php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #78479 gethostbyname can incorrectly return 0.0.0.0
Submitted: 2019-08-30 21:17 UTC Modified: 2019-09-04 07:32 UTC
From: ryan at arctype dot co Assigned:
Status: Open Package: *Network Functions
PHP Version: master-Git-2019-08-30 (Git) OS: Ubuntu Linux
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2019-08-30 21:17 UTC] ryan at arctype dot co
Description:
------------
Consider: 

<?php echo gethostbyname("www.google.com"); ?>
38.7.248.176

<?php echo gethostbyname("downloads.wordpress.org"); ?>
0.0.0.0

;; ANSWER SECTION:
www.google.com.		229	IN	A	216.58.193.196

;; ANSWER SECTION:
downloads.wordpress.org. 300	IN	A	198.143.164.250

The DNS on the host is running fine, DNS for downloads.wordpress.org is ok. We are however running on a dual-stack ipv4/v6 host. 

www.google.com has an AAAA record, downloads.wordpress.org does not. 

I suspect that gethostbyname() is returning an AAAA record from the system call to gethostbyname(3), which returns a struct hostent: 

           struct hostent {
               char  *h_name;            /* official name of host */
               char **h_aliases;         /* alias list */
               int    h_addrtype;        /* host address type */
               int    h_length;          /* length of address */
               char **h_addr_list;       /* list of addresses */
           }

While the PHP docs explicitly state that PHP's gethostbyname() returns the IPv4 address, the implementation does not restrict or check if the system call actually returns an AF_INET h_addrtype instead of AF_INET6, always assuming a v4 and copying sizeof(in_addr): https://github.com/php/php-src/blob/master/ext/standard/dns.c#L272 

According to the Linux man pages, "The gethostbyname*(), gethostbyaddr*(), herror(), and hstrerror() functions are obsolete.  Applications should use getaddrinfo(3), getnameinfo(3), and gai_strerror(3) instead."

"The  gethostbyaddr()  function  returns  a  structure  of  type  hostent  for the given host address addr of length len and address type type.  Valid address types are AF_INET and
       AF_INET6."

 
This problem has manifested elsewhere in this Wordpress bug report from a dual-stack host: https://core.trac.wordpress.org/ticket/38291


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2019-08-31 01:44 UTC] zhangwenchao001 at gmail dot com
# chaochao @ KVM-Ubuntu in ~ [9:36:43]
$ php -a
Interactive mode enabled

php > echo gethostbyname("downloads.wordpress.org");
198.143.164.250

I have IPv4/IPv6, found no problems.
 [2019-09-04 07:32 UTC] ryan at arctype dot co
Reproduced with docker-compose.yml:

version: '2.4'
services:
  php:
    image: php
    dns:
      - "4.2.2.2"
    dns_opt:
      - inet6
    command:
      - "sh"
      - "-c"
      - "echo '<?php echo gethostbyname(\"www.google.com\"); echo \"\\n\"; echo gethostbyname(\"downloads.wordpress.org\"); echo \"\\n\"; ?>' | php"


$ docker-compose up
Recreating php-bug_php_1 ... done
Attaching to php-bug_php_1
php_1  | 38.7.248.176
php_1  | 0.0.0.0
php-bug_php_1 exited with code 0
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Wed Nov 13 21:01:42 2019 UTC