Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Undefined behavior "member call on null pointer of type 'const struct ResultHolder'" #705

octoploid opened this issue Feb 3, 2016 · 3 comments


None yet
4 participants
Copy link

commented Feb 3, 2016

Compiling with gcc-6 leads to segfaults in projects that use googletest,
because it invokes undefined behavior.

For example the yaml-cpp testsuite segfaults:
/var/tmp/yaml-cpp/test/gmock-1.7.0/include/gmock/gmock-spec-builders.h:1530:60: runtime error: member call on null pointer of type 'const struct ResultHolder'
[1] 20019 segmentation fault ./run-tests

"this" must never be NULL in C++.
Using "-fno-delete-null-pointer-checks" is a workaround.

1579   // Returns the result of invoking this mock function with the given                                                                                                    
1580   // arguments.  This function can be safely called from multiple                                                                                                        
1581   // threads concurrently.                                                                                                                                               
1582   Result InvokeWith(const ArgumentTuple& args)                                                                                                                           
1583         GTEST_LOCK_EXCLUDED_(g_gmock_mutex) {                                                                                                                            
1584     scoped_ptr<ResultHolder> holder(                                                                                                                                     
1585         DownCast_<ResultHolder*>(this->UntypedInvokeWith(&args)));                                                                                                       
1586     return holder->Unwrap();                                                                                                                                             
1587   }  

This comment has been minimized.

Copy link

commented Feb 3, 2016

That snippet doesn't help me much. What ptr was null there?

Do you have more context for how a nullptr had a member function called on it?


This comment has been minimized.

Copy link

commented Feb 3, 2016

markus@x4 test % gdb ./run-tests
Reading symbols from ./run-tests...done.
(gdb) b __ubsan::Diag::~Diag
(gdb) run
Breakpoint 1, 0x00007ffff6dfec40 in __ubsan::Diag::~Diag() () from /usr/lib/gcc/x86_64-pc-linux-gnu/6.0.0/
(gdb) bt
#0  0x00007ffff6dfec40 in __ubsan::Diag::~Diag() () from /usr/lib/gcc/x86_64-pc-linux-gnu/6.0.0/
#1  0x00007ffff6e02241 in handleTypeMismatchImpl(__ubsan::TypeMismatchData*, unsigned long, __ubsan::ReportOptions) ()
   from /usr/lib/gcc/x86_64-pc-linux-gnu/6.0.0/
#2  0x00007ffff6e026d3 in __ubsan_handle_type_mismatch () from /usr/lib/gcc/x86_64-pc-linux-gnu/6.0.0/
#3  0x00000000005003dc in testing::internal::FunctionMockerBase<void (YAML::Mark const&)>::InvokeWith(std::tuple<YAML::Mark const&> const&) (
    args=std::tuple containing = {...}, this=0x2842350) at /var/tmp/yaml-cpp/test/gmock-1.7.0/include/gmock/gmock-spec-builders.h:1530
#4  testing::internal::FunctionMocker<void (YAML::Mark const&)>::Invoke(YAML::Mark const&) (a1=..., this=0x2842350)
    at /var/tmp/yaml-cpp/test/gmock-1.7.0/include/gmock/gmock-generated-function-mockers.h:97
#5  YAML::MockEventHandler::OnDocumentStart (this=<optimized out>, gmock_a1=...) at /var/tmp/yaml-cpp/test/mock_event_handler.h:10
#6  0x0000000001320f0f in YAML::SingleDocParser::HandleDocument (this=0x7fffffffda10, eventHandler=...) at /var/tmp/yaml-cpp/src/singledocparser.cpp:31
#7  0x00000000012686f5 in YAML::Parser::HandleNextDocument (this=this@entry=0x7fffffffdc50, eventHandler=...) at /var/tmp/yaml-cpp/src/parser.cpp:42
#8  0x00000000004f9717 in YAML::HandlerTest::Parse (
    example="- |\n  !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\n- |\n  ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍ", <
incomplete sequence \303>..., this=0x2842330) at /var/tmp/yaml-cpp/test/handler_test.h:17
#9  YAML::(anonymous namespace)::EncodingTest::Run (this=0x2842330) at /var/tmp/yaml-cpp/test/integration/encoding_test.cpp:105
#10 0x000000000145896b in testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void> (location=0x14b5616 "the test body", method=<optimized out>, 
    object=0x2842330) at /var/tmp/yaml-cpp/test/gmock-1.7.0/gtest/src/
#11 testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void> (object=object@entry=0x2842330, method=<optimized out>, 
    location=location@entry=0x14b5616 "the test body") at /var/tmp/yaml-cpp/test/gmock-1.7.0/gtest/src/
#12 0x00000000014226da in testing::Test::Run (this=this@entry=0x2842330) at /var/tmp/yaml-cpp/test/gmock-1.7.0/gtest/src/
#13 0x00000000014231a3 in testing::Test::Run (this=0x2842330) at /var/tmp/yaml-cpp/test/gmock-1.7.0/gtest/src/
#14 testing::TestInfo::Run (this=0x27fc3d0) at /var/tmp/yaml-cpp/test/gmock-1.7.0/gtest/src/
#15 0x0000000001423de8 in testing::TestCase::Run (this=0x27fc4c0) at /var/tmp/yaml-cpp/test/gmock-1.7.0/gtest/src/
#16 0x00000000014256ca in testing::internal::UnitTestImpl::RunAllTests (this=0x27f4d70) at /var/tmp/yaml-cpp/test/gmock-1.7.0/gtest/src/
#17 0x0000000001459bcb in testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> (
    location=0x14ab870 "auxiliary test code (environments or event listeners)", method=<optimized out>, object=0x1424960 <testing::internal::UnitTestImpl::RunAllTests()>)
    at /var/tmp/yaml-cpp/test/gmock-1.7.0/gtest/src/
#18 testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> (object=object@entry=0x27f4d70, method=<optimized out>, 
    location=location@entry=0x14ab870 "auxiliary test code (environments or event listeners)") at /var/tmp/yaml-cpp/test/gmock-1.7.0/gtest/src/
#19 0x0000000001427519 in testing::UnitTest::Run (this=0x27e1a00 <testing::UnitTest::GetInstance()::instance>) at /var/tmp/yaml-cpp/test/gmock-1.7.0/gtest/src/
#20 0x0000000000455f08 in RUN_ALL_TESTS () at /var/tmp/yaml-cpp/test/gmock-1.7.0/gtest/include/gtest/gtest.h:2288
#21 main (argc=<optimized out>, argv=<optimized out>) at /var/tmp/yaml-cpp/test/main.cpp:5
(gdb) up
#1  0x00007ffff6e02241 in handleTypeMismatchImpl(__ubsan::TypeMismatchData*, unsigned long, __ubsan::ReportOptions) ()
   from /usr/lib/gcc/x86_64-pc-linux-gnu/6.0.0/
(gdb) up
#2  0x00007ffff6e026d3 in __ubsan_handle_type_mismatch () from /usr/lib/gcc/x86_64-pc-linux-gnu/6.0.0/
(gdb) up
#3  0x00000000005003dc in testing::internal::FunctionMockerBase<void (YAML::Mark const&)>::InvokeWith(std::tuple<YAML::Mark const&> const&) (
    args=std::tuple containing = {...}, this=0x2842350) at /var/tmp/yaml-cpp/test/gmock-1.7.0/include/gmock/gmock-spec-builders.h:1530
1530            this->UntypedInvokeWith(&args))->GetValueAndDelete();
(gdb) l
1525      // arguments.  This function can be safely called from multiple
1526      // threads concurrently.
1527      Result InvokeWith(const ArgumentTuple& args)
1528            GTEST_LOCK_EXCLUDED_(g_gmock_mutex) {
1529        return static_cast<const ResultHolder*>(
1530            this->UntypedInvokeWith(&args))->GetValueAndDelete();
1531      }
1533      // Adds and returns a default action spec for this mock function.
1534      OnCallSpec<F>& AddNewOnCallSpec(
(gdb) p this
testing::internal::FunctionMockerBase<void(const YAML::Mark&)> * const) 0x2842350
(gdb) p *this
  <testing::internal::UntypedFunctionMockerBase> = {
    _vptr.UntypedFunctionMockerBase = 0x14c05a8 <vtable for testing::internal::FunctionMocker<void (YAML::Mark const&)>+16>, 
    mock_obj_ = 0x2842348, 
    name_ = 0x14ad1c7 "OnDocumentStart", 
    untyped_on_call_specs_ = std::vector of length 0, capacity 0, 
    untyped_expectations_ = std::vector of length 1, capacity 1 = {{
        value_ = 0x283e390, 
        link_ = {
          next_ = 0x283f588
  members of testing::internal::FunctionMockerBase<void(const YAML::Mark&)>: 
  current_spec_ = {
    function_mocker_ = 0x2842350, 
    matchers_ = std::tuple containing = {
      [1] = {
        <testing::internal::MatcherBase<YAML::Mark const&>> = {
          _vptr.MatcherBase = 0x14c0538 <vtable for testing::Matcher<YAML::Mark const&>+16>, 
          impl_ = {
            value_ = 0x283d040, 
            link_ = {
              next_ = 0x283e490
        }, <No data fields>}
(gdb) p this->UntypedInvokeWith(&args)
$5 = (const testing::internal::UntypedActionResultHolderBase *) 0x0

