The udhcpd has a bug of getting dhcp client's hostname. For example, My hostname is 'niejun', bug the udhcpd get the hostname is 'nieju'. And I find the '/var/lib/misc/udhcpd.leases' file also has the hostname 'nieju'. The leater, I see the source of udhcpd. I find in the file "networking/udhcp/leases.c", at line 69, p = safe_strncpy(oldest->hostname, hostname, hostname_len); The function of 'safe_strncpy' has a bug. char* FAST_FUNC safe_strncpy(char *dst, const char *src, size_t size) { if (!size) return dst; dst[--size] = '\0'; return strncpy(dst, src, size); } Such as: char* FAST_FUNC safe_strncpy(char *dst, const char *src, size_t size) { if (!size) return dst; dst[size-1] = '\0'; return strncpy(dst, src, size); }
> The udhcpd has a bug of getting dhcp client's hostname. For example, My > hostname is 'niejun', bug the udhcpd get the hostname is 'nieju'. And I find > the '/var/lib/misc/udhcpd.leases' file also has the hostname 'nieju'. > > The leater, I see the source of udhcpd. I find in the file > "networking/udhcp/leases.c", at line 69, > p = safe_strncpy(oldest->hostname, hostname, hostname_len); Yes, the bug is here. > The function of 'safe_strncpy' has a bug. No. It meant to ensure the result is NUL-terminated. > Such as: > char* FAST_FUNC safe_strncpy(char *dst, const char *src, size_t size) > { > if (!size) return dst; > dst[size-1] = '\0'; > return strncpy(dst, src, size); > } This will make it the same as strncpy. What's the point? Fix is at http://busybox.net/downloads/fixes-1.16.1/busybox-1.16.1-dhcpd.patch