From: eric <eric@openbsd.org>
Date: Fri, 29 May 2015 08:49:37 +0000 (+0000)
Subject: fix a possible off-by-one when reading /etc/hosts if it doesn't end
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=f108579bd268d3b14231a64a6574a6bdf4087760;p=openbsd

fix a possible off-by-one when reading /etc/hosts if it doesn't end
with a newline.

ok jca@
---

diff --git a/lib/libc/asr/asr.c b/lib/libc/asr/asr.c
index 09d8172c25b..1d3e084dd3c 100644
--- a/lib/libc/asr/asr.c
+++ b/lib/libc/asr/asr.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: asr.c,v 1.36 2015/05/26 19:28:57 eric Exp $	*/
+/*	$OpenBSD: asr.c,v 1.37 2015/05/29 08:49:37 eric Exp $	*/
 /*
  * Copyright (c) 2010-2012 Eric Faurot <eric@openbsd.org>
  *
@@ -861,7 +861,7 @@ asr_strdname(const char *_dname, char *buf, size_t max)
  * size "ntoken" and returns the number of token on the line.
  */
 int
-asr_parse_namedb_line(FILE *file, char **tokens, int ntoken)
+asr_parse_namedb_line(FILE *file, char **tokens, int ntoken, char *lbuf, size_t sz)
 {
 	size_t	  len;
 	char	 *buf;
@@ -871,8 +871,15 @@ asr_parse_namedb_line(FILE *file, char **tokens, int ntoken)
 	if ((buf = fgetln(file, &len)) == NULL)
 		return (-1);
 
+	if (len >= sz)
+		goto again;
+
 	if (buf[len - 1] == '\n')
 		len--;
+	else {
+		memcpy(lbuf, buf, len);
+		buf = lbuf;
+	}
 
 	buf[len] = '\0';
 	buf[strcspn(buf, "#")] = '\0';
diff --git a/lib/libc/asr/asr_private.h b/lib/libc/asr/asr_private.h
index b533e62c5b8..d8eb98ae80e 100644
--- a/lib/libc/asr/asr_private.h
+++ b/lib/libc/asr/asr_private.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: asr_private.h,v 1.28 2015/05/26 19:28:57 eric Exp $	*/
+/*	$OpenBSD: asr_private.h,v 1.29 2015/05/29 08:49:37 eric Exp $	*/
 /*
  * Copyright (c) 2012 Eric Faurot <eric@openbsd.org>
  *
@@ -318,7 +318,7 @@ void asr_async_free(struct asr_query *);
 size_t asr_make_fqdn(const char *, const char *, char *, size_t);
 char *asr_strdname(const char *, char *, size_t);
 int asr_iter_db(struct asr_query *);
-int asr_parse_namedb_line(FILE *, char **, int);
+int asr_parse_namedb_line(FILE *, char **, int, char *, size_t);
 char *asr_hostalias(struct asr_ctx *, const char *, char *, size_t);
 
 /* *_async.c */
diff --git a/lib/libc/asr/getaddrinfo_async.c b/lib/libc/asr/getaddrinfo_async.c
index eced898c20d..82991a160d9 100644
--- a/lib/libc/asr/getaddrinfo_async.c
+++ b/lib/libc/asr/getaddrinfo_async.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: getaddrinfo_async.c,v 1.39 2015/05/26 19:28:57 eric Exp $	*/
+/*	$OpenBSD: getaddrinfo_async.c,v 1.40 2015/05/29 08:49:37 eric Exp $	*/
 /*
  * Copyright (c) 2012 Eric Faurot <eric@openbsd.org>
  *
@@ -745,7 +745,7 @@ addrinfo_add(struct asr_query *as, const struct sockaddr *sa, const char *cname)
 static int
 addrinfo_from_file(struct asr_query *as, int family, FILE *f)
 {
-	char		*tokens[MAXTOKEN], *c;
+	char		*tokens[MAXTOKEN], *c, buf[BUFSIZ + 1];
 	int		 n, i;
 	union {
 		struct sockaddr		sa;
@@ -754,7 +754,7 @@ addrinfo_from_file(struct asr_query *as, int family, FILE *f)
 	} u;
 
 	for (;;) {
-		n = asr_parse_namedb_line(f, tokens, MAXTOKEN);
+		n = asr_parse_namedb_line(f, tokens, MAXTOKEN, buf, sizeof(buf));
 		if (n == -1)
 			break; /* ignore errors reading the file */
 
diff --git a/lib/libc/asr/gethostnamadr_async.c b/lib/libc/asr/gethostnamadr_async.c
index 656c8e7faf1..2d895aad400 100644
--- a/lib/libc/asr/gethostnamadr_async.c
+++ b/lib/libc/asr/gethostnamadr_async.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: gethostnamadr_async.c,v 1.36 2015/05/26 19:28:57 eric Exp $	*/
+/*	$OpenBSD: gethostnamadr_async.c,v 1.37 2015/05/29 08:49:37 eric Exp $	*/
 /*
  * Copyright (c) 2012 Eric Faurot <eric@openbsd.org>
  *
@@ -429,12 +429,12 @@ static struct hostent_ext *
 hostent_file_match(FILE *f, int reqtype, int family, const char *data,
     int datalen)
 {
-	char	*tokens[MAXTOKEN], addr[16];
+	char	*tokens[MAXTOKEN], addr[16], buf[BUFSIZ + 1];
 	struct	 hostent_ext *h;
 	int	 n, i;
 
 	for (;;) {
-		n = asr_parse_namedb_line(f, tokens, MAXTOKEN);
+		n = asr_parse_namedb_line(f, tokens, MAXTOKEN, buf, sizeof(buf));
 		if (n == -1) {
 			errno = 0; /* ignore errors reading the file */
 			return (NULL);
diff --git a/lib/libc/asr/getnetnamadr_async.c b/lib/libc/asr/getnetnamadr_async.c
index 42c371c37e0..2caa0cc84de 100644
--- a/lib/libc/asr/getnetnamadr_async.c
+++ b/lib/libc/asr/getnetnamadr_async.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: getnetnamadr_async.c,v 1.19 2014/11/02 13:59:16 eric Exp $	*/
+/*	$OpenBSD: getnetnamadr_async.c,v 1.20 2015/05/29 08:49:37 eric Exp $	*/
 /*
  * Copyright (c) 2012 Eric Faurot <eric@openbsd.org>
  *
@@ -283,12 +283,12 @@ static struct netent_ext *
 netent_file_match(FILE *f, int reqtype, const char *data)
 {
 	struct netent_ext	*e;
-	char			*tokens[MAXTOKEN];
+	char			*tokens[MAXTOKEN], buf[BUFSIZ + 1];
 	int			 n, i;
 	in_addr_t		 net;
 
 	for (;;) {
-		n = asr_parse_namedb_line(f, tokens, MAXTOKEN);
+		n = asr_parse_namedb_line(f, tokens, MAXTOKEN, buf, sizeof(buf));
 		if (n == -1) {
 			errno = 0; /* ignore errors reading the file */
 			return (NULL);