dovecot-2.2: hostpid_init(): Don't allow gethostname() to fail. ...
dovecot at dovecot.org
dovecot at dovecot.org
Wed Oct 31 14:44:36 EET 2012
details: http://hg.dovecot.org/dovecot-2.2/rev/626a9df21e62
changeset: 15365:626a9df21e62
user: Timo Sirainen <tss at iki.fi>
date: Wed Oct 31 14:44:24 2012 +0200
description:
hostpid_init(): Don't allow gethostname() to fail. Be more strict about what chars it can contain.
diffstat:
src/lib/hostpid.c | 10 +++++-----
1 files changed, 5 insertions(+), 5 deletions(-)
diffs (30 lines):
diff -r 53d4db36e251 -r 626a9df21e62 src/lib/hostpid.c
--- a/src/lib/hostpid.c Wed Oct 31 13:34:52 2012 +0200
+++ b/src/lib/hostpid.c Wed Oct 31 14:44:24 2012 +0200
@@ -6,6 +6,8 @@
#include <unistd.h>
#include <netdb.h>
+#define HOSTNAME_DISALLOWED_CHARS "/\r\n\t"
+
const char *my_hostname = NULL;
const char *my_pid = NULL;
@@ -15,14 +17,12 @@
{
static char hostname[256], pid[MAX_INT_STRLEN];
- if (gethostname(hostname, sizeof(hostname)-1) == -1) {
- if (i_strocpy(hostname, "unknown", sizeof(hostname)) < 0)
- i_unreached();
- }
+ if (gethostname(hostname, sizeof(hostname)-1) == -1)
+ i_fatal("gethostname() failed: %m");
hostname[sizeof(hostname)-1] = '\0';
my_hostname = hostname;
- if (strchr(hostname, '/') != NULL)
+ if (strcspn(hostname, HOSTNAME_DISALLOWED_CHARS) != strlen(hostname))
i_fatal("Invalid system hostname: %s", hostname);
/* allow calling hostpid_init() multiple times to reset hostname */
More information about the dovecot-cvs
mailing list