From 34e38a56b08ad20994ffc58ca2e54817c4a985f3 Mon Sep 17 00:00:00 2001
From: Hiroki Sato <hrs@FreeBSD.org>
Date: Wed, 2 Sep 2015 16:50:49 +0000
Subject: [PATCH] - snprintf() returns at most size-1 of the chars printed into
   the buffer.  (n == hostlen) also means the buffer length was   too short.

- Use sdl->sdl_data only when (sdl->sdl_nlen > 0 && sdl->sdl_alen == 0)
  to prevent redundant output.
---
 lib/libc/net/getnameinfo.c | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/lib/libc/net/getnameinfo.c b/lib/libc/net/getnameinfo.c
index ab5b8037459..f83d0e26a86 100644
--- a/lib/libc/net/getnameinfo.c
+++ b/lib/libc/net/getnameinfo.c
@@ -394,26 +394,22 @@ getnameinfo_link(const struct sockaddr *sa, socklen_t salen,
 
 	if (sdl->sdl_nlen == 0 && sdl->sdl_alen == 0 && sdl->sdl_slen == 0) {
 		n = snprintf(host, hostlen, "link#%d", sdl->sdl_index);
-		if (n > hostlen) {
+		if (n >= hostlen) {
 			*host = '\0';
 			return (EAI_MEMORY);
 		}
 		return (0);
 	}
 
-	if (sdl->sdl_nlen > 0) {
-		if (sdl->sdl_nlen + 1 > hostlen) {
+	if (sdl->sdl_nlen > 0 && sdl->sdl_alen == 0) {
+		n = sdl->sdl_nlen;
+		if (n >= hostlen) {
 			*host = '\0';
 			return (EAI_MEMORY);
 		}
 		memcpy(host, sdl->sdl_data, sdl->sdl_nlen);
-		n = sdl->sdl_nlen;
-		host += n;
-		if (sdl->sdl_alen > 0) {
-			*host++ = ':';
-			n++;
-		}
-		hostlen -= n;
+		host[n] = '\0';
+		return (0);
 	}
 
 	switch (sdl->sdl_type) {