diff options
| author | Florian Lohoff <f@zz.de> | 2021-02-15 15:34:07 +0100 |
|---|---|---|
| committer | Jan Wagner <waja@cyconet.org> | 2021-04-10 13:43:12 +0200 |
| commit | 0d504aea51f4835f038ce1943175c943a4b6b1eb (patch) | |
| tree | 2e5b3934ee205b7faed6a262e4ec6af1a0e7a63e | |
| parent | e7598ae6377659430f38a5360aeb09d8a26b8e1a (diff) | |
| download | monitoring-plugins-0d504aea51f4835f038ce1943175c943a4b6b1eb.tar.gz | |
Using snprintf which honors the buffers size and guarantees null termination. (Closes: #1601)
As strcpy may overflow the resulting buffer:
flo@p5:~$ /tmp/f/usr/lib/nagios/plugins/check_pgsql -d "$(seq 1 10000)"
*** buffer overflow detected ***: terminated
Aborted
I would propose to change the code rather like this, using snprintf
which honors the buffers size and guarantees null termination.
| -rw-r--r-- | plugins/check_pgsql.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/plugins/check_pgsql.c b/plugins/check_pgsql.c index 11ce6916..b8fc5f1d 100644 --- a/plugins/check_pgsql.c +++ b/plugins/check_pgsql.c | |||
| @@ -347,7 +347,7 @@ process_arguments (int argc, char **argv) | |||
| 347 | if (!is_pg_dbname (optarg)) /* checks length and valid chars */ | 347 | if (!is_pg_dbname (optarg)) /* checks length and valid chars */ |
| 348 | usage2 (_("Database name is not valid"), optarg); | 348 | usage2 (_("Database name is not valid"), optarg); |
| 349 | else /* we know length, and know optarg is terminated, so us strcpy */ | 349 | else /* we know length, and know optarg is terminated, so us strcpy */ |
| 350 | strcpy (dbName, optarg); | 350 | snprintf(dbName, NAMEDATALEN, "%s", optarg); |
| 351 | break; | 351 | break; |
| 352 | case 'l': /* login name */ | 352 | case 'l': /* login name */ |
| 353 | if (!is_pg_logname (optarg)) | 353 | if (!is_pg_logname (optarg)) |