getnameinfo (RFC2553/3493)

Scenario
getnameinfo may return FQDN (DNS PTR query) or numeric address string

Bad guy can configure malicious PTR record
1.1.1.10.in-addr.arpa. IN PTR	127.0.0.1

getnameinfo will return "127.0.0.1" when 10.1.1.1 sockaddr_in is passed

Caller cannot know if it is the result of PTR lookup, or inet_ntop(3)

Solution
If you use getnameinfo for access control, use the following construct (next page)