IP addresses are note resolved by gethostbyaddr()
Submitted: 2008-01-15 09:23 UTC Modified: 2008-01-29 07:36 UTC
From: radonov at ecad dot tu-sofia dot bg Assigned:
Status: Not a bug Package: Network related
PHP Version: 4.4.8, 5CVS OS: Solaris
Private report: No CVE-ID: None
 [2008-01-15 09:23 UTC] radonov at ecad dot tu-sofia dot bg
Some IP addresses are note resolved by gethostbyaddr() under Solaris 8. Solrais nslookup resolves the addresses normaly.

Reproduce code:
The result is:
string(13) ""

Expected result:
The result should be:
string(22) ""


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2008-01-28 13:43 UTC]
Confirmed under Solaris 9 and Solaris 10 too.

 [2008-01-28 14:16 UTC]
Confirmed bug in 5CVS.
 [2008-01-28 23:38 UTC]
Cannot reproduce:
php -r 'var_dump(gethostbyaddr(""));'
string(22) ""
 [2008-01-28 23:52 UTC]
Traced it down to another "security" bug in Solaris.  The problem is that the IP: does not reverse and forward to the same address.  The below C code will not return a reverse lookup either.  This appears to be a low-level Solaris specific security measure (bug IMHO) in gethostbyaddr() to stop the resolution of fake DNS info.

Snooping, the network traffic on the lookup you can see it doing a reverse, then a forward to check the accuracy of the reverse:

DNS C Internet PTR ?
DNS R Internet PTR
DNS C Internet Addr ?
DNS R Internet Addr

I'll mark this one as bogus in a few days, unless anyone else can come up with a good way to get around this?

----- gethostbyaddr() test code (need -lresolv and -lnsl)

#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>

typedef struct in_addr in_addr;
typedef struct hostent hostent;

main (void)
  auto in_addr addr;
  register hostent const *hp;

  inet_aton ("", &addr);
  hp = gethostbyaddr ((char const *)&addr, sizeof addr, AF_INET);
  herror("resolver error");
  if (hp)
    printf ("%s\n", hp->h_name);
    printf ("No Reverse DNS for %s\n",  inet_ntoa (addr));

  return 0;
 [2008-01-29 00:17 UTC]
Proof is in the pudding: from gethostbyaddr() in OpenSolaris libresolv...

if ((hp = _getrhbyaddr(addr, len, type)) == (struct hostent *)NULL)
        return ((struct hostent *)NULL);

        /* hang on to what we got as an answer */
        (void) strcpy(hbuf, hp->h_name);

        /* check to make sure by doing a forward query */
        if ((hp2 = res_gethostbyname(hbuf)) != (struct hostent *)NULL)
 [2008-01-29 07:36 UTC]
K, marked as bogus then.
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Mon Oct 25 23:03:33 2021 UTC