cmcantalupo added a commit to cmcantalupo/geopm that referenced this issue Jul 22, 2016

Fixed issue that occurs when using googlemock with gcc 6.
- See google/googletest#705

Signed-off-by: Christopher M. Cantalupo

cmcantalupo added a commit to geopm/geopm that referenced this issue Jul 23, 2016

Fixed issue that occurs when using googlemock with gcc 6.
- See google/googletest#705

Change-Id: Ia9a62be2739eebc7e37d9542483e1822dcf883cb
Signed-off-by: Christopher M. Cantalupo

This comment has been minimized.

Copy link

commented Jul 25, 2016


I also have the same issue with some valid unit test when using GCC 6.

Actually, this issue was fixed back in 2014, but the lack of GTest/GMock release since 2013 make us still hitting this issue... It was fixed in the trunk with b5c8109. This bug is only triggered when you try to mock a method returning void.

For those who don't want to use the trunk without a proper release, here is a patch that applies fine against GMock 1.7.0 which fixes this issue (without using -fno-delete-null-pointer-checks):

--- include/gmock/gmock-spec-builders.h
+++ include/gmock/gmock-spec-builders.h
@@ -1370,6 +1370,8 @@
 template <>
 class ActionResultHolder<void> : public UntypedActionResultHolderBase {
+  explicit ActionResultHolder() {}
   void GetValueAndDelete() const { delete this; }

   virtual void PrintAsActionResult(::std::ostream* /* os */) const {}
@@ -1381,7 +1383,7 @@
       const typename Function<F>::ArgumentTuple& args,
       const string& call_description) {
     func_mocker->PerformDefaultAction(args, call_description);
-    return NULL;
+    return new ActionResultHolder();

   // Performs the given action and returns NULL.
@@ -1390,7 +1392,7 @@
       const Action<F>& action,
       const typename Function<F>::ArgumentTuple& args) {
-    return NULL;
+    return new ActionResultHolder();


gromacs-upload pushed a commit to gromacs/gromacs that referenced this issue Jul 30, 2016

Improve handling of gmock and gcc6
This patch reverts commit d6e35c9 that used gcc
-fno-delete-null-pointer-checks to work around implementation errors
in gmock 1.7. There's been no new release of gmock for several years,
but a patch is now available to address this issue.

This commit applies that patch, found at
google/googletest#705 (comment). Updated
our README describing modifications GROMACS has found it necessary to

Fixes #1911

Change-Id: I0d5abe9bf8172f6749bcad97a13765edaa3d4c80

daviddrysdale added a commit to daviddrysdale/c-ares that referenced this issue Sep 26, 2016

jsonn pushed a commit to jsonn/pkgsrc that referenced this issue Sep 29, 2016

Updated libcares to 1.12.0. Security fix.
Version 1.12.0 (29 Sep 2016)

Daniel Stenberg (29 Sep 2016)

- [David Drysdale brought this change]

  ares-test-misc: test ares_create_query with escaped trailing dot

- ares_create_query: avoid single-byte buffer overwrite

  ... when the name ends with an escaped dot.



