Don't assume that hp->h_lenght == 4. Be conservative in its use.

Submitted by:	 J. Assange a long time ago.
This commit is contained in:
Warner Losh 1998-06-09 04:31:02 +00:00
parent f34c49eb54
commit a716ad6693
6 changed files with 45 additions and 31 deletions

View File

@ -39,11 +39,12 @@
static char sccsid[] = "@(#)net.c 8.4 (Berkeley) 4/28/95";
#else
static const char rcsid[] =
"$Id: net.c,v 1.8 1997/07/02 06:34:50 charnier Exp $";
"$Id: net.c,v 1.9 1997/08/01 20:10:44 wollman Exp $";
#endif
#endif /* not lint */
#include <sys/types.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
@ -96,7 +97,7 @@ netfinger(name)
return;
}
sin.sin_family = hp->h_addrtype;
bcopy(hp->h_addr, (char *)&sin.sin_addr, hp->h_length);
bcopy(hp->h_addr, (char *)&sin.sin_addr, MIN(hp->h_length,sizeof(sin.sin_addr)));
sin.sin_port = sp->s_port;
if ((s = socket(hp->h_addrtype, SOCK_STREAM, 0)) < 0) {
perror("finger: socket");

View File

@ -1,4 +1,4 @@
/* $Id: ftp.c,v 1.11 1997/12/13 20:38:17 pst Exp $ */
/* $Id: ftp.c,v 1.12 1997/12/16 08:22:37 ache Exp $ */
/* $NetBSD: ftp.c,v 1.29.2.1 1997/11/18 01:01:04 mellon Exp $ */
/*
@ -39,7 +39,7 @@
#if 0
static char sccsid[] = "@(#)ftp.c 8.6 (Berkeley) 10/27/94";
#else
__RCSID("$Id: ftp.c,v 1.11 1997/12/13 20:38:17 pst Exp $");
__RCSID("$Id: ftp.c,v 1.12 1997/12/16 08:22:37 ache Exp $");
__RCSID_SOURCE("$NetBSD: ftp.c,v 1.29.2.1 1997/11/18 01:01:04 mellon Exp $");
#endif
#endif /* not lint */
@ -95,8 +95,7 @@ hookup(host, port)
memset((void *)&hisctladdr, 0, sizeof(hisctladdr));
if (inet_aton(host, &hisctladdr.sin_addr) != 0) {
hisctladdr.sin_family = AF_INET;
(void)strncpy(hostnamebuf, host, sizeof(hostnamebuf) - 1);
hostnamebuf[sizeof(hostnamebuf) - 1] = '\0';
(void) strncpy(hostnamebuf, host, sizeof(hostnamebuf));
} else {
hp = gethostbyname(host);
if (hp == NULL) {
@ -105,10 +104,11 @@ hookup(host, port)
return ((char *) 0);
}
hisctladdr.sin_family = hp->h_addrtype;
memcpy(&hisctladdr.sin_addr, hp->h_addr, hp->h_length);
(void)strncpy(hostnamebuf, hp->h_name, sizeof(hostnamebuf) - 1);
hostnamebuf[sizeof(hostnamebuf) - 1] = '\0';
memcpy(&hisctladdr.sin_addr, hp->h_addr_list[0],
MIN(hp->h_length,sizeof(hisctladdr.sin_addr)));
(void) strncpy(hostnamebuf, hp->h_name, sizeof(hostnamebuf));
}
hostnamebuf[sizeof(hostnamebuf) - 1] = '\0';
hostname = hostnamebuf;
s = socket(hisctladdr.sin_family, SOCK_STREAM, 0);
if (s < 0) {
@ -127,7 +127,8 @@ hookup(host, port)
errno = oerrno;
warn("connect to address %s", ia);
hp->h_addr_list++;
memcpy(&hisctladdr.sin_addr, hp->h_addr, hp->h_length);
memcpy(&hisctladdr.sin_addr, hp->h_addr_list[0],
MIN(hp->h_length,sizeof(hisctladdr.sin_addr)));
printf("Trying %s...\n",
inet_ntoa(hisctladdr.sin_addr));
(void)close(s);

