lib/57609: getnameinfo(3)'s salen argument is interpreted too strictly

[hakan.engvall%gmail.com@localhost]

>Number:         57609
>Category:       lib
>Synopsis:       getnameinfo(3)'s salen argument is interpreted too strictly
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Sep 07 02:15:00 +0000 2023
>Originator:     Carl Engvall
>Release:        NetBSD 9.3_STABLE per 8/12/2023
>Organization:
>Environment:
NetBSD {hostname} 9.3_STABLE NetBSD 9.3_STABLE (SYN) #4: Mon Aug 14 18:20:20 EDT 2023  root@{hostname}:/usr/src/sys/arch/i386/compile/SYN i386
>Description:
getnameinfo(3) returns EAI_FAIL when salen is not equal to the corresponding length specified for the family (sa->sa_family). RFC 4038
Sec.6.2.3 shows an example passing sizeof(struct sockaddr_storage)
to salen. This has been adopted by software packages as well, e.g., collectd-5.12. 
>How-To-Repeat:
Code calling getnameinfo(3) in this way:

struct sockaddr_storage *address;
char host[48];

status = getnameinfo((struct sockaddr *)address,
         sizeof(struct sockaddr_storage), host, sizeof(host),
         NULL, 0, NI_NUMERICHOST | NI_NUMERICSERV);

will return EAI_FAIL.

The software collectd-5.12 uses this code and the network module will fail to receive data.


>Fix:
Have the address family independent code accept the larger buffer length (sizeof(struct sockaddr_storage)) but adjust the salen value in the address family dependent functions.  FreeBSD has implemented it in this way.