I'm running c-ares version 1.7.4
I came across a segfault on Windows in ares_gethostbyname.c in "file_lookup"
The basic problem seems to be that PATH_HOSTS isn't initialized. If the
call to "RegOpenKeyEx" fails, PATH_HOSTS makes it down to "strcat" before
being initialized. If there are no null characters in the first MAX_PATH
characters, strcat copies off the end of the array and things end up
corrupted.
The valid fix is to clear PATH_HOSTS. ares_gethostbyaddr contains the same
code, so I fixed it there as well.
I've attached a very simple patch including the changes.
Thanks,
--Jeremy
diff -Naur c-ares.orig/ares_gethostbyaddr.c c-ares/ares_gethostbyaddr.c
--- c-ares.orig/ares_gethostbyaddr.c 2011-08-08 11:21:40.454903562 -0700
+++ c-ares/ares_gethostbyaddr.c 2011-08-08 11:21:43.195528422 -0700
@@ -186,6 +186,7 @@
#ifdef WIN32
char PATH_HOSTS[MAX_PATH];
+ memset(PATH_HOSTS, 0, MAX_PATH);
if (IS_NT()) {
char tmp[MAX_PATH];
HKEY hkeyHosts;
diff -Naur c-ares.orig/ares_gethostbyname.c c-ares/ares_gethostbyname.c
--- c-ares.orig/ares_gethostbyname.c 2011-08-08 11:21:40.454903562 -0700
+++ c-ares/ares_gethostbyname.c 2011-08-08 11:21:43.195528422 -0700
@@ -344,6 +344,7 @@
#ifdef WIN32
char PATH_HOSTS[MAX_PATH];
+ memset(PATH_HOSTS, 0, MAX_PATH);
if (IS_NT()) {
char tmp[MAX_PATH];
HKEY hkeyHosts;