View File

@ -45,7 +45,7 @@ static const char copyright[] =
static char sccsid[] = "from: @(#)quota.c 8.1 (Berkeley) 6/6/93";
#endif
static const char rcsid[] =
"$Id: quota.c,v 1.7 1997/08/04 06:45:11 charnier Exp $";
"$Id: quota.c,v 1.8 1998/01/20 12:53:43 bde Exp $";
#endif /* not lint */
/*
@ -692,7 +692,7 @@ callaurpc(host, prognum, versnum, procnum, inproc, in, outproc, out)
return ((int) RPC_UNKNOWNHOST);
timeout.tv_usec = 0;
timeout.tv_sec = 6;
bcopy(hp->h_addr, &server_addr.sin_addr, hp->h_length);
bcopy(hp->h_addr, &server_addr.sin_addr, MIN(hp->h_length,sizeof(server_addr.sin_addr)));
server_addr.sin_family = AF_INET;
server_addr.sin_port = 0;

View File

@ -2,7 +2,7 @@
/*static char sccsid[] = "from: @(#)rpcinfo.c 1.22 87/08/12 SMI";*/
/*static char sccsid[] = "from: @(#)rpcinfo.c 2.2 88/08/11 4.0 RPCSRC";*/
static char rcsid[] =
"$Id: rpcinfo.c,v 1.5 1997/03/29 04:31:57 imp Exp $";
"$Id: rpcinfo.c,v 1.6 1997/08/06 06:49:06 charnier Exp $";
#endif
/*
@ -52,6 +52,8 @@ static char rcsid[] =
#include <rpc/pmap_prot.h>
#include <rpc/pmap_clnt.h>
#include <signal.h>
#include <ctype.h>
#include <sys/param.h>
#define MAXHOSTLEN 256
@ -496,7 +498,7 @@ pmapdump(argc, argv)
server_addr.sin_family = AF_INET;
if ((hp = gethostbyname("localhost")) != NULL)
bcopy(hp->h_addr, (caddr_t)&server_addr.sin_addr,
hp->h_length);
MIN(hp->h_length,sizeof(server_addr.sin_addr)));
else
server_addr.sin_addr.s_addr = inet_addr("0.0.0.0");
}
@ -653,8 +655,9 @@ get_inet_address(addr, host)
addr->sin_addr.s_addr = (u_long) inet_addr(host);
if (addr->sin_addr.s_addr == -1 || addr->sin_addr.s_addr == 0) {
if ((hp = gethostbyname(host)) == NULL)
errx(1, "%s is unknown host", host);
bcopy(hp->h_addr, (char *)&addr->sin_addr, hp->h_length);
errx(1, "%s is unknown host\n", host);
bcopy(hp->h_addr, (char *)&addr->sin_addr,
MIN(hp->h_length,sizeof(addr->sin_addr)));
}
addr->sin_family = AF_INET;
}

