[SPAM] Re: BUG in history.cgi (+ fix)

Franky Van Liedekerke liedekef at telenet.be
Thu Jun 19 14:53:10 CEST 2008


Hi,

this will probably work, but won't it create a problem if sizeof(input) <
MAX_INPUT_BUFFER? Probably my solution has that problem as well ...
Maybe we should use strlcpy here:

strlcpy(input_buffer2,input,MAX_INPUT_BUFFER-1);


Franky


On 6/19/08, Thomas Guyot-Sionnest <dermoth at aei.ca> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> On 19/06/08 07:46 AM, Franky Van Liedekerke wrote:
> > Hi all,
> >
> > I had some problems with history.cgi where it consistently coredumped on
> me.
> > After some searching, it seems that history.c assumes that each line in
> > nagios.log has a certain maximum lenght (MAX_INPUT_BUFFER) but some
> > plugins write more info away there (like the check_oracle_health plugin
> > in my case).
> > But the issue is: when such a long line is found, history.c doesn't chop
> > it off after MAX_INPUT_BUFFER characters and as such coredumps ...
> > Solution: add the line
> >
> > input[MAX_INPUT_BUFFER]='\x0';
> >
> > at around line 551 in cgi/history.c (before the "strip(input);" line),
> > so the code becomes:
> >
> >         printf("<P><DIV CLASS='logEntries'>\n");
> >
> >         while(1){
> >
> >                 free(input);
> >
> >                 if(use_lifo==TRUE){
> >                         if((input=pop_lifo())==NULL)
> >                                 break;
> >                         }
> >                 else{
> >                         if((input=mmap_fgets(thefile))==NULL)
> >                                 break;
> >                         }
> >
> >                 input[MAX_INPUT_BUFFER]='\x0';
> >                 strip(input);
> >
> > This solves my problem for now, but I don't know if it is the correct
> > solution of course ...
>
>
> I don't have time to test, but it looks like the segfault is just a few
> lines below:
>
> strcpy(input_buffer2,input);
>
> input_buffer2 has a static length of MAX_INPUT_BUFFER, so you should
> rather use strncpy and limit to "MAX_INPUT_BUFFER-1" characters (so it
> will be able to terminate it with a \0).
>
> Your fix will work just as well, but changing strcpy to strncpy is more
> obvious and use of strcpy is discouraged for that exact reason.
>
> Thomas
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFIWksC6dZ+Kt5BchYRAr50AKDHHDBPVizBG8rPGvs2eMYTtyWxVQCgqAvn
> zF/jM6g9ph5x6nqt92WiScQ=
> =Zyc7
> -----END PGP SIGNATURE-----
>
> -------------------------------------------------------------------------
> Check out the new SourceForge.net Marketplace.
> It's the best place to buy or sell services for
> just about anything Open Source.
> http://sourceforge.net/services/buy/index.php
> _______________________________________________
> Nagios-devel mailing list
> Nagios-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-devel
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/developers/attachments/20080619/48e2bf55/attachment.html>
-------------- next part --------------
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
-------------- next part --------------
_______________________________________________
Nagios-devel mailing list
Nagios-devel at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-devel


More information about the Developers mailing list