Protect all of the name resolution methods from returning null addrs. Ensure all...

diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c
index 494836d4b28b8993006f0763cb6f33cb410a546c..f2c8d4a2f7d76a9085bf2e8b2926864f05b82a8f 100644 (file)
--- a/source3/libsmb/namequery.c
+++ b/source3/libsmb/namequery.c
@@ -1367,6 +1367,10 @@ static bool name_query_validator(struct packet_struct *p, void *private_data)
                putip((char *)&ip,&nmb->answers->rdata[2+i*6]);
                in_addr_to_sockaddr_storage(&addr, ip);
 
+               if (is_zero_addr(&addr)) {
+                       continue;
+               }
+
                for (j=0; j<state->num_addrs; j++) {
                        if (sockaddr_equal(
                                    (struct sockaddr *)(void *)&addr,
@@ -2374,6 +2378,10 @@ static NTSTATUS resolve_hosts(const char *name, int name_type,
                ZERO_STRUCT(ss);
                memcpy(&ss, res->ai_addr, res->ai_addrlen);
 
+               if (is_zero_addr(&ss)) {
+                       continue;
+               }
+
                *return_count += 1;
 
                *return_iplist = SMB_REALLOC_ARRAY(*return_iplist,
@@ -2565,6 +2573,10 @@ NTSTATUS internal_resolve_name(const char *name,
                        SAFE_FREE(*return_iplist);
                        return NT_STATUS_INVALID_PARAMETER;
                }
+               if (is_zero_addr(&(*return_iplist)->ss)) {
+                       SAFE_FREE(*return_iplist);
+                       return NT_STATUS_UNSUCCESSFUL;
+               }
                *return_count = 1;
                return NT_STATUS_OK;
        }
@@ -2572,6 +2584,8 @@ NTSTATUS internal_resolve_name(const char *name,
        /* Check name cache */
 
        if (namecache_fetch(name, name_type, return_iplist, return_count)) {
+               *return_count = remove_duplicate_addrs2(*return_iplist,
+                                       *return_count );
                /* This could be a negative response */
                if (*return_count > 0) {
                        return NT_STATUS_OK;
@@ -2679,10 +2693,7 @@ NTSTATUS internal_resolve_name(const char *name,
        controllers including the PDC in iplist[1..n].  Iterating over
        the iplist when the PDC is down will cause two sets of timeouts. */
 
-       if ( *return_count ) {
-               *return_count = remove_duplicate_addrs2(*return_iplist,
-                                       *return_count );
-       }
+       *return_count = remove_duplicate_addrs2(*return_iplist, *return_count );
 
        /* Save in name cache */
        if ( DEBUGLEVEL >= 100 ) {
@@ -2698,7 +2709,9 @@ NTSTATUS internal_resolve_name(const char *name,
                }
        }
 
-       namecache_store(name, name_type, *return_count, *return_iplist);
+       if (*return_count) {
+               namecache_store(name, name_type, *return_count, *return_iplist);
+       }
 
        /* Display some debugging info */
 
@@ -3163,10 +3176,7 @@ static NTSTATUS get_dc_list(const char *domain,
        /* need to remove duplicates in the list if we have any
           explicit password servers */
 
-       if (local_count) {
-               local_count = remove_duplicate_addrs2(return_iplist,
-                               local_count );
-       }
+       local_count = remove_duplicate_addrs2(return_iplist, local_count );
 
        /* For DC's we always prioritize IPv4 due to W2K3 not
         * supporting LDAP, KRB5 or CLDAP over IPv6. */