From 6c23d5c5513734eb56f0d3c6e8326f5f168d2756 Mon Sep 17 00:00:00 2001
From: Pavel Simovec <psimovec@redhat.com>
Date: Wed, 21 Feb 2024 12:03:06 +0100
Subject: [PATCH] Give a bound to hostname buffer copy

Resolves RHEL-5636
---
 arpwatch-2.1a15-unbounded-hostname-copy.patch | 15 +++++++++++++++
 arpwatch.spec                                 |  8 +++++++-
 2 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 arpwatch-2.1a15-unbounded-hostname-copy.patch

diff --git a/arpwatch-2.1a15-unbounded-hostname-copy.patch b/arpwatch-2.1a15-unbounded-hostname-copy.patch
new file mode 100644
index 0000000..ab4ef95
--- /dev/null
+++ b/arpwatch-2.1a15-unbounded-hostname-copy.patch
@@ -0,0 +1,15 @@
+--- a/db.c	2024-01-03 10:36:30.009600848 +0100
++++ b/db.c	2024-02-21 11:35:04.420115207 +0100
+@@ -283,8 +283,10 @@
+ 	BCOPY(e, ep->e, 6);
+ 	if (h == NULL && !initializing)
+ 		h = getsname(a);
+-	if (h != NULL && !isdigit((int)*h))
+-		strcpy(ep->h, h);
++	if (h != NULL) {
++		strncpy(ep->h, h, sizeof(ep->h));
++		ep->h[sizeof(ep->h) - 1] = '\0';
++	}
+ 	ep->t = t;
+ 	return (ep);
+ }
diff --git a/arpwatch.spec b/arpwatch.spec
index 6b36293..27541c8 100644
--- a/arpwatch.spec
+++ b/arpwatch.spec
@@ -4,7 +4,7 @@
 Name: arpwatch
 Epoch: 14
 Version: 2.1a15
-Release: 45%{?dist}
+Release: 46%{?dist}
 Summary: Network monitoring tools for tracking IP addresses on a network
 Group: Applications/System
 License: BSD with advertising
@@ -42,6 +42,7 @@ Patch18: arpwatch-aarch64.patch
 Patch19: arpwatch-promisc.patch
 Patch20: arpwatch-ethernet-address-format.patch
 Patch21: arpwatch-2.1a15-hostname-buffer.patch
+Patch22: arpwatch-2.1a15-unbounded-hostname-copy.patch
 
 %description
 The arpwatch package contains arpwatch and arpsnmp.  Arpwatch and
@@ -76,6 +77,7 @@ network.
 %patch19 -p1 -b .promisc
 %patch20 -p1 -b .ethernet-address
 %patch21 -p1 -b .hostname-buffer
+%patch22 -p1 -b .hostname-buffer-bound
 
 %build
 %configure
@@ -152,6 +154,10 @@ fi
 %attr(0644,-,arpwatch) %verify(not md5 size mtime) %config(noreplace) %{_vararpwatch}/ethercodes.dat
 
 %changelog
+* Wed Feb 21 2024 Pavel Simovec <psimovec@redhat.com> - 14:2.1a15-46
+- Give a bound to hostname buffer copy
+- Resolves: RHEL-5636
+
 * Thu Jan 25 2024 Pavel Simovec <psimovec@redhat.com> - 14:2.1a15-45
 - rebuilt