[PATCH] safe_gethostname
Tito
farmatito at tiscali.it
Mon Feb 25 20:53:21 UTC 2008
On Monday 25 February 2008 21:40:10 Denys Vlasenko wrote:
> On Monday 25 February 2008 21:02, Tito wrote:
> > > Why 256?
> >
> > Leftover of my first attempt with a static buffer....should be 255 in this case.
>
> I mean, why not sizeof()? I think sizeof never lies.
> > >
> > > If fields are indeed terminated by NUL, just xstrdup(uts.nodename)
> > > will work.
> > >
> > > Otherwise (if you fear that they may not be),
> > > xstrndup(uts.nodename, sizeof(uts.nodename));
> >
> > Fields are indeed nul terminated but lenght is unspecified
> > so to follow RFC with xstrndup we ensure a maximum
> > size of 255 in the case of a longer hostname:
>
> Lenght is unspecified _in standards_ but it sure
> is correctly specified _in header files_:
>
> sys/utsname.h
>
> struct utsname
> {
> char sysname[_UTSNAME_SYSNAME_LENGTH];
> char nodename[_UTSNAME_NODENAME_LENGTH];
> char release[_UTSNAME_RELEASE_LENGTH];
> char version[_UTSNAME_VERSION_LENGTH];
> char machine[_UTSNAME_MACHINE_LENGTH];
> ....
>
> If header is wrong about size of nodename[], all fields
> past it will be busted, C program cannot access them correctly.
> This would be a libc bug.
>
> Assuming that libc is not buggy, you can always safely use
> sizeof(nodename), irrespective what standards say.
>
> To be more exact:
>
> return xstrndup(uts.nodename, sizeof(uts.nodename));
>
> is a most straightforward way to return nodename,
> NUL terminated, even if you are not sure that uts.nodename
> is NUL terminated, and do not know how big is it.
> You just use what compiler + libc know.
>
>
> > "Host software MUST handle host names of up to 63 characters and
> > SHOULD handle host names of up to 255 characters."
>
> I prefer "we do not code around libc bugs, we fix libc if it is buggy".
>
>
> > next version of the patch attached.Now it looks like this:
> >
> > char *safe_gethostname(void)
> > {
> > struct utsname uts;
> >
> > /* The length of the arrays in a struct utsname is unspecified;
> > * the fields are terminated by a null byte.
> > * Note that there is no standard that says that the hostname
> > * set by sethostname(2) is the same string as the nodename field of the
> > * struct returned by uname (indeed, some systems allow a 256-byte host-
> > * name and an 8-byte nodename), but this is true on Linux. The same holds
> > * for setdomainname(2) and the domainname field.
> > */
> >
> > /* Uname can fail only if you pass a bad pointer to it. */
> > uname(&uts);
> >
> > return xstrndup(!*(uts.nodename) ? "?" : uts.nodename, 255);
> > }
> --
> vda
>
I see....how could I've been so blind!
So sizeof(ut.nodename).
Attached version 04.
Thanks for your time and patience!
Ciao,
Tito
-------------- next part --------------
A non-text attachment was scrubbed...
Name: safe_gethostname04.patch
Type: text/x-diff
Size: 7700 bytes
Desc: not available
Url : http://lists.busybox.net/pipermail/busybox/attachments/20080225/e163c77a/attachment-0002.bin
More information about the busybox
mailing list