Displaying 1 result from an estimated 1 matches for "eni_memory".
Did you mean:
eai_memory
2000 Sep 25
2
off-by-one errors in getnameinfo()
Description:
getnameinfo() (confirmed for CVS version 1.14.2.1) does this sort of
buffer size checks (these is just two of many cases):
if (strlen(sp->s_name) > servlen)
return ENI_MEMORY;
strcpy(serv, sp->s_name);
...
if (strlen(hp->h_name) > hostlen) {
return ENI_MEMORY;
}
strcpy(host, hp->h_name);
i.e. it can write up to servlen / hostlen b...