- ares_library_initialized.3: added

- make: bump CARES_VERSION_INFO for release

David Drysdale (29 Sep 2016)
- man: update ares_init_options.3

Daniel Stenberg (29 Sep 2016)
- ares_library_init.3: corrected the ares_library_init_mem proto

- remove space from link

- README: link to the correct c-ares badge!

  Reported-by: David Hotham

  Fixes #63

- docs: minor formatting edits

- ares_destroy.3: formatting polish

- ares_init.3: split the init docs into two separate man pages

- SECURITY: point to the vulnerabilities page now

- RELEASE-NOTES: synced with daa7235b1a5

- ares_create_query.3: edit language

  Tried to make the man page more readable.

David Drysdale (26 Sep 2016)
- test: fix gMock to work with gcc >= 6.x

  Taken from:
  google/googletest#705 (comment)

Daniel Stenberg (26 Sep 2016)
- [Brad House brought this change]

  headers: remove checks for and defines of variable sizes

  ... they're not really used and by avoiding them in the ares_build.h
  output we make the public header less dependent on data sizes.

David Drysdale (24 Sep 2016)
- api: add ARES_OPT_NOROTATE optmask value

  Fix up a couple of problems with configuring whether c-ares rotates
  between different name servers between requests.

  Firstly, ares_save_options() returns (in *optmask) the value of
  (channel->optmask & ARES_OPT_ROTATE), which doesn't necessarily
  indicate whether the channel is or is not actually doing rotation.
  This can be confusing/incorrect if:
   - the channel was originally configured without ARES_OPT_ROTATE
     (so it appears that the channel is not rotating)
   - the /etc/resolv.conf file includes the 'rotate' option
     (so the channel is actually performing rotation).

  Secondly, it is not possible to reliably configure a channel
  to not-rotate; leaving off ARES_OPT_ROTATE is not enough, since
  a 'rotate' option in /etc/resolv.conf will turn it on again.

   - add an ARES_OPT_NOROTATE optmask value to allow explicit
     configuration of no-rotate behaviour
   - in ares_save_options(), report the value of channel->rotate
     as exactly one of (optmask & ARES_OPT_ROTATE) or
     (optmask & ARES_OPT_NOROTATE).

  In terms of back-compatibility:
   - existing apps that set ARES_OPT_ROTATE will continue to rotate,
     and to have ARES_OPT_ROTATE reported back from ares_save_options()
   - existing apps that don't set ARES_OPT_ROTATE will continue to
     use local config/defaults to decide whether to rotate, and will
     now get ARES_OPT_ROTATE or ARES_OPT_NOROTATE reported back from
     ares_save_options() rather than 0.

- ares_init_options: only propagate init failures from options

  Commit 46bb820be3a8 ("ares_init_options: don't lose init failure")
  changed init behaviour so that earlier errors in initialization
  weren't lost.  In particular, if the user passes in specific
  options but they are not applied (e.g. because of an allocation
  failure), that failure needs to be reported back to the user; this
  also applies when duplicating a channel with ares_dup().

  However, other initialization failures can be ignored and
  overridden -- in particular, if init_by_resolv_conf() or
  init_by_environment() fail, then falling back to default values
  is OK.

  So only preserve failures from the init_by_options() stage, not
  from all initialization stages.

  Fixes issue 60.

- test: Force reinstall of libtool on OSX

  Travis build environment appears to have changed.

- test: Add valgrind build variant

- test: Add null pointer to gtest args

  GoogleTest assumes that there is a null pointer in argv[argc],
  so make it look like that. Without this change, tests run with
  command-line arguments get memory errors under valgrind/ASAN.

Daniel Stenberg (21 Aug 2016)
- AUTHOR: maybe gitgub isn't really an author =)

- AUTHORS: added contributors from the git log

- add a stand-alone license file

  Just the MIT license used in the top the source files moved out to a
  stand-alone file for easier reference and discovery.

- README: added "CII best practices" badge

- suggested "security process" for the project

David Drysdale (17 Aug 2016)
- test: Add Clang static analysis build to Travis

  Run scan-build over the library source code, but skip the
  tests.  Needs a later Clang install in Travis

- test: more info on how to run fuzz testing

- test: make fuzzer driver code C not C++

- test: fuzzer mode for AFL's persistent mode

  When fuzzing with AFL, if the LLVM-based instrumentation is
  used (via the afl-clang-fast wrapper), then it is possible to
  have a single execution of the fuzzer program iterate multiple
  times over the fuzzing entrypoint (similar to libFuzzer's normal
  mode of execution) with different data.  This is much (e.g. 10x)

  Add code to support this, by checking whether __AFL_LOOP is
  defined at compile-time.

  Also, shift the code to effectively be C rather than C++.

- test: simplify deps for fuzzer entrypoint

  No need to depend on the rest of the test code (ares-test.h) for
  the fuzzer entrypoint; this makes the entrypoint slightly simpler
  to build with LLVM's libFuzzer.

  Also shift the code to effectively be C rather than C++

- test: disable MinGW tests

  The test binary built in the MinGW build is failing for some
  reason.  It works for me when I build locally, so I'm guessing
  it's down to some sort of AppVeyor environment issue.

  Disable for now.

Daniel Stenberg (16 Aug 2016)
- read_tcp_data: remove superfluous NULL check

  CID 56884 by Coverity. The pointer is already derefenced before this
  point so it can't be NULL here anyway.

- web: http => https

GitHub (20 Jul 2016)
- [David Drysdale brought this change]

  Merge pull request #59 from fuze/master

  Update for VS2015 Update 3

- [Chris Araman brought this change]


  support Visual Studio 2015 Update 3

David Drysdale (2 May 2016)
- Fix trailing comment for #endif

Daniel Stenberg (30 Apr 2016)
- email: use Gisle's "new" address

David Drysdale (18 Apr 2016)
- test: drop superfluous fuzz inputs

  Where there are multiple fuzz input files that only differ in
  the first two bytes (the query ID), just keep the first such

svante karlsson (15 Apr 2016)
- Update

  support Visual Studio 2015 Update 2

David Drysdale (31 Mar 2016)
- test: Run in Travis build

- test: add fuzzing check script to tests

  Add a test script that runs the fuzzing command over the
  corpus of DNS packets.  This doesn't actually do any fuzzing
  (it just runs them as inputs without generating any variations)
  but it does ensure that the fuzzing entrypoint is still working.

