jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-31 05:27:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

util: Avoid overflow in GetNameByINet

Browse Source 
We copy the results of gethostbyaddr into a fixed length buffer
without checking whether they fit. Add a length check, and use
strlcpy to do the copy to make sure we can't overflow.

Caught by coverity (#985912, #985872)

Change-Id: I1e8f0fbb2577199c25201940f54646a4acdbbd37
Reviewed-on: http://gerrit.openafs.org/9393
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
This commit is contained in:
Simon Wilkinson 2013-03-02 10:27:47 +00:00 committed by Jeffrey Altman
parent cc194827a8
commit fcb7974b83
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/util/hostparse.c
View File

@ -104,8 +104,8 @@ hostutil_GetNameByINet(afs_uint32 addr)
return NULL; return NULL;
#endif #endif
th = gethostbyaddr((void *)&addr, sizeof(addr), AF_INET); th = gethostbyaddr((void *)&addr, sizeof(addr), AF_INET);
if (th) { if (th && strlen(th->h_name) < sizeof(tbuffer)) {
strcpy(tbuffer, th->h_name); strlcpy(tbuffer, th->h_name, sizeof(tbuffer));
} else { } else {
addr = ntohl(addr); addr = ntohl(addr);
sprintf(tbuffer, "%d.%d.%d.%d", (int)((addr >> 24) & 0xff), sprintf(tbuffer, "%d.%d.%d.%d", (int)((addr >> 24) & 0xff),