Re: 2 dodgy network programs

Nick 'Zaf' Clifford (zafNRC.CO.NZ)
Sun, 10 Oct 1999 12:07:56 +1300

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Vincent Zweije: "Re: Guestbook perl script (error fix)"
• Previous message: Seth R Arnold: "Re: Console permissions in RH 6.X (was: Re: Window manager - impementation...)"
• In reply to: Taneli Huuskonen: "Console permissions in RH 6.X (was: Re: Window manager - impementation...)"
• Next in thread: David R. Conrad: "Re: 2 dodgy network programs"

Antonomasia wrote:
>
> I was just visiting http://www.echelon.wiretapped.net and downloaded a
> small file called "tcplog.c" with no author or version stated. It is for
> logging connections to your box (linux only).
>
> There are some minor coding gripes I could make, but line 107
> takes a risk with the size of a hostname
>
> 98 char *hostlookup(unsigned long int in)
> 99 {
> 100 static char blah[1024];
> 101 struct in_addr i;
> 102 struct hostent *he;
> 103
> 104 i.s_addr=in;
> 105 he=gethostbyaddr((char *)&i, sizeof(struct in_addr),AF_INET);
> 106 if(he == NULL) strcpy(blah, inet_ntoa(i));
> 107 else strcpy(blah, he->h_name);
> 108 return blah;
> 109 }
>
<SNIP>

The "standard" max length of a hostname is 63 characters. Its used with
little or no buffer checking in a *LOT* of code bases, most ircd's
assume this is the maximum, with little checking.

I don't think you'd be able to convince a nameservice to pass on a > 63
char hostname to a program. Though you might strike luck with
/etc/hosts.

Nick

• Next message: Vincent Zweije: "Re: Guestbook perl script (error fix)"
• Previous message: Seth R Arnold: "Re: Console permissions in RH 6.X (was: Re: Window manager - impementation...)"
• In reply to: Taneli Huuskonen: "Console permissions in RH 6.X (was: Re: Window manager - impementation...)"
• Next in thread: David R. Conrad: "Re: 2 dodgy network programs"

This archive was generated by hypermail 2.0b3 on Mon Oct 11 1999 - 19:58:29 CDT