From: Danny Mayer <mayer@ntp.org>
Date: Mon, 18 Sep 2006 12:46:18 +0000 (-0400)
Subject: Bug #710 fix the length being copied in getnameinfo
X-Git-Tag: NTP_4_2_3P48~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9d1d1b91ae95c64de4644b466564e8fe7b764c31;p=thirdparty%2Fntp.git

Bug #710 fix the length being copied in getnameinfo

bk: 450e951aOOHA9PuPMJk5n4K9o5xL7A
---

diff --git a/libntp/ntp_rfc2553.c b/libntp/ntp_rfc2553.c
index ddd421d07..a3b3f2801 100644
--- a/libntp/ntp_rfc2553.c
+++ b/libntp/ntp_rfc2553.c
@@ -288,6 +288,7 @@ getnameinfo (const struct sockaddr *sa, u_int salen, char *host,
 	size_t hostlen, char *serv, size_t servlen, int flags)
 {
 	struct hostent *hp;
+	int namelen;
 
 	if (sa->sa_family != AF_INET)
 		return (EAI_FAMILY);
@@ -300,9 +301,15 @@ getnameinfo (const struct sockaddr *sa, u_int salen, char *host,
 		else
 			return (EAI_FAIL);
 	}
-	if (host != NULL) {
-		strncpy(host, hp->h_name, hostlen);
-		host[hostlen - 1] = '\0';
+	if (host != NULL && hostlen > 0) {
+		/*
+		 * Don't exceed buffer
+		 */
+		namelen = min(strlen(hp->h_name), hostlen - 1);
+		if (namelen > 0) {
+			strncpy(host, hp->h_name, namelen);
+			host[namelen - 1] = '\0';
+		}
 	}
 	return (0);
 }