From 1a4ec35e840be755a7316382ed886a0db7683209 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Fri, 17 Apr 2026 16:28:50 +0200 Subject: [PATCH] Fix inverted gethostname() check in rndc status When named_os_gethostname() was replaced with raw gethostname(), the success/failure polarity was flipped: the fallback to "localhost" now runs on success and the hostname buffer is left uninitialized on failure. In the failure path, snprintf() then reads the uninitialized stack buffer, disclosing stack contents via the rndc status reply. (cherry picked from commit f7859247df222fa17a0ad52f8ce87816e06984ec) --- bin/named/server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/named/server.c b/bin/named/server.c index 4644f097eb..df9acea28f 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -12660,7 +12660,7 @@ named_server_status(named_server_t *server, isc_buffer_t **text) { cb); CHECK(putstr(text, line)); - if (gethostname(hostname, sizeof(hostname)) == 0) { + if (gethostname(hostname, sizeof(hostname)) != 0) { strlcpy(hostname, "localhost", sizeof(hostname)); } snprintf(line, sizeof(line), "running on %s: %s\n", hostname,