1 - attempted fix of uninitialized variable

2 - indented and edited to fit better within 80 columns
3 - fixed possible buffer overflow in the service name lookup function

ares_getnameinfo.c

@@ -194,9 +194,11 @@ static void nameinfo_callback(void *arg, int status, struct hostent *host)
       if (niquery->flags & ARES_NI_LOOKUPSERVICE)
         {
           if (niquery->family == AF_INET)
-            service = lookup_service(niquery->addr.addr4.sin_port, niquery->flags, srvbuf);
+            service = lookup_service(niquery->addr.addr4.sin_port,
+                                     niquery->flags, srvbuf);
           else
-            service = lookup_service(niquery->addr.addr6.sin6_port, niquery->flags, srvbuf);
+            service = lookup_service(niquery->addr.addr6.sin6_port,
+                                     niquery->flags, srvbuf);
         }
       /* NOFQDN means we have to strip off the domain name portion.
          We do this by determining our own domain name, then searching the string
@@ -234,9 +236,11 @@ static void nameinfo_callback(void *arg, int status, struct hostent *host)
       if (niquery->flags & ARES_NI_LOOKUPSERVICE)
         {
           if (niquery->family == AF_INET)
-            service = lookup_service(niquery->addr.addr4.sin_port, niquery->flags, srvbuf);
+            service = lookup_service(niquery->addr.addr4.sin_port,
+                                     niquery->flags, srvbuf);
           else
-            service = lookup_service(niquery->addr.addr6.sin6_port, niquery->flags, srvbuf);
+            service = lookup_service(niquery->addr.addr6.sin6_port,
+                                     niquery->flags, srvbuf);
         }
       niquery->callback(niquery->arg, ARES_SUCCESS, ipbuf, service);
       return;
@@ -245,7 +249,8 @@ static void nameinfo_callback(void *arg, int status, struct hostent *host)
   free(niquery);
 }
 
-static char *lookup_service(unsigned short port, int flags, char *buf)
+static char *lookup_service(unsigned short port, int flags,
+                            char *buf) /* 33 bytes buffer */
 {
   if (port)
     {
@@ -276,11 +281,13 @@ static char *lookup_service(unsigned short port, int flags, char *buf)
             proto = "tcp";
 #ifdef HAVE_GETSERVBYPORT_R
 #if GETSERVBYPORT_R_ARGS == 6
+          se = &ret;
           if (getservbyport_r(port, proto, se, buf, len, &ret))
             se = NULL;
 #elif GETSERVBYPORT_R_ARGS == 5
           se = getservbyport_r(port, proto, se, buf, len);
 #elif GETSERVBYPORT_R_ARGS == 4
+          se = &sed;
           if (getservbyport_r(port, proto, se, &sed) == -1)
             se = NULL;
 #else
@@ -291,8 +298,15 @@ static char *lookup_service(unsigned short port, int flags, char *buf)
           /* Lets just hope the OS uses TLS! */
           se = getservbyport(port, proto);
 #endif
-          if (se && se->s_name)
+          if (se && se->s_name) {
+            size_t len = strlen(se->s_name);
+            if(len < 33) {
               strcpy(buf, se->s_name);
+            }
+            else
+              /* too big name to fit the buffer */
+              buf[0]=0;
+          }
           else
             sprintf(buf, "%u", ntohs(port));
         }
@@ -302,13 +316,15 @@ static char *lookup_service(unsigned short port, int flags, char *buf)
 }
 
 #ifdef HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID
-static char *append_scopeid(struct sockaddr_in6 *addr6, unsigned int flags, char *buf)
+static char *append_scopeid(struct sockaddr_in6 *addr6, unsigned int flags,
+                            char *buf)
 {
   char tmpbuf[IF_NAMESIZE + 1];
 
   tmpbuf[0] = '%';
 #ifdef HAVE_IF_INDEXTONAME
-  if ((flags & ARES_NI_NUMERICSCOPE) || (!IN6_IS_ADDR_LINKLOCAL(&addr6->sin6_addr)
+  if ((flags & ARES_NI_NUMERICSCOPE) ||
+      (!IN6_IS_ADDR_LINKLOCAL(&addr6->sin6_addr)
        && !IN6_IS_ADDR_MC_LINKLOCAL(&addr6->sin6_addr)))
     {
        sprintf(&tmpbuf[1], "%u", addr6->sin6_scope_id);