From 152bbeb555189c00c1e3203bd4659bacc32bc9ba Mon Sep 17 00:00:00 2001
From: Alistair Buxton <a.j.buxton@gmail.com>
Date: Fri, 28 Nov 2014 09:27:11 +0000
Subject: [PATCH] Extremely paranoid hostname lookup.

Get the hostname into a large temporary array first, then g_strdup it to
avoid memory wastage. The temporary array is allocated with g_new0 to ensure
it doesn't contain garbage if gethostname() does nothing. The last element
is always set to null in case gethostname() overruns the buffer and doesn't
return an error.
---
 src/display.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/src/display.c b/src/display.c
index 3c2e7ba..42b8bfe 100644
--- a/src/display.c
+++ b/src/display.c
@@ -44,9 +44,9 @@
 #include "client.h"
 #include "compositor.h"
 
-#ifndef HOST_NAME_MAX
-#define HOST_NAME_MAX 255
-#endif /* HOST_NAME_MAX */
+#ifndef MAX_HOSTNAME_LENGTH
+#define MAX_HOSTNAME_LENGTH 512
+#endif /* MAX_HOSTNAME_LENGTH */
 
 #ifndef CURSOR_ROOT
 #define CURSOR_ROOT XC_left_ptr
@@ -198,6 +198,7 @@ myDisplayInit (GdkDisplay *gdisplay)
     DisplayInfo *display;
     int major, minor;
     int dummy;
+    gchar *hostnametmp;
 
     display = g_new0 (DisplayInfo, 1);
 
@@ -313,13 +314,16 @@ myDisplayInit (GdkDisplay *gdisplay)
     display->nb_screens = 0;
     display->current_time = CurrentTime;
 
-    display->hostname = g_new0 (gchar, (size_t) HOST_NAME_MAX + 1);
-    if (gethostname ((char *) display->hostname, HOST_NAME_MAX + 1))
+    hostnametmp = g_new0 (gchar, (size_t) MAX_HOSTNAME_LENGTH + 1);
+    if (gethostname ((char *) hostnametmp, MAX_HOSTNAME_LENGTH))
     {
         g_warning ("The display's hostname could not be determined.");
-        g_free (display->hostname);
         display->hostname = NULL;
+    } else {
+        hostnametmp[MAX_HOSTNAME_LENGTH] = '\0';
+        display->hostname = g_strdup(hostnametmp);
     }
+    g_free (hostnametmp);
 
     compositorInitDisplay (display);
 
-- 
1.9.1