Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 1.2.2

Request #4812 Protocol string in gethostbyname
Submitted: 2005-07-13 02:04 UTC
From: aarondoom at cookiedoom dot com Assigned: cweiske
Status: Closed Package: Net_Socket
PHP Version: 4.3.11 OS: Gentoo Linux 1.6.12
Roadmaps: (Not assigned)    
Subscription  
Comments Add Comment Add patch


Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know! Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
MUST BE VALID
Solve the problem : 42 + 32 = ?

 
 [2005-07-13 02:04 UTC] aarondoom at cookiedoom dot com
Description: ------------ Sending the protocol inside of the gethostbyname even though the function returns a value URI sends garbage to DNS servers. I think it would be a good idea to check first, this keeps DNS servers that are not hosted by you from banning your traffic. I know why the file wrappers need to be there, we just don't want to constantly get failures because they exist. Reproduce code: --------------- <?php $Host = gethostbyname("ssl://www.example.com"); ?> With the current code DNS servers respond with non-existant domain errors. 18:36:56.535962 IP test.example.net.35010 > cachedns.net.domain: 8097+ A? ssl://www.example.com. (41) 18:36:56.546296 IP cachedns.net.domain > test.example.net.35009: 5162 NXDomain 0/1/0 (102) The following patch fixes this. @@ -103,8 +103,10 @@ return $this->raiseError('$addr cannot be empty'); } elseif (strspn($addr, '.0123456789') == strlen($addr)) { $this->addr = $addr; - } else { + } elseif (preg_match("^/[0-9A-Za-z][-0-9A-Za-z.]+/$", $addr)) { // Understandibly, using socket modifiers like ssl:// or tcp:// will cause this to send garbage to our DNS servers and waste time, thus we check to see if we're a real valid hostname before running gethostbyname $this->addr = @gethostbyname($addr); + } else { // We leave it alone hoping that someone sent us something that makes sense later on + $this->addr = $addr; } $this->port = $port % 65536; EOF Expected result: ---------------- ssl://www.example.com Actual result: -------------- ssl://www.example.com

Comments

 [2006-12-13 21:24 UTC] cweiske (Christian Weiske)
Check was already in package (at least 1.0.6)