Coolwhois.com WTF



  • While doing a little bit of background research after reading this ElReg story, I noticed an amusing buglet in the inverse-IP-whois-lookup function at the related website coolwhois.com, on the results page you get if you try to lookup the numeric IP 255.255.255.255 

    [quote user="http://www.coolwhois.com/d/255.255.255.255"] 

    Results for 255.255.255.255:

    This is a cached result from 2009-Mar-04 10:51:42 +0000 (14 days old). Get live result.

    Registrar: American Registry for Internet Numbers (ARIN)
    IP Address: 255.255.255.255
    Warning: gethostbyaddr() [function.gethostbyaddr]: Address is not in a.b.c.d form in /home/gilby/sites/coolwhois.com/web/display.php on line 187
    ()

    Whois results from whois.arin.net:
    OrgName:    Internet Assigned Numbers Authority 
    OrgID: IANA
    Address: 4676 Admiralty Way, Suite 330
    City: Marina del Rey
    StateProv: CA
    PostalCode: 90292-6695
    Country: US

    NetRange: 240.0.0.0 - 255.255.255.255
    CIDR: 240.0.0.0/4
    NetName: RESERVED-240
    NetHandle: NET-240-0-0-0-0
    Parent:
    NetType: IANA Special Use
    Comment: Please see RFC 3330 for additional information.
    RegDate:
    Updated: 2002-10-14

    OrgAbuseHandle: IANA-IP-ARIN
    OrgAbuseName: Internet Corporation for Assigned Names and Number
    OrgAbusePhone: +1-310-301-5820
    OrgAbuseEmail: abuse@iana.org

    OrgTechHandle: IANA-IP-ARIN
    OrgTechName: Internet Corporation for Assigned Names and Number
    OrgTechPhone: +1-310-301-5820
    OrgTechEmail: abuse@iana.org

    # ARIN WHOIS database, last updated 2009-03-03 19:10
    # Enter ? for additional hints on searching ARIN's WHOIS database.

    URL to this Cached Result: http://coolwhois.com/d/255.255.255.255/20090304105142
    <b></b><p>[/quote]It should be fairly obvious to those who know the unix sockets api to work out what's going on here.&nbsp; If not, notice how it doesn't happen for <a href="http://www.coolwhois.com/d/0.0.0.0" title="http://www.coolwhois.com/d/0.0.0.0" target="_blank" mce_href="http://www.coolwhois.com/d/0.0.0.0">http://www.coolwhois.com/d/0.0.0.0</a> or <a href="http://www.coolwhois.com/d/255.255.255.254" title="http://www.coolwhois.com/d/255.255.255.254" target="_blank" mce_href="http://www.coolwhois.com/d/255.255.255.254">http://www.coolwhois.com/d/255.255.255.254</a> or any other random or invalid or RFC1918 IP address....&nbsp;</p>


  • This is a fairly old, well-known issue, so I'm not sure it's much of a WTF.

     

    However, it still serves as a good demonstration of why you should never use magic function return values to indicate an error condition.



  • Re: Coolwhois.com minor WTF

    @morbiuswilters said:

    This is a fairly old, well-known issue, so I'm not sure it's much of a WTF.

     

    However, it still serves as a good demonstration of why you should never use magic function return values to indicate an error condition.

    Yeah, it's an oldie but goodie.  Subject line adjusted!

    TRWTF, of course, is http://coolwhois.com/php.php



  •  Just looking through their phpinfo file and I can see they haven't set their server_admin:

     

    SERVER_ADMIN you@example.com 

     

    Just wondering - although I do change it, is it advisable to change this in the php.ini file at all or do other people just leave it default?



  • I take it that 255.255.255.255 would resolve to -1 if treated as a signed, 32-bit integer, which is interpreted as failure, either inside or outside of gethostbyaddr().



  • @robbak said:

    I take it that 255.255.255.255 would resolve to -1 if treated as a signed, 32-bit integer, which is interpreted as failure, either inside or outside of gethostbyaddr().

    Full marks for you sir!  Yep, the problem is presumably that the PHP gethostbyaddr function relies internally on inet_addr() which has a slight problem with returning in-band error status.  The underlying gethostbyaddr syscall requires an in_addr, and inet_addr is used to convert the input string to an in_addr_t which is then stored into an sockaddr_in struct.  The right answer would have been to use getaddrinfo, which returns the address and error status separately.

    There appears to be a minor documentation WTF in the Opengroup POSIX spec:

    [quote user="http://www.opengroup.org/onlinepubs/009695399/functions/gethostbyaddr.html"]

    The name argument of gethostbyname() shall be a node name; the behavior of gethostbyname() when passed a numeric address string is unspecified. For IPv4, a numeric address string shall be in the dotted-decimal notation described in inet_addr().

