[src/netbsd-1-6]: src/lib/libc/net Pull up revision 1.25 (requested by itojun...

[lukem <lukem%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/355ea4971ff4
branches:  netbsd-1-6
changeset: 529348:355ea4971ff4
user:      lukem <lukem%NetBSD.org@localhost>
date:      Fri Nov 15 00:46:09 2002 +0000

description:
Pull up revision 1.25 (requested by itojun in ticket #986):
fix remote buffer overrun.  from openbsd tree (1997).

diffstat:

 lib/libc/net/getnetnamadr.c |  18 +++++++++---------
 1 files changed, 9 insertions(+), 9 deletions(-)

diffs (61 lines):

diff -r 3da10c60ff4c -r 355ea4971ff4 lib/libc/net/getnetnamadr.c
--- a/lib/libc/net/getnetnamadr.c       Fri Nov 15 00:39:49 2002 +0000
+++ b/lib/libc/net/getnetnamadr.c       Fri Nov 15 00:46:09 2002 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: getnetnamadr.c,v 1.20.4.3 2002/08/27 09:23:44 lukem Exp $      */
+/*     $NetBSD: getnetnamadr.c,v 1.20.4.4 2002/11/15 00:46:09 lukem Exp $      */
 
 /* Copyright (c) 1993 Carlos Leandro and Rui Salgueiro
  *     Dep. Matematica Universidade de Coimbra, Portugal, Europe
@@ -47,7 +47,7 @@
 static char sccsid_[] = "from getnetnamadr.c   1.4 (Coimbra) 93/06/03";
 static char rcsid[] = "Id: getnetnamadr.c,v 8.8 1997/06/01 20:34:37 vixie Exp ";
 #else
-__RCSID("$NetBSD: getnetnamadr.c,v 1.20.4.3 2002/08/27 09:23:44 lukem Exp $");
+__RCSID("$NetBSD: getnetnamadr.c,v 1.20.4.4 2002/11/15 00:46:09 lukem Exp $");
 #endif
 #endif /* LIBC_SCCS and not lint */
 
@@ -135,8 +135,9 @@
        int n;
        u_char *eom;
        int type, class, ancount, qdcount, haveanswer, i, nchar;
-       char aux1[30], aux2[30], ans[30], *in, *st, *pauxt, *bp, **ap,
-               *paux1 = &aux1[0], *paux2 = &aux2[0], flag = 0, *ep;
+       char aux1[MAXDNAME], aux2[MAXDNAME], ans[MAXDNAME];
+       char *in, *st, *pauxt, *bp, **ap;
+       char *paux1 = &aux1[0], *paux2 = &aux2[0], flag = 0, *ep;
        static  char netbuf[PACKETSZ];
 
        _DIAGASSERT(answer != NULL);
@@ -181,7 +182,7 @@
                        break;
                cp += n;
                ans[0] = '\0';
-               (void)strcpy(&ans[0], bp);
+               (void)strlcpy(&ans[0], bp, sizeof(ans));
                GETSHORT(type, cp);
                GETSHORT(class, cp);
                cp += INT32SZ;          /* TTL */
@@ -218,10 +219,9 @@
                                        ;
                                if (nchar != 1 || *in != '0' || flag) {
                                        flag = 1;
-                                       (void)strncpy(paux1,
+                                       (void)strlcpy(paux1,
                                            (i==0) ? in : in-1,
-                                           (size_t)((i==0) ? nchar : nchar+1));
-                                       paux1[(i==0) ? nchar : nchar+1] = '\0';
+                                           (size_t)((i==0) ? nchar+1 : nchar+2));
                                        pauxt = paux2;
                                        paux2 = strcat(paux1, paux2);
                                        paux1 = pauxt;
@@ -423,7 +423,7 @@
        _DIAGASSERT(rv != NULL);
 
        net = va_arg(ap, const char *);
-       strcpy(&qbuf[0], net);
+       strlcpy(&qbuf[0], net, sizeof(qbuf));
        buf = malloc(sizeof(*buf));
        if (buf == NULL) {
                h_errno = NETDB_INTERNAL;