- test: allow multiple files in aresfuzz command line

  If no arguments are specified, use stdin as input.
  Otherwise treat each argument as a filename and feed
  its contents to the fuzz entrypoint.

- test: Add corpus of DNS packets

  For fuzz testing it is useful to start from a corpus of valid
  packets, so fill out the test/fuzzinput/ directory with a bunch
  of inputs.

  These packets were generated by temporarily modifying the c-ares
  process_answer() function to save off any incoming response messages.

- test: Add utility to show DNS packet from file

- [nordsturm brought this change]

  Fix nsort initialization

  Author: Alexander Drachevskiy

- test: Check setting nsort=0 option is respected

- test: Update fuzzing function prototype

  libFuzzer changed expected return type from void to int
  in LLVM 3.8.

- Explicitly clear struct servent before use

  On a build where MSAN has been manually set up (which involves
  using an MSAN-instrumented version of the standard C++ library, see
  there's a warning about use of uninitialized memory here.  It
  might be a false positive, but the fix is trivial so include it.

- test: for AF_UNSPEC, return CNAME only for AAAA, but valid A record

  Also shuffle expected responses rsp6/rsp4 into the order they will occur.

- [Chris Araman brought this change] support Visual Studio 2015 Update 1

- build: commonize MSVC version detection

  Remove the need to copy/paste version number mapping between
  Makefile.msvc and test/Makefile.msvc.

- test: Use different name in live test

- test: Only pass unused args to GoogleTest

- ahost.c: add cast to fix C++ compile

  If ahost.c is force-compiled as C++ the missing cast from
  (void *) to (char **) is problematic.

- ares_library_cleanup: reset ares_realloc too

  Otherwise a subsequent use of the library might use a previous
  incarnation's realloc() implementation.

Daniel Stenberg (9 Mar 2016)
- [Brad House brought this change]

  configure: check if tests can get built before enabled

  The current approach for disabling tests is not a good solution because
  it forces you to pass --disable-tests, rather than auto-detect if your
  system can support the tests in the first place.  Many (most?) systems
  do not have C++11.  This also causes issues when chain-building c-ares,
  the hosting system needs to be updated to support passing this
  additional flag if necessary, it doesn't seem reasonable to add this
  requirement which breaks compatibility.

  This change auto-detects if the system can build the tests and
  automatically disable them if it cannot.  If you pass --enable-tests to
  configure and the system cannot build them either due to lack of system
  support, or because cross-compilation is being used, it will throw an
  appropriate error since the user indicated they really did want the

David Drysdale (3 Mar 2016)
- [Viktor Szakats brought this change]

  Makefile.m32: add support for CROSSPREFIX

- [Viktor Szakats brought this change]

  Makefile.m32: add support for extra flags

  Allow specification of CARES_{LD,C}FLAG_EXTRAS envvars
  for mingw

- test: Build with MinGW on AppVeyor

- test: avoid in6addr_* constants

  These aren't available on MinGW, so use explicit addresses instead.

- test: add missing #includes for

- [Gregor Jasny brought this change]

  Fix man page typos detected by Lintian

Daniel Stenberg (19 Feb 2016)
- configure: acknowledge --disable-tests

  Fixes #44

- AUTHORS: added contributors from the 1.11.0 release

- bump: start working on the next version

Version 1.11.0 (19 Feb 2016)

Daniel Stenberg (19 Feb 2016)
- RELEASE-NOTES: final edits for 1.11.0

David Drysdale (15 Feb 2016)
- ares_dup.3: remove mention of nonexistent function

  ares_dup_options() doesn't exist, so don't document it.

- test: skip repeated build steps

  Top-level buildconf/configure now triggers for the
  test/ subdir too, so don't need to do explicitly.

- test: namespaces unavailable when cross-compiling

Daniel Stenberg (13 Feb 2016)
- configure: only run configure in test when NOT cross-compiling

  ... as the tests won't run cross-compiled anyway

David Drysdale (13 Feb 2016)
- test: prefer ON_CALL to EXPECT_CALL to reduce flakes

  For UDP tests, there's a chance of a retry.  EXPECT_CALL only
  expects a single request to arrive at the server; ON_CALL allows
  for a UDP retry and repeats the same answer.

  Note that ON_CALL and EXPECT_CALL can't be mixed in the same
  test, and that tests that have a varied sequence of responses
  for the same repeated request still have to use EXPECT_CALL.

Daniel Stenberg (13 Feb 2016)
- configure: run configure in 'test' too

  Having the test dir completely stand-alone causes too many issues for
  users and devs. It still needs to be built specifically.

- configure: build silently by default

- buildconf: run test/buildconf too if present

- test/configure: build silently by default

- [Gregor Jasny brought this change]

  dist: Distribute

  Closes #42

Version 1.11.0 (11 Feb 2016)

Daniel Stenberg (11 Feb 2016)
- distribute the test dir too

- RELEASE-NOTES: synced with 385582bd14b68a

- [Nicolas \"Pixel\" Noble brought this change]

  ares_win32_init: make LoadLibrary work when using UNICODE too

  Closes #17

David Drysdale (11 Feb 2016)
- Use "resolve" as synonym of "dns" in nsswitch.conf

  Modern Linux systems may have libnss_resolve from systemd as the
  resolver, which is then configured in /etc/nsswitch.conf with
  the "resolve" keyword rather than "dns".

  Fixes #33

- ares_set_socket_callback: make manpage match code

  The code in ares_process.c that invokes the socket creation/connection
  callback only checks for rc < 0, not for standard ares error codes.

- Merge pull request #36 from AGWA-forks/master

  Add ares_set_socket_configure_callback()

- test: Update init tests to match behaviour

  Unreadable config files are now treated the same way
  as absent config files.

