[PATCH] Fix memory corruption caused by a backslashes

Ethan Galstad egalstad at nagios.org
Wed Jun 17 06:16:02 CEST 2009


Michael Marineau wrote:
> Greetings,
> 
> The function unescape_newlines in cgi/cgiutils.c will blindly unescape
> any character preceded by the backslash by taking the value of the next
> character and incrementing to skip over it. This happens even when that
> next character is the terminating null, causing the loop to continue on
> corrupting memory until it hits another null character. The attached
> patch should fix this issue. It is against 3.0.6 but should still apply
> to the latest code.
> 
> This bug is triggered when any plugin's output ends with a backslash
> which has been reported at least a couple times, most recently here:
> http://thread.gmane.org/gmane.network.nagios.devel/6109/focus=6117
> 
> Cheers,

Thanks Michael - fix is in CVS.


- Ethan Galstad

------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing 
server and web deployment.
http://p.sf.net/sfu/businessobjects




More information about the Developers mailing list