auth: Don't overflow hostName array

afsconf_cell's hostName structure is a fixed length. Don't overflow
it by writing whatever comes back from gethostbyaddr into it. Use
strlcpy to catch an overflow, and if one occurs, just use
"UNKNOWNHOST", rather than a truncated host name.

Caught by coverity (#985906)

Change-Id: Iaa927f3e4860d99166789e8dc4950a03ea2237e4
Reviewed-on: http://gerrit.openafs.org/9354
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

diff --git a/src/auth/writeconfig.c b/src/auth/writeconfig.c
index 9d8d479..ad7c0b9 100644 (file)
--- a/src/auth/writeconfig.c
+++ b/src/auth/writeconfig.c
@@ -54,7 +54,12 @@ VerifyEntries(struct afsconf_cell *aci)
            if (!th) {
                strcpy(aci->hostName[i], "UNKNOWNHOST");
            } else {
-               strcpy(aci->hostName[i], th->h_name);
+               if (strlcpy(aci->hostName[i],
+                           th->h_name,
+                           sizeof(aci->hostName[i]))
+                       >= sizeof(aci->hostName[i])) {
+                  strcpy(aci->hostName[i], "UNKNOWNHOST");
+               }
            }
        }
     }