From afbaddecd37a77d9304f55e440bc6c741516b580 Mon Sep 17 00:00:00 2001 From: Ben Noordhuis Date: Mon, 15 Apr 2013 21:05:20 +0200 Subject: [PATCH] os: handle 256 character hostnames Fix a (rather academic) buffer overflow. MAXHOSTNAMELEN is 256 on most platforms, which means the buffer wasn't big enough to hold the trailing nul byte on a system with a maximum length hostname. --- src/node_os.cc | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/node_os.cc b/src/node_os.cc index 3047d0744d..d4399756b9 100644 --- a/src/node_os.cc +++ b/src/node_os.cc @@ -33,7 +33,9 @@ #endif #ifdef __POSIX__ -# include // gethostname, sysconf +# include // MAXHOSTNAMELEN on Solaris. +# include // gethostname, sysconf +# include // MAXHOSTNAMELEN on Linux and the BSDs. # include #endif @@ -51,10 +53,9 @@ static Handle GetEndianness(const Arguments& args) { static Handle GetHostname(const Arguments& args) { HandleScope scope; - char s[255]; - int r = gethostname(s, 255); + char buf[MAXHOSTNAMELEN + 1]; - if (r < 0) { + if (gethostname(buf, sizeof(buf))) { #ifdef __POSIX__ return ThrowException(ErrnoException(errno, "gethostname")); #else // __MINGW32__ @@ -62,7 +63,7 @@ static Handle GetHostname(const Arguments& args) { #endif // __MINGW32__ } - return scope.Close(String::New(s)); + return scope.Close(String::New(buf)); } static Handle GetOSType(const Arguments& args) {