Getaddrinfo()is an API that returns IP addresses for a passed in hostname. If the host hasmultiple entries the results are returned in a linked list of addresses. Thehostname can either be the local machine name or a remote machine name.
A customer noticed that on one particular machine, afterinstalling MS12-032,requests to look up the local machine name would return the loopback address,127.0.0.1, and not the public IP address.
The customer’s code looked something like this:
struct sockaddr_in *sockaddr_ipv4;
memset(&hints, 0, sizeof(hints));
hints.ai_socktype = SOCK_STREAM;
hints.ai_family = AF_INET;
addrInfo = NULL;
getaddrinfo( "computername", "0", &hints, &addrInfo );
ai = addrInfo;
while(ai != NULL)
sockaddr_ipv4 = (struct sockaddr_in *) ai->ai_addr;
sprintf(szIP4, "%s",inet_ntoa(sockaddr_ipv4->sin_addr) );
ai = ai->ai_next;
One thing this code does is that it ends up using the lastIP address returned. Getaddrinfo() can return multiple entries and there is noguarantee what order they will be returned in. Normally, there is only one IPv4(AF_INET) address and this will work as expected, and did before the securitypatch.
Two things were happening on the machine that returned thewrong address.
1) This function had always returned multipleaddresses, it just so happens that the last one returned had been the one thatwe wanted.
2) One of the IP addresses returned was the loopback adapter address of 127.0.0.1.
After the security update, we changed the order that the IPaddresses were returned from the hosts file. The system administrator had added2 entries to the local hosts file, the static public IP, and the loop backaddress.
192.168.15.8 computername 127.0.0.1 computername
Normally there is no reason to add 127.0.0.1 to the hostsfile. “Loopback” is usually what you want to resolve to 127.0.0.1, not theactual computername, and it does this without an explicit entry in the hostsfile. The easiest way to work around this problem is to remove the 127.0.0.1entry from the hosts file.