- [Fedor Indutny brought this change]

  Ignore `fopen` errors to use default values

  After 46bb820be3a83520e70e6c5f0c5133253fcd69cd `init_by_resolv_conf`
  errors are no longer swallowed in `ares_init_options`. This has exposed
  a previously unknown bug in `lookups` initialization code.

  If there is no lookup configuration in `resolv.conf`,
  `init_by_resolv_conf` will attempt to read it from other files available
  on the system. However, some of these files may have restricted
  permissions (like `600`), which will lead to `EACCESS` errno, which in
  turn is handled like a fatal error by `init_by_resolv_conf`.

  However, it sounds illogical that this error should be handled as a
  fatal. There is a `init_by_defaults` call that overrides `lookups` with
  default value, and certainly possible absence of lookup information is
  the reason why this function exists in a first place!

  I suggest handling any `fopen` errors as non-fatal ones, allowing to
  pick up the `lookups` value from different config files, or to pick up
  default value.

Andrew Ayer (9 Feb 2016)
- Document callback type in man page for ares_set_socket_callback

- Add ares_set_socket_configure_callback()

  This function sets a callback that is invoked after the socket is
  created, but before the connection is established.  This is an ideal
  time to customize various socket options.

David Drysdale (9 Feb 2016)
- test: ares_set_socket_callback failure behaviour

- test: Check ares_parse_txt_reply_ext() entrypoint

- [Fedor Indutny brought this change]

  txt: introduce `ares_parse_txt_reply_ext`

  Introduce `ares_txt_ext` structure with an extra `record_start`
  field, which indicates a start of a new TXT record, thus allowing to
  differentiate the chunks in the same record, from a chunks in a
  different record.

  Introduce a new API method: `ares_parse_txt_reply_ext` that works with
  this kind of struct.

- doc: Update missed repo references

- doc: Update docs on contributing

- test: Run command line tools in Travis

  Do a quick execution of each of the command line tools
  in the continuous integration build, so that any (say)
  sanitizer failures show up.

- acountry: drop inert test

  If ver_1 is true, then z0 and z1 must both be 'z', and so
  (z0 != 'z' && z1 != 'z') can never be true.

  CID 56879, pointed out by Coverity.

- doc: update badge locations to master repo

- test: Enable maintainer mode + debug in Travis

- test: Add an iOS build target

- test: Ignore SIGPIPE in tests

- test: More initialization tests

- test: Improve containerized test mechanism

  Aim is to ensure that code coverage information can escape the
  container.  To do this:
   - Enter a new mount namespace too, so that we can...
   - Bind mount the expected source directory into the container
   - Share memory with the sub-process so coverage information is
     shared too.

- test: Make contained tests easier to write

- test: Add framework for containerized testing

  On Linux we can potentially use user and UTS namespaces to run  a test
  in a pseudo-container with:
   - arbitrary filesystem (e.g. /etc/resolv.conf, /etc/nsswitch.conf, /etc/hosts)
   - arbitrary hostname/domainname.

  Include a first pass at the framework code to allow this, along with a
  first test case that uses the container.

- test: Use a longer timeout for less flakiness

  Having occasional test failures from timeout before multiple
  queries can complete, so up the default timeout for the test
  from 100ms to 1500ms.

- test: Make failure tests more robust

  Different platforms will do different numbers of allocations
  in the processing of a given API call; just check that the
  return code is either success or ENOMEM, and free off any
  returned state in the former case.

  Also cope with ECONNREFUSED as well as ENOTFOUND.

- test: Get test code building under Windows

   - Initial nmake file based off library nmake file
   - Cast socket call arguments to (char *)
   - Use wrapper sclose() that maps to closesocket() or close()
   - Build a config.h indicating presence of headers
   - Conditionally include netdb.h
   - Remove unnecessary include of sys/socket.h
   - Force longer bitmask for allocation failure tracking
   - Call WSAStartup() / WSACleanup() in main()
   - Set TCP_NODELAY for mock server
   - Turn on tests in AppVeyor build

- test: Disable tests that manipulate env on Windows

- test: Move file lists into

  In preparation for a Win32 build of the test suite.

- test: Add a simple multi-server test

  Check rotate option does something

- test: Allow for multiple mock servers

   - Update the MockServer to allow separate specification of
     UDP and TCP ports
   - Have an array of mock servers listening on consecutive
     sets of ports.
   - Rename Process(fd) to ProcessFD(fd) to avoid confusion.
   - Initialize channel by using the new ares_set_servers_ports()
     entrypoint, so multiple ports on the same loopback address
     can be used.

- test: Update test for set/get_servers variants

  Ports are significant in the _ports_ variant functions, so update test to cope.

- test: Make GetNameServers() utility function port-aware

  Also make it generally available.

- test: more testing, including of internal static functions

- test: more tests, especially fallback processing

   - Make mock server listen on UDP + TCP in parallel.
   - Test UDP->TCP fallback on truncation
   - Test EDNS->no-EDNS fallback
   - Test some environment init options
   - Test nonsense reply

  test: short response

- test: more tests, particularly of initialization

- test: Run mock tests over both TCP and UDP

  With the exception of a few tests that make use of the timed
  retry aspect of UDP.

- test: Run mock tests over both IPv4 and IPv6

- test: Add more tests for edge cases

- test: more nooks and crannies of pton functions

- test: More tests for PTR parsing

- test: Use of HOSTALIAS environment variable

- test: Add RAII utility classes for testing

   - TempFile holds specific contents
   - EnvValue sets an environment variable

- test: More search domain scenarios

- test: Remove duplicate flags from

- test: Make test code leak-free

- test: More tests

   - test use of sortlist
   - test gethostbyname(AF_UNSPEC)

- test: Test ares_gethostbyname_file()

- test: Add more tests of ares_getnameinfo()

- test: Tweak tests, add alloc failure test

- test: Test init with options

- test: More tests

   - ares_inet_net_pton() variants
   - ares_getsock() variants

- test: Expose ProcessWork() function

- test: More parsing tests

   - Split each parse function test set out into separate files.
   - Add an allocation failure test for each parsing function.
   - Add error check test for each parsing function.

- test: Add various additional tests

- test: More tests

  Include tests of internal functions, based on the value of the
  CARES_SYMBOL_HIDING macro; need to configure the library with
  --disable-symbol-hiding to enable these tests.

