|Summary||Local hostname resolution buffer overflow|
|Discovered By||Sean (infamous42md)|
|Fixed In Release||0.82|
Buffer overflow. If the local computer’s host name is not in /etc/hosts, and
the computer performs a DNS query to obtain its hostname when signing on to
zephyr, it could receive a reply with a hostname greater than
(generally 64 bytes). If
gethostbyname() does not ensure the size of
hostent->h_name is less than
MAXHOSTNAMELEN, this value would be copied to
a buffer that is not large enough.
The calls to copy the hostname were replaced with calls that check the length of the destination buffer.