diff options
author | Spenser Reinhardt <sreinhardt@nagios.com> | 2014-06-05 23:01:35 -0500 |
---|---|---|
committer | Jan Wagner <waja@cyconet.org> | 2014-06-28 18:17:48 +0200 |
commit | b61f51ad0291cf7051b6ea15ec8f8486f02443f9 (patch) | |
tree | aae7808ecab192780558027a6d6ae2c7d8fa3342 | |
parent | 9ce73696b0407b43bcd96269fb1fd6c343834475 (diff) | |
download | monitoring-plugins-b61f51a.tar.gz |
plugins/check_real.c - recv string null terminate
Recv into buffer is not properly null terminated prior to strstr and possible other string functions expecting a null termination. Simply take bytes received and use as an index to append \0 after. We are creating buffer[] with size of MAX_INPUT_BUFFER and recv with MAX_INPUT_BUFFER-1 so this should never overflow.
-rw-r--r-- | plugins/check_real.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/plugins/check_real.c b/plugins/check_real.c index 47776c5b..36f64134 100644 --- a/plugins/check_real.c +++ b/plugins/check_real.c | |||
@@ -178,6 +178,7 @@ main (int argc, char **argv) | |||
178 | 178 | ||
179 | /* watch for the REAL connection string */ | 179 | /* watch for the REAL connection string */ |
180 | result = recv (sd, buffer, MAX_INPUT_BUFFER - 1, 0); | 180 | result = recv (sd, buffer, MAX_INPUT_BUFFER - 1, 0); |
181 | buffer[result] = "\0"; /* null terminate recieved buffer */ | ||
181 | 182 | ||
182 | /* return a CRITICAL status if we couldn't read any data */ | 183 | /* return a CRITICAL status if we couldn't read any data */ |
183 | if (result == -1) { | 184 | if (result == -1) { |