Add secure gethostname() wrapper

gethostname() func does not ensure null-terminated string
if hostname is longer than buffer length.
For security, a function s_gethostname() has been added
to ensure that "\0" is added to the end of the buffer.
Previously this had to be handled in each place
of the gethostname() call.

Signed-off-by: Blazej Kucman <blazej.kucman@intel.com>
Signed-off-by: Jes Sorensen <jes@trained-monkey.org>

diff --git a/Monitor.c b/Monitor.c
index 66175968406cbd18775ef544f8da20c8b1402715..e74a0558a0574bbb9bd32ec006dee903f3db2dbc 100644 (file)
--- a/Monitor.c
+++ b/Monitor.c
@@ -222,11 +222,10 @@ int Monitor(struct mddev_dev *devlist,
        info.dosyslog = dosyslog;
        info.test = c->test;
 
-       if (gethostname(info.hostname, sizeof(info.hostname)) != 0) {
+       if (s_gethostname(info.hostname, sizeof(info.hostname)) != 0) {
                pr_err("Cannot get hostname.\n");
                return 1;
        }
-       info.hostname[sizeof(info.hostname) - 1] = '\0';
 
        if (share){
                if (check_one_sharer(c->scan) == 2)

diff --git a/lib.c b/lib.c
index fe5c8d2ce652866dfb9a35d7087ff2d10b65909d..8a4b48e0ef4d273f955b2c472ddac73e0c378297 100644 (file)
--- a/lib.c
+++ b/lib.c
@@ -585,3 +585,22 @@ int parse_num(int *dest, const char *num)
        *dest = temp;
        return 0;
 }
+
+/**
+ * s_gethostname() - secure get hostname. Assure null-terminated string.
+ *
+ * @buf: buffer for hostname.
+ * @buf_len: buffer length.
+ *
+ * Return: gethostname() result.
+ */
+int s_gethostname(char *buf, int buf_len)
+{
+       assert(buf);
+
+       int ret = gethostname(buf, buf_len);
+
+       buf[buf_len - 1] = 0;
+
+       return ret;
+}

diff --git a/mapfile.c b/mapfile.c
index 34fea179b4c3cca649bf1cf657703eb99ba44eac..f1f3ee2cdc77bbe030a269c88d9a83e73b67c425 100644 (file)
--- a/mapfile.c
+++ b/mapfile.c
@@ -363,8 +363,7 @@ void RebuildMap(void)
        char *homehost = conf_get_homehost(&require_homehost);
 
        if (homehost == NULL || strcmp(homehost, "<system>")==0) {
-               if (gethostname(sys_hostname, sizeof(sys_hostname)) == 0) {
-                       sys_hostname[sizeof(sys_hostname)-1] = 0;
+               if (s_gethostname(sys_hostname, sizeof(sys_hostname)) == 0) {
                        homehost = sys_hostname;
                }
        }

diff --git a/mdadm.c b/mdadm.c
index 076b45e030b39c3eb5bf723329c30f043b469f35..e32598cb15a4577e91f4a5d1853f8e4176ceb51d 100644 (file)
--- a/mdadm.c
+++ b/mdadm.c
@@ -1340,8 +1340,7 @@ int main(int argc, char *argv[])
        if (c.homehost == NULL && c.require_homehost)
                c.homehost = conf_get_homehost(&c.require_homehost);
        if (c.homehost == NULL || strcasecmp(c.homehost, "<system>") == 0) {
-               if (gethostname(sys_hostname, sizeof(sys_hostname)) == 0) {
-                       sys_hostname[sizeof(sys_hostname)-1] = 0;
+               if (s_gethostname(sys_hostname, sizeof(sys_hostname)) == 0) {
                        c.homehost = sys_hostname;
                }
        }

diff --git a/mdadm.h b/mdadm.h
index 83f2cf7fa2a9c497a024ee1eadd7a29a6c17af56..f0ceeb78ca6c283c2b7ccf62f320701790cbe8ac 100644 (file)
--- a/mdadm.h
+++ b/mdadm.h
@@ -1805,6 +1805,7 @@ extern void set_dlm_hooks(void);
 extern void sleep_for(unsigned int sec, long nsec, bool wake_after_interrupt);
 extern bool is_directory(const char *path);
 extern bool is_file(const char *path);
+extern int s_gethostname(char *buf, int buf_len);
 
 #define _ROUND_UP(val, base)   (((val) + (base) - 1) & ~(base - 1))
 #define ROUND_UP(val, base)    _ROUND_UP(val, (typeof(val))(base))

diff --git a/super-ddf.c b/super-ddf.c
index 7213284e0a596069c3a378e99094a19351a82b1f..c5242654df3cb6ac328ade1416157e241733d10f 100644 (file)
--- a/super-ddf.c
+++ b/super-ddf.c
@@ -2364,8 +2364,7 @@ static int init_super_ddf(struct supertype *st,
         * Remaining 16 are serial number.... maybe a hostname would do?
         */
        memcpy(ddf->controller.guid, T10, sizeof(T10));
-       gethostname(hostname, sizeof(hostname));
-       hostname[sizeof(hostname) - 1] = 0;
+       s_gethostname(hostname, sizeof(hostname));
        hostlen = strlen(hostname);
        memcpy(ddf->controller.guid + 24 - hostlen, hostname, hostlen);
        for (i = strlen(T10) ; i+hostlen < 24; i++)