Re: [PATCH v3 1/2] use HOST_NAME_MAX to size buffers for gethostname(2)

Tue, 18 Apr 2017 18:29:08 -0700 

Hi,

David Turner wrote:

> From: René Scharfe <l....@web.de>
>
> POSIX limits the length of host names to HOST_NAME_MAX.  Export the
> fallback definition from daemon.c and use this constant to make all
> buffers used with gethostname(2) big enough for any possible result
> and a terminating NUL.

Since some platforms do not define HOST_NAME_MAX and we provide a
fallback, this is not actually big enough for any possible result.
For example, the Hurd allows arbitrarily long hostnames.

Nevertheless this patch seems like the right thing to do.

> Inspired-by: David Turner <dtur...@twosigma.com>
> Signed-off-by: Rene Scharfe <l....@web.de>
> Signed-off-by: David Turner <dtur...@twosigma.com>
> ---
>  builtin/gc.c           | 10 +++++++---
>  builtin/receive-pack.c |  2 +-
>  daemon.c               |  4 ----
>  fetch-pack.c           |  2 +-
>  git-compat-util.h      |  4 ++++
>  ident.c                |  2 +-
>  6 files changed, 14 insertions(+), 10 deletions(-)

Thanks for picking this up.

[...]
> +++ b/builtin/gc.c
[...]
> @@ -257,8 +257,12 @@ static const char *lock_repo_for_gc(int force, pid_t* 
> ret_pid)
>       fd = hold_lock_file_for_update(&lock, pidfile_path,
>                                      LOCK_DIE_ON_ERROR);
>       if (!force) {
> -             static char locking_host[128];
> +             static char locking_host[HOST_NAME_MAX + 1];
> +             static char *scan_fmt;
>               int should_exit;
> +
> +             if (!scan_fmt)
> +                     scan_fmt = xstrfmt("%s %%%dc", "%"SCNuMAX, 
> HOST_NAME_MAX);
>               fp = fopen(pidfile_path, "r");
>               memset(locking_host, 0, sizeof(locking_host));
>               should_exit =
> @@ -274,7 +278,7 @@ static const char *lock_repo_for_gc(int force, pid_t* 
> ret_pid)
>                        * running.
>                        */
>                       time(NULL) - st.st_mtime <= 12 * 3600 &&
> -                     fscanf(fp, "%"SCNuMAX" %127c", &pid, locking_host) == 2 
> &&
> +                     fscanf(fp, scan_fmt, &pid, locking_host) == 2 &&

I hoped this could be simplified since HOST_NAME_MAX is a numeric literal,
using the double-expansion trick:

#define STR_(s) # s
#define STR(s) STR_(s)

                        fscanf(fp, "%" SCNuMAX " %" STR(HOST_NAME_MAX) "c",
                               &pid, locking_host);

Unfortunately, I don't think there's anything stopping a platform from
defining

        #define HOST_NAME_MAX 0x100

which would break that.

So this run-time calculation appears to be necessary.

Reviewed-by: Jonathan Nieder <jrnie...@gmail.com>

Thanks.

Reply via email to