Browse code

core: safer truncation of hostname using memcpy

Daniel-Constantin Mierla authored on 08/05/2020 19:28:01
Showing 1 changed files
... ...
@@ -800,11 +800,14 @@ static inline struct hostent* ip_addr2he(str* name, struct ip_addr* ip)
800 800
 	static char* p_aliases[1];
801 801
 	static char* p_addr[2];
802 802
 	static char address[16];
803
+	int len;
803 804
 
804 805
 	p_aliases[0]=0; /* no aliases*/
805 806
 	p_addr[1]=0; /* only one address*/
806 807
 	p_addr[0]=address;
807
-	strncpy(hostname, name->s, (name->len<256)?(name->len)+1:256);
808
+	len = (name->len<255)?name->len:255;
809
+	memcpy(hostname, name->s, len);
810
+	hostname[len] = '\0';
808 811
 	if (ip->len>16) return 0;
809 812
 	memcpy(address, ip->u.addr, ip->len);
810 813