php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #43853 Some IP addresses are note resolved by gethostbyaddr()
Submitted: 2008-01-15 09:23 UTC Modified: 2008-01-29 07:36 UTC
From: radonov at ecad dot tu-sofia dot bg Assigned:
Status: Not a bug Package: Network related
PHP Version: 4.4.8, 5CVS OS: Solaris
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: radonov at ecad dot tu-sofia dot bg
New email:
PHP Version: OS:

 

 [2008-01-15 09:23 UTC] radonov at ecad dot tu-sofia dot bg
Description:
------------
Some IP addresses are note resolved by gethostbyaddr() under Solaris 8. Solrais nslookup resolves the addresses normaly.

Reproduce code:
---------------
var_dump(gethostbyaddr('78.130.136.12'));
The result is:
string(13) "78.130.136.12"

Expected result:
----------------
The result should be:
string(22) "atlantis.botevgrad.com"


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-01-28 13:43 UTC] ab5602@php.net
Confirmed under Solaris 9 and Solaris 10 too.


 [2008-01-28 14:16 UTC] ab5602@php.net
Confirmed bug in 5CVS.
 [2008-01-28 23:38 UTC] tony2001@php.net
Cannot reproduce:
php -r 'var_dump(gethostbyaddr("78.130.136.12"));'
string(22) "atlantis.botevgrad.com"
 [2008-01-28 23:52 UTC] ab5602@php.net
Traced it down to another "security" bug in Solaris.  The problem is that the IP: 78.130.136.12 does not reverse and forward to the same address.  The below C code will not return a reverse lookup either.  This appears to be a low-level Solaris specific security measure (bug IMHO) in gethostbyaddr() to stop the resolution of fake DNS info.

Snooping, the network traffic on the lookup you can see it doing a reverse, then a forward to check the accuracy of the reverse:

DNS C 12.136.130.78.in-addr.arpa. Internet PTR ?
DNS R 12.136.130.78.in-addr.arpa. Internet PTR atlantis.botevgrad.com.
DNS C atlantis.botevgrad.com. Internet Addr ?
DNS R atlantis.botevgrad.com. Internet Addr 212.116.131.138

I'll mark this one as bogus in a few days, unless anyone else can come up with a good way to get around this?

----- gethostbyaddr() test code (need -lresolv and -lnsl)

#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>

typedef struct in_addr in_addr;
typedef struct hostent hostent;

int
main (void)
{
  auto in_addr addr;
  register hostent const *hp;

  inet_aton ("78.130.136.12", &addr);
  hp = gethostbyaddr ((char const *)&addr, sizeof addr, AF_INET);
  herror("resolver error");
  
  if (hp)
    printf ("%s\n", hp->h_name);
  else
    printf ("No Reverse DNS for %s\n",  inet_ntoa (addr));

  return 0;
}
 [2008-01-29 00:17 UTC] ab5602@php.net
Proof is in the pudding: from gethostbyaddr() in OpenSolaris libresolv...

----------
if ((hp = _getrhbyaddr(addr, len, type)) == (struct hostent *)NULL)
        return ((struct hostent *)NULL);

        /* hang on to what we got as an answer */
        (void) strcpy(hbuf, hp->h_name);

        /* check to make sure by doing a forward query */
        if ((hp2 = res_gethostbyname(hbuf)) != (struct hostent *)NULL)
----------
 [2008-01-29 07:36 UTC] derick@php.net
K, marked as bogus then.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Mon Dec 16 12:01:23 2019 UTC