View File

@ -2201,9 +2201,11 @@ tn(argc, argv)
sin.sin_family = host->h_addrtype;
#if defined(h_addr) /* In 4.3, this is a #define */
memmove((caddr_t)&sin.sin_addr,
host->h_addr_list[0], host->h_length);
host->h_addr_list[0],
MIN(host->h_length, sizeof(sin.sin_addr)));
#else /* defined(h_addr) */
memmove((caddr_t)&sin.sin_addr, host->h_addr, host->h_length);
memmove((caddr_t)&sin.sin_addr, host->h_addr,
MIN(host->h_length, sizeof(sin.sin_addr)));
#endif /* defined(h_addr) */
strncpy(_hostname, host->h_name, sizeof(_hostname));
_hostname[sizeof(_hostname)-1] = '\0';
@ -2294,8 +2296,8 @@ tn(argc, argv)
errno = oerrno;
perror((char *)0);
host->h_addr_list++;
memcpy((caddr_t)&sin.sin_addr,
host->h_addr_list[0], host->h_length);
memcpy((caddr_t)&sin.sin_addr, host->h_addr_list[0],
MIN(host->h_length, sizeof(sin.sin_addr)));
(void) NetClose(net);
continue;
}
@ -2779,10 +2781,11 @@ sourceroute(arg, cpp, lenp)
sin_addr.s_addr = tmp;
} else if (host = gethostbyname(cp)) {
#if defined(h_addr)
memcpy((caddr_t)&sin_addr,
host->h_addr_list[0], host->h_length);
memcpy((caddr_t)&sin_addr, host->h_addr_list[0],
MIN(host->h_length,sizeof(sin_addr)));
#else
memcpy((caddr_t)&sin_addr, host->h_addr, host->h_length);
memcpy((caddr_t)&sin_addr, host->h_addr,
MIN(host->h_length,sizeof(sin_addr)));
#endif
} else {
*cpp = cp;

View File

@ -42,7 +42,7 @@ static const char copyright[] =
static char sccsid[] = "@(#)main.c 8.1 (Berkeley) 6/6/93";
#endif
static const char rcsid[] =
"$Id$";
"$Id: main.c,v 1.5 1997/08/14 06:47:39 charnier Exp $";
#endif /* not lint */
/* Many bug fixes are from Jim Guyton <guyton@rand-unix> */
@ -54,6 +54,7 @@ static const char rcsid[] =
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/file.h>
#include <sys/param.h>
#include <netinet/in.h>
@ -204,8 +205,9 @@ setpeer(argc, argv)
host = gethostbyname(argv[1]);
if (host) {
peeraddr.sin_family = host->h_addrtype;
bcopy(host->h_addr, &peeraddr.sin_addr, host->h_length);
strcpy(hostname, host->h_name);
bcopy(host->h_addr, &peeraddr.sin_addr,
MIN(sizeof(peeraddr.sin_addr), host->h_length));
strncpy(hostname, host->h_name, sizeof(hostname));
} else {
peeraddr.sin_family = AF_INET;
peeraddr.sin_addr.s_addr = inet_addr(argv[1]);
@ -214,8 +216,9 @@ setpeer(argc, argv)
printf("%s: unknown host\n", argv[1]);
return;
}
strcpy(hostname, argv[1]);
strncpy(hostname, argv[1], sizeof(hostname));
}
hostname[sizeof(hostname) - 1] = '\0';
port = sp->s_port;
if (argc == 3) {
port = atoi(argv[2]);
@ -348,10 +351,12 @@ put(argc, argv)
herror((char *)NULL);
return;
}
bcopy(hp->h_addr, (caddr_t)&peeraddr.sin_addr, hp->h_length);
bcopy(hp->h_addr, (caddr_t)&peeraddr.sin_addr,
MIN(sizeof(peeraddr.sin_addr), hp->h_length));
peeraddr.sin_family = hp->h_addrtype;
connected = 1;
strcpy(hostname, hp->h_name);
strncpy(hostname, hp->h_name, sizeof(hostname));
hostname[sizeof(hostname) - 1] = '\0';
}
if (!connected) {
printf("No target machine specified.\n");
@ -445,10 +450,11 @@ get(argc, argv)
continue;
}
bcopy(hp->h_addr, (caddr_t)&peeraddr.sin_addr,
hp->h_length);
MIN(sizeof(peeraddr.sin_addr), hp->h_length));
peeraddr.sin_family = hp->h_addrtype;
connected = 1;
strcpy(hostname, hp->h_name);
strncpy(hostname, hp->h_name, sizeof(hostname));
hostname[sizeof(hostname) - 1] = '\0';
}
if (argc < 4) {
cp = argc == 3 ? argv[2] : tail(src);