    If name is not a numeric address string and is an alias for a valid host name, then gethostbyname() shall return [ . . . ]

    [/quote]The behaviour is unspecified if you try and pass a numeric address string, but you better be sure and use the correct format if you do? WTF!?



  • @DaveK said:

    TRWTF, of course, is http://coolwhois.com/php.php

     

    I like that bulletproof authentification technique they used. Oh, hang on a sec, I think the printer has finished my "The key is under the doormat" sign.



  • @DaveK said:

    TRWTF, of course, is http://coolwhois.com/php.php

    _ENV["USER"]    root
    _ENV["GROUP"]    wheel

     

    I haven't used apache/PHP before, but does that mean they are running their webserver as root?



  • _ENV["PWD"] = /home/gilby/sites/tinyurl.com/htdocs

    oO



  • @DaveK said:

    There appears to be a minor documentation WTF in the Opengroup POSIX spec:

    [quote user="http://www.opengroup.org/onlinepubs/009695399/functions/gethostbyaddr.html"]

    The name argument of gethostbyname() shall be a node name; the behavior of gethostbyname() when passed a
    numeric address string is unspecified. For IPv4, a numeric address string shall be in the dotted-decimal notation described in inet_addr().

    If name is not a numeric address string and is an alias for a valid host name, then gethostbyname() shall return [ . . . ]

    The behaviour is unspecified if you try and pass a numeric address string, but you better be sure and use the correct format if you do? WTF!?

    [/quote]

    Well, it's unspecified, not undefined. That means it's valid, but you're not guaranteed anything. But yeah, kind of WTFy.



  • Why is /usr/games in a server's PATH variable?



    I also like it how they tried to hide the phpinfo page. Looks like a sad story: first they tried to make the page unavailable to public by "protecting" it with an "obscure" password. But then, obviously, someone complained because he was unable to remember 123, and they had to place that link there.



    Not that get variables get lost in bookmarks.



  • @derula said:

    Why is /usr/games in a server's PATH variable?

    I also like it how they tried to hide the phpinfo page. Looks like a sad story: first they tried to make the page unavailable to public by "protecting" it with an "obscure" password. But then, obviously, someone complained because he was unable to remember 123, and they had to place that link there.

    @Baravelli said:

    Hey, whats-a matter, you no understand English?  You can't come in here unless you say "Swordfish".  Now, I give you one more guess.

     



  • Why do you need a web-site for whois query? I just netcat to the whois server when doing a whois query (or use the gopher protocol handler in a web-browser, which is also compatible with whois) and I don't understand the point of doing it a different way.



  • @zzo38 said:

    Why do you need a web-site for whois query? I just netcat to the whois server when doing a whois query (or use the gopher protocol handler in a web-browser, which is also compatible with whois) and I don't understand the point of doing it a different way.

    Didn't we just do the Four Yorkshiremen sketch already?

    EDIT: Holy crap!  You do run a gopher server written in BASIC, so I can't fault you for consistency there! 



  • Coolwhois.com I don't get it. Coolwhois. Coolwhois. That just doesn't sound right. Oh well, good that they try to be cool. At least they're attempting. I appreciate that.

    But I hope someone doesn't make StreetCredibleDiG.com or TotallyRadNslookup.com.



  • @PSWorx said:

    _ENV["PWD"] = /home/gilby/sites/tinyurl.com/htdocs

    oO

    That's because CoolWhois.com is owned by the same company as TinyURL.com. Woah. I kind of expected better from the people powering THAT.



  • @Kyanar said:

    Woah. I kind of expected better from the people powering THAT.
     

    I don't, look at their front page:

    @tinyurl.com said:

    we will create a tiny URL that [...] never expires


    Right. Unless they go bankrupt. Or their database and backup are destroyed (and then I hope they have a backup).

    I know of a magazine that exclusively uses that site for their printed links. Which is has a lot. Are they *&^$#@ if that thing ever breaks.
    I mean, who wouldn't put their fate in a company (?) that runs its webserver as root, has a public phpinfo and is the creator of such wonderfull sites.

    I especially like the Copyright © 1998-2003 on the first site. Or the "SPAM protection" of putting a fake email in the mailto: part of the <a>, but still putting your email in plaintext between the <a> and </a>.



  • @dtech said:

    @Kyanar said:

    Woah. I kind of expected better from the people powering THAT.
     

    I don't, look at their front page:

    @tinyurl.com said:

    we will create a tiny URL that [...] never expires


    Right. Unless they go bankrupt. Or their database and backup are destroyed (and then I hope they have a backup).

    It does happen.  Google "journalspace.com drive unrecoverable".  No off-site backup at all.  Just one server with mirrored RAID drives.  TRWTF is that they survived for six years with that setup.


Log in to reply