php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #43853 Some IP addresses are note resolved by gethostbyaddr()
Submitted: 2008-01-15 09:23 UTC Modified: 2008-01-29 07:36 UTC
From: radonov at ecad dot tu-sofia dot bg Assigned:
Status: Not a bug Package: Network related
PHP Version: 4.4.8, 5CVS OS: Solaris
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: radonov at ecad dot tu-sofia dot bg
New email:
PHP Version: OS:

 

 [2008-01-15 09:23 UTC] radonov at ecad dot tu-sofia dot bg 
Description:
------------
Some IP addresses are note resolved by gethostbyaddr() under Solaris 8. Solrais nslookup resolves the addresses normaly.

Reproduce code:
---------------
var_dump(gethostbyaddr('78.130.136.12'));
The result is:
string(13) "78.130.136.12"

Expected result:
----------------
The result should be:
string(22) "atlantis.botevgrad.com"

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-01-28 13:43 UTC] ab5602@php.net 
Confirmed under Solaris 9 and Solaris 10 too.
 [2008-01-28 14:16 UTC] ab5602@php.net 
Confirmed bug in 5CVS.
 [2008-01-28 23:38 UTC] tony2001@php.net 
Cannot reproduce:
php -r 'var_dump(gethostbyaddr("78.130.136.12"));'
string(22) "atlantis.botevgrad.com"
 [2008-01-28 23:52 UTC] ab5602@php.net 
Traced it down to another "security" bug in Solaris.  The problem is that the IP: 78.130.136.12 does not reverse and forward to the same address.  The below C code will not return a reverse lookup either.  This appears to be a low-level Solaris specific security measure (bug IMHO) in gethostbyaddr() to stop the resolution of fake DNS info.

Snooping, the network traffic on the lookup you can see it doing a reverse, then a forward to check the accuracy of the reverse:

DNS C 12.136.130.78.in-addr.arpa. Internet PTR ?
DNS R 12.136.130.78.in-addr.arpa. Internet PTR atlantis.botevgrad.com.
DNS C atlantis.botevgrad.com. Internet Addr ?
DNS R atlantis.botevgrad.com. Internet Addr 212.116.131.138

I'll mark this one as bogus in a few days, unless anyone else can come up with a good way to get around this?

----- gethostbyaddr() test code (need -lresolv and -lnsl)

#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>

typedef struct in_addr in_addr;
typedef struct hostent hostent;

int
main (void)
{
  auto in_addr addr;
  register hostent const *hp;

  inet_aton ("78.130.136.12", &addr);
  hp = gethostbyaddr ((char const *)&addr, sizeof addr, AF_INET);
  herror("resolver error");
  
  if (hp)
    printf ("%s\n", hp->h_name);
  else
    printf ("No Reverse DNS for %s\n",  inet_ntoa (addr));

  return 0;
}
 [2008-01-29 00:17 UTC] ab5602@php.net 
Proof is in the pudding: from gethostbyaddr() in OpenSolaris libresolv...

----------
if ((hp = _getrhbyaddr(addr, len, type)) == (struct hostent *)NULL)
        return ((struct hostent *)NULL);

        /* hang on to what we got as an answer */
        (void) strcpy(hbuf, hp->h_name);

        /* check to make sure by doing a forward query */
        if ((hp2 = res_gethostbyname(hbuf)) != (struct hostent *)NULL)
----------
 [2008-01-29 07:36 UTC] derick@php.net 
K, marked as bogus then.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 19 18:01:28 2024 UTC