X-Authentication-Warning:	delorie.com: mailnull set sender to djgpp-workers-bounces using -f
Sender:	rich AT phekda DOT freeserve DOT co DOT uk
Message-ID:	<3C83E5D6.752D1F3B@phekda.freeserve.co.uk>
Date:	Mon, 04 Mar 2002 21:23:34 +0000
From:	Richard Dawe <rich AT phekda DOT freeserve DOT co DOT uk>
X-Mailer:	Mozilla 4.77 [en] (X11; U; Linux 2.2.19 i586)
X-Accept-Language:	de,fr
MIME-Version:	1.0
To:	djgpp-workers AT delorie DOT com
Subject:	Re: patch to int uname(struct utsname *u)
References:	<3C839428 DOT 1CEF9D1A AT ma DOT tum DOT de>
Reply-To:	djgpp-workers AT delorie DOT com

Hello.

Waldemar Schultz wrote:
[snip]

This patch seems like a good idea, but:

> !     dosmemget(__tb, sizeof(u->nodename), u->nodename);
> !     i = strlen(u->nodename);
>       do {
>         u->nodename[i--] = 0;
>       } while (i && u->nodename[i] <= ' ');
[snip]

This is dangerous. What if the nodename is 32 (or more) characters long? Then
u->nodename may not be terminated and strlen(u->nodename) could be very long
=> buffer overrun.

Now it's possible that the DOS interrupt returns 31 chars + nul at most for
the node (aka hostname), but it's not clear from the code. It doesn't seem
like a good idea to rely on that behaviour either.

Also, the patch had some commented code in it. Presumably we should discuss
that? It looks like you want to allow $HOSTNAME from the environment to
override the node name returned by uname()?

Thanks, bye, Rich =]

-- 
Richard Dawe [ http://www.phekda.freeserve.co.uk/richdawe/ ]

- Raw text -