- test: Allow command line override of mock server port

- test: Add documentation

- test: Temporarily avoid latest Python requests package

  Currently get error from Travis on this install step, and downgrading one
  version appears to fix the problem.

  "Could not find any downloads that satisfy the requirement pyOpenSSL>=0.13
  (from requests[security])"

- test: Add AppVeyor config file for Windows build

- test: Add configuration for a Travis build

  Cover Linux & OSX on the container infrastructure, but install
  a later G++ to satisfy the tests' need for C++11.

  Use a build matrix to include a variety of build variants:
   - ASAN
   - UBSAN
   - LSAN
   - Coverage via

  test: invoke ASAN and coverage in Travis build

  Also shift to use explicit build matrix

  test: Use for coverage tracking

  test: Add a build with UBSAN

  Also expand and re-order the setting of environment variables
  for easier modification.

  test: Add LSAN build to Travis config

- test: Add initial unit tests for c-ares library

  The tests are written in C++11, using the GoogleTest and GoogleMock
  frameworks.  They have their own independent autoconf setup, so that
  users of the library need not have a C++ compiler just to get c-ares
  working (however, the test/ file does assume the use of
  a shared top-level m4/ directory).  However, this autoconf setup has
  only been tested on Linux and OSX so far.

  Run with "./arestest", or "./arestest -v" to see extra debug info.
  The GoogleTest options for running specific tests are also
  available (e.g. "./arestest --gtest_filter=*Live*").

  The tests are nowhere near complete yet (currently hitting around
  60% coverage as reported by gcov), but they do include examples
  of a few different styles of testing:

   - There are live tests (, which assume that the
     current machine has a valid DNS setup and connection to the
     internet; these tests issue queries for real domains but don't
     particularly check what gets returned.  The tests will fail on
     an offline machine.

   - There a few mock tests ( that set up a fake DNS
     server and inject its port into the c-ares library configuration.
     These tests allow specific response messages to be crafted and
     injected, and so are likely to be used for many more tests in

      - To make this generation/injection easier, the dns-proto.h file
        includes C++ helper classes for building DNS packets.

   - Other library entrypoints that don't require network activity
     (e.g. ares_parse_*_reply) are tested directly.

   - There are few tests of library-internal functions that are not
     normally visible to API users (in

   - A couple of the tests use a helper method of the test fixture to
     inject memory allocation failures, using the earlier change to the
     library to allow override of malloc/realloc/free.

   - There is also an entrypoint to allow Clang's libfuzzer to drive
     the packet parsing code in ares_parse_*_reply, together with a
     standalone wrapper for it (./aresfuzz) to allow use of afl-fuzz
     for further fuzz testing.

- test: Add local copy of GoogleMock/GoogleTest 1.7.0

  Don't check in gtest/m4 files, as they are unused and interfere
  with the top-level configure process.

- doc: Show build badges in

  Note that these URLs will need to be updated if/when the test branch
  gets pulled into the master repo/branch.

- doc: Convert README to

  Gives better display on GitHub

- doc: Update in preparation for next release

  Assume 1.11.0 is next (as there are various API additions).
  Also add myself to AUTHORS.

- build: Allow header compilation by Windows C++ compiler

- build: Expose whether symbol hiding is on

  Adding the CARES_SYMBOL_HIDING definition allows the test suite to
  detect whether internal symbols are available or not.

- build: Add autoconf macros for C++11 code using pthreads

  Pull in testing macros from the GNU autoconf archive to allow
  configure scripts to test for and setup use of a C++11 compiler
  (AX_CXX_COMPILE_STDCXX_11) and the pthreads library (AX_PTHREAD).

  Note that these macros are not used by the main library autoconf,
  just by the tests (which share the same m4/ directory).

- build: Add a code coverage option

  Configure with:
    ./configure --enable-code-coverage
  Show coverage output with:
    make code-coverage-capture

  Built on m4/ax_code_coverage.m4 from the GNU autoconf archive
  to provide the macros to check for presence of gcov + lcov;
  upstream macro modified to:
   - Remove use of $(AM_DEFAULT_VERBOSITY) , as earlier versions of
     autoconf (such as the one used by default on Travis) do not have this.
   - Rather than automatically defining CODE_COVERAGE_RULES to be a set
     of makefile rules that use ifeq/endif (which is GNU make-specific),
     instead only define CODE_COVERAGE_RULES if coverages is turned on,
     and in that case don't use conditionals in the makefile.

- api: Add entrypoints to allow use of per-server ports

  Add user-visible entrypoints ares_{get,set}_servers_ports(3), which
  take struct ares_addr_port_node rather than struct ares_addr_node.
  This structure includes a UDP and TCP port number; if this is set
  to zero, the channel-wide port values are used as before.

  Similarly, add a new ares_set_servers_ports_csv(3) entrypoint, which
  is analogous to ares_set_servers(3) except it doesn't ignore any
  specified port information; instead, any per-server specified port
  is used as both the UDP and TCP port for that server.

  The internal struct ares_addr is extended to hold the UDP/TCP ports,
  stored in network order, with the convention that a value of zero
  indicates that the channel-wide UDP/TCP port should be used.

  For the internal implementation of ares_dup(3), shift to use the
  _ports() version of the get/set functions, so port information is
  transferred correctly to the new channel.

  Update manpages, and add missing ares_set_servers_csv to the lists
  while we're at it

- api: Add ares_set_sortlist(3) entrypoint

  Allow explicit configuration of the channel's sortlist, by
  specifying a string in the same format as the equivalent
  /etc/resolv.conf option.

  This allows library users to perform the same configuration
  that is available via /etc/resolv.conf, but without needing
  to change that file.

- api: Allow injection of user-specified malloc/free functions

  Add a new ares_library_init_mem() initialization function for the
  library which allows the library user to specify their own malloc,
  realloc & free equivalents for use library-wide.

  Store these function pointers in library-wide global variables,
  defaulting to libc's malloc(), realloc() and free().

  Change all calls to malloc, realloc and free to use the function pointer
  instead.  Also ensure that ares_strdup() is always available
  (even if the local environment includes strdup(3)), and change the
  library code to always use it.

