date: 2004-08-26T00:00:00.000Z
summary: Local hostname resolution buffer overflow
discoveredBy: Sean (infamous42md)
Buffer overflow. If the local computer's host name is not in /etc/hosts, and
the computer performs a DNS query to obtain its hostname when signing on to
zephyr, it could receive a reply with a hostname greater than
`MAXHOSTNAMELEN`(generally 64 bytes). If
`gethostbyname()` does not ensure the size of
`hostent->h_name` is less than
`MAXHOSTNAMELEN`, this value would be copied to
a buffer that is not large enough.
The calls to copy the hostname were replaced with calls that check the length
of the destination buffer.