Skip to content

Avoidable, potential unsafety #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
197g opened this issue Aug 31, 2019 · 9 comments
Closed

Avoidable, potential unsafety #6

197g opened this issue Aug 31, 2019 · 9 comments
Milestone
0.2

Comments

@197g
Copy link

197g commented Aug 31, 2019
edited
Loading

On Unix the function is potentially unsafe, depending on implementation choices made in the platform provided POSIX gethostname function. In particular its documentation (man page) reads:

If the null-terminated hostname is too large to fit, then the name is truncated, and no error is returned (but see NOTES below). POSIX.1-2001 says that if such truncation occurs, then it is unspecified whether the returned buffer includes a terminating null byte.

Although glibc and Linux will both never return a successful non-nullterminated result, Apples documentation even directly specifies this possibility (edit: but doesn't seem to allow it in practice, see below). The configuration is, however, much more generic than those specific systems.

It would be safer to append a single NULL-byte manually in any case.
@thomcc
Copy link

thomcc commented Aug 31, 2019

Apples documentation seems to specify that it returns an error code it the name is truncated, unless I'm misunderstanding you.

@197g
Copy link
Author

197g commented Aug 31, 2019
edited
Loading

The returned name is null-terminated, unless insufficient space is provided.

[ENAMETOOLONG] The current host name is longer [note by me: strictly] than namelen.

Host names are limited to {HOST_NAME_MAX} characters, not including the trailing null, currently 255.

These together I understand as: A 255 byte hostname may be returned successfully but is not null terminated.

@thomcc
Copy link

thomcc commented Aug 31, 2019

I have a mac, I'll try this with a hostname of 255.

@thomcc
Copy link

thomcc commented Aug 31, 2019
edited
Loading

Literally can't make my hostname 255 bytes on mac, it truncates to 254 bytes.

Tried both the UI and via running sethostname as superuser.

@197g
Copy link
Author

197g commented Aug 31, 2019

@jD91mZM2 Would you be able to offer any insight into whether or not this could affect Redox OS?

@jD91mZM2
Copy link
Contributor

Relibc, our libc implementation, does not push a trailing NUL-byte in case of length reached. Either way, one should definitely not rely on the implementation differing from the specification :)

@197g
Copy link
Author

197g commented Aug 31, 2019
edited
Loading

Redox OS also not affected by any actual issue since relibc has a limit of 65 for the hostname.

@jD91mZM2
Copy link
Contributor

Ah, well spotted!

@svartalf svartalf mentioned this issue Nov 3, 2019
Closed
12 tasks
@svartalf svartalf added this to the 0.2 milestone Nov 3, 2019
@svartalf
Copy link
Collaborator

svartalf commented Nov 8, 2019

This issue was addressed in 350b1bc and covered with a bunch of tests, so I'm going to close it now; thanks, everyone!

@svartalf svartalf closed this as completed Nov 8, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.2
Development

No branches or pull requests
4 participants
@thomcc @svartalf @197g @jD91mZM2