  Convert calls to calloc() to use ares_malloc() + memset

- api: Add option to expose some internal functions

  Purely for testing, add --enable-expose-statics option to configure
  which converts some static internal functions to be externally visible.

- api: Expose the ares_library_initialized() function

- ahost: Allow repeated -s <domain> options

  This also removes a potential leak where later -s options would
  replace earlier ones without freeing the relevant string.

- Mark unhittable lines

  Add comments for the benefit of the lcov tool, marking
  lines that cannot be hit.  Typically these are fall-back
  protection arms that are already covered by earlier checks,
  and so it's not worth taking out the unhittable code (in case
  someone changes the code between the two places in future).

- ares_set_servers_csv.3: make return type match code

- bitncmp: update comment to match code behaviour

- ares_striendstr: fix so non-NULL return can happen

  This looks to have been broken since it was first introduced in 2005 in
  commit aba0b775ea30 ("Added ares_getnameinfo which mimics the
  getnameinfo API")

- config_sortlist: free any existing sortlist on (re)alloc failure

  If we get an allocation failure on 2nd or later entry in the sortlist, the
  code would return ENOMEM but still leave the initial entries allocated.
  Ensure that *sortlist is set to NULL whenever ENOMEM is returned.

- ares_dup: clear new channel on failure

  If the attempt to transfer IPv6 servers from the old to the new channel
  fails, the previous code would still return a channel to the user even though
  an error return code was generated.  This makes it likely that users would
  leak the channel, so explicitly clear the channel in this case.

- ares_init_options: don't lose init failure

  If (say) init_by_options() fails, the subsequent call to
  init_by_defaults() was overwriting the return code with
  success.  Still call init_by_defaults() regardless, but track
  its return value separately

- ares_gethostbyname: don't leak valid-but-empty hostent

  If an AF_UNSPEC query gets a valid response to its AAAA query,
  but which has no IPv6 addresses in it, then the code chains on to
  a A record query.  However, the hostent from the AAAA response
  was being leaked along the way (because it gets replaced before
  the follow-on end_hquery() invocation).

- ares_parse_txt_reply: propagate errors from per-substring loop

  If we get an allocation failure when processing a particular substring in a
  TXT record, that failure is silently lost; fix that by propagating errors from
  the inner loop to the outer loop.

- process_answer: fix things up correctly when removing EDNS option

  When a server rejects an EDNS-equipped request, we retry without
  the EDNS option.  However, in TCP mode, the 2-byte length prefix was
  being calculated wrong -- it was built from the answer length rather than
  the length of the original request.

  Also, it is theoretically possible that the call to realloc() might change
  the data pointed to; to allow for this, qbuf also needs updating.

  (Both these fixes were actually included in a patchset sent on the mailing
  list in Oct 2012, but were included with other functional changes that
  didn't get merged:

- ares__read_line: clear buf pointer on realloc failure

- ares_expand_name: check for valid bits in label length

  The top two bits of the label length indicate whether this is a
  label length (00) or an index to a name elsewhere in the message
  (11).  RFC1035 4.1.4 says that the other possible values for the
  top two bits (01, 10) are reserved for future use.

Daniel Stenberg (23 Jan 2016)
- [Gregor Jasny brought this change]

  Fix typos detected by lintian

  Closes #32

- [Gregor Jasny brought this change]

  Distribute all man pages

- README.cares: s/I/Daniel

  ... and add a pointer to an existing version of the original area 1.1.1

- read_tcp_data: don't try to use NULL pointer after malloc failure

  CID 56884, pointed out by Coverity. We really should make this function
  return an error code so that a malloc() failure can return back a major

- configure_socket: explicitly ignore return code

  CID 56889 in Coverity pointed out the return code from setsocknonblock()
  is ignored, and this added typecast to (void) makes it explicit.

- ahost: check the select() return code

  Fixes CID 137189, pointed out by Coverity

David Drysdale (18 Jan 2016)
- Fix buildconf on platforms using glibtoolize

  Commit c49a87eea538 changed buildconf to only check for
  libtoolize, but missed a line

- Don't exit loop early leaving uninitialized entries

  Update for commit affc63cba875d.

  The original patch from Gregor Jasny did not have the break
  statement; I incorrectly added it to prevent continuing the loop.
  However, the later entries in the array would then be left
  uninitialized, causing problems for later cleanup.

  So fix to match Gregor's original patch, with apologies.

Daniel Stenberg (18 Jan 2016)
- buildconf: remove check for libtool, it only requires libtoolize

David Drysdale (17 Jan 2016)
- [Gregor Jasny brought this change]

  Use libresolv to initialize cares on iPhone targets

  On iPhone targets like iOS, watchOS or tvOS the file
  /etc/resolv.conf cannot be used to configure cares.

  Instead the resolver library is queried for configuration

  CC: Yury Kirpichev <>

Daniel Stenberg (17 Jan 2016)
- README: updated to new repo URL

David Drysdale (14 Jan 2016)
- [Lei Shi brought this change]

  Fixing slow DNS lookup issue

  This patch is fixing the dns lookup issue due to dummy dns information
  of a disconnected adapter(in my case is a bluetooth adapter). I changed
  the dns lookup policy to try GetNetworkParams first because the
  GetNetworkParams provides the most reliable dns information (lots of
  checks were done by system). I also filter out inoperable adapter in
  DNS_AdaptersAddresses in case GetNetworkParams fail.

- Merge pull request #30 from p-push/vs-2015

  Support Visual Studio 2015

Oleg Pudeyev (3 Jan 2016)
- [Gisle Vanem brought this change]

  Support Visual Studio 2015

David Drysdale (11 Nov 2015)
- [Andrew Andkjar brought this change]

  added another version case to Makefile.msvc

  nmake version 11.00.61030.0 resolves to CC_VERS_NUM = 110

- Merge pull request #26 from bitbouncer/vs-2013

  added define for visual studio 2013

svante karlsson (25 Jun 2015)
- added define for visual studio 2013

Jakub Hrozek (6 Nov 2014)
- ares__read_line: free buf on realloc failure

- Destroy options if ares_save_options fails

  It's possible that, if ares_save_options failed, the opts structure
  would contain some allocated memory. Calling ares_destroy_options in
  this case is safe, because ares_save_options zeroes out the memory

- [David Drysdale brought this change]

  Continue loop if space for hostname not large enough

  When attempting to build a search domain from the local hostname
  (used as a fallback when no other methods have given a search
  domain), the code doubles the buffer size on each loop iteration.

