aboutsummaryrefslogblamecommitdiffstats
path: root/main/sipsak/fix-off-by-one-bugs.patch
blob: e61af5762c65c51650641e95eef547656f2f343e (plain) (tree)


































































                                                                                                                    
From bf9d2417a1e73697873a5f5099dac4bb3eb4b2d9 Mon Sep 17 00:00:00 2001
From: Richard Fuchs <rfuchs@sipwise.com>
Date: Thu, 1 Aug 2013 11:21:09 -0400
Subject: [PATCH] fix string off-by-one bugs

---
 helper.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/helper.c b/helper.c
index b09963c..4fbbae5 100644
--- a/helper.c
+++ b/helper.c
@@ -508,12 +508,12 @@ void get_fqdn(){
 	memset(&hlp, 0, sizeof(hlp));
 
 	if (hostname) {
-		strncpy(fqdn, hostname, FQDN_SIZE);
-		strncpy(hname, hostname, 100);
+		strncpy(fqdn, hostname, FQDN_SIZE-1);
+		strncpy(hname, hostname, sizeof(hname)-1);
 	}
 	else {
 		if ((uname(&un))==0) {
-			strncpy(hname, un.nodename, 100);
+			strncpy(hname, un.nodename, sizeof(hname)-1);
 		}
 		else {
 			if (gethostname(&hname[0], namelen) < 0) {
@@ -532,7 +532,7 @@ void get_fqdn(){
 				snprintf(fqdn, FQDN_SIZE, "%s.%s", hname, dname);
 		}
 		else {
-			strncpy(fqdn, hname, FQDN_SIZE);
+			strncpy(fqdn, hname, FQDN_SIZE-1);
 		}
 #endif
 	}
@@ -541,15 +541,15 @@ void get_fqdn(){
 		he=gethostbyname(hname);
 		if (he) {
 			if (numeric == 1) {
-				snprintf(hlp, 15, "%s", inet_ntoa(*(struct in_addr *) he->h_addr_list[0]));
-				strncpy(fqdn, hlp, FQDN_SIZE);
+				snprintf(hlp, sizeof(hlp), "%s", inet_ntoa(*(struct in_addr *) he->h_addr_list[0]));
+				strncpy(fqdn, hlp, FQDN_SIZE-1);
 			}
 			else {
 				if ((strchr(he->h_name, '.'))!=NULL && (strchr(hname, '.'))==NULL) {
-					strncpy(fqdn, he->h_name, FQDN_SIZE);
+					strncpy(fqdn, he->h_name, FQDN_SIZE-1);
 				}
 				else {
-					strncpy(fqdn, hname, FQDN_SIZE);
+					strncpy(fqdn, hname, FQDN_SIZE-1);
 				}
 			}
 		}
@@ -561,7 +561,7 @@ void get_fqdn(){
 	if ((strchr(fqdn, '.'))==NULL) {
 		if (hostname) {
 			fprintf(stderr, "warning: %s is not resolvable... continouing anyway\n", fqdn);
-			strncpy(fqdn, hostname, FQDN_SIZE);
+			strncpy(fqdn, hostname, FQDN_SIZE-1);
 		}
 		else {
 			fprintf(stderr, "error: this FQDN or IP is not valid: %s\n", fqdn);