1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
|
Description: fix buffer overflow with long hostnames
(the rest of the patch is in debian/patches/13opt_allsubnets)
Author: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
Bug-Debian: https://bugs.debian.org/705894
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1097289
--- a/db.c
+++ b/db.c
@@ -293,8 +293,10 @@
BCOPY(e, ep->e, 6);
if (h == NULL && !initializing)
h = getsname(a);
- if (h != NULL && !isdigit((int)*h))
- strcpy(ep->h, h);
+ if (h != NULL && !isdigit((int)*h)) {
+ strncpy(ep->h, h, 34);
+ ep->h[33] = '\0';
+ }
ep->t = t;
if (interface != NULL) {
strncpy(ep->i, interface, 16);
@@ -318,7 +320,8 @@
if (!isdigit((int)*h) && strcmp(h, ep->h) != 0) {
syslog(LOG_INFO, "hostname changed %s %s %s -> %s",
intoa(ap->a), e2str(ep->e), ep->h, h);
- strcpy(ep->h, h);
+ strncpy(ep->h, h, 34);
+ ep->h[33] = '\0';
}
}
|