  However, the loop previously had a WHILE_FALSE terminator so the continue
  statement exited the loop rather than going round again.

Daniel Stenberg (30 Oct 2014)
- ares_getnameinfo.3: there is no ares_getaddrinfo

David Drysdale (30 Sep 2014)
- [Gregor Jasny brought this change]

  Prevent tmpbuf from overrunning

  Fix Coverity error CID 56886.

  Signed-off-by: Gregor Jasny <>

- [Gregor Jasny brought this change]

  Re-start loop if select fails

  Fix Coverity error CID 56882

  Signed-off-by: Gregor Jasny <>

- [Gregor Jasny brought this change]

  Free temporary variable in error path

  Fix Coverity CID 56890

  Signed-off-by: Gregor Jasny <>

- [Gregor Jasny brought this change]

  Fix integer shift overflow if both tcp_socket and udp_socket are set

  The problem occurs if at the start of the loop the sockindex is at the
  last valid ARES_GETSOCK_MAXNUM position. If then both udp_socket and
  tcp_socket are valid, sockindex gets incremented for UDP first and
  points one entry behind the array for the tcp block.
  So the fix is to check after every increment of sockindex if it is still

  Fix Coverity error CID 56878

  Signed-off-by: Gregor Jasny <>

- [Gregor Jasny brought this change]

  Null check before dereference

  Fix Coverity error CID 56880

  Signed-off-by: Gregor Jasny <>

Jakub Hrozek (28 Jul 2014)
- [Gisle Vanem brought this change]

  Comment in ares_ipv6.h

David Drysdale (25 Jul 2014)
- CONTRIBUTING: add file to indicate mailing list is preferred

- Add -t u option to ahost

  Add an option to allow specification of the AF_UNSPEC
  address family.

Jakub Hrozek (24 Jul 2014)
- host_callback: Fall back to AF_INET on searching with AF_UNSPEC

  Previously, when an ares_gethostbyname() searched with AF_UNSPEC and the
  first AF_INET6 call only returned CNAMEs, the host_callback never
  retried AF_INET.

  This patch makes sure than on ARES_SUCCESS, the result of AF_INET6 is
  taken as authoritative only if the result contains some addresses.

- [David Drysdale brought this change]

  Move memset call below platform-specific declarations

  A GitHub commenter [1] says that my recent change to ahost.c has
  problems compiling on Windows + C89 platforms.

  [1]  c-ares/c-ares@ee22246#commitcomment-6587616

- [David Drysdale brought this change]

  Update ahost man page to describe -s option.

  Commit ee22246507c9 added the -s <domain> option to the
  ahost command, but neglected to update the man page to
  describe it.

  Also fix typo in description of -t option.

- ares_parse_soa_reply: Do not leak rr_name on allocation failure

  If ares_malloc_data failed, already allocated rr_name would go out of

- [David Drysdale brought this change]

  Don't override explicitly specified search domains

  Only set search domains from /etc/resolv.conf if there isn't a value
  already present in the channel.

- [David Drysdale brought this change]

  Allow specification of search domain in ahost

  Add the "-s domain" command line option to override the search

Daniel Stenberg (12 May 2014)
- Revert "ares_parse_aaaa_reply: fix leak when reply contains 1 alias and no address"

  This reverts commit 440110b303fdbfadb3ad53d30eeb98cc45d70451.

- [Frederic Germain brought this change]

  ares_parse_aaaa_reply: fix leak when reply contains 1 alias and no address

- [Doug Kwan brought this change]

  ares_build.h: fix building on 64-bit powerpc

  There are two issues.

  1. gcc actually does not use __ppc__ and __ppc64__ but __PPC__ and
  __PPC64__.  The tests of __ILP32__ and __LP64__ are sufficient for gcc.

  2. clang defines __GNU__ and defines both __ppc64__ and __ppc__ when
  targeting ppc64.  This makes CARES_SIZEOF_LONG to be 4 on a ppc64 system
  when building with clang.

  My patch is two change the order of the checks so that we check the
  64-bit case first.

- refresh: updated now with automake 1.14

- [David Drysdale brought this change]

  single_domain: Invalid memory access for empty string input

  We noticed a small buglet in ares_search() when it gets an empty string
  as input -- the single_domain() utility function in ares_search.c
  accesses invalid memory (before the start of the string).

Guenter Knauf (31 Aug 2013)
- Fixed warning 'type specifier missing'.

Daniel Stenberg (30 Aug 2013)
- [Tor Arntsen brought this change]

  ares_rules.h: CARES_SIZEOF_LONG doesn't exist anymore, don't test for it

  It was removed in f19387dd72432

- nowarn: use <limits.h> instead of configure for size of long

  This makes the header file much more multi-arch friendly and can be used
  as-is with both 32 bit and 64 bit builds.

- timeoffset: made static and private

  ares__timeoffset() was only used once within this single source file

- timeadd: make static

  ares__timeadd() was only ever used from within the same source

Yang Tse (18 Jul 2013)
- xc-am-iface.m4: comments refinement

- configure: fix 'subdir-objects' distclean related issue

  See XC_AMEND_DISTCLEAN comments for details.

- configure: automake 1.14 compatibility tweak (use XC_AUTOMAKE)

- xc-am-iface.m4: provide XC_AUTOMAKE macro

Daniel Stenberg (12 May 2013)
- gitignore: ignore all ares_*pdf but also CHANGES.dist

- bump: start working towards 1.10.1

uklotzde added a commit to uklotzde/mixxx that referenced this issue Jan 26, 2017

Peter-Levine added a commit to Peter-Levine/yaml-cpp that referenced this issue Jul 24, 2017

jbeder added a commit to jbeder/yaml-cpp that referenced this issue Jul 24, 2017

@orivej orivej referenced this issue Aug 28, 2017


synergy: fix check with gcc6 #28637

5 of 8 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.