aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Thomas Guyot-Sionnest <dermoth@users.sourceforge.net> 2007-11-09 16:05:48 +0000
committerGravatar Thomas Guyot-Sionnest <dermoth@users.sourceforge.net> 2007-11-09 16:05:48 +0000
commitd2f758c5ee662e1181b01083bbb50da034f14ad4 (patch)
tree4da5799eee4e407f1b48e4da553949250f54da73
parent25624346481067be006ccd4a3b07afcf0cbb96ae (diff)
downloadmonitoring-plugins-d2f758c5ee662e1181b01083bbb50da034f14ad4.tar.gz
Fix check_snmp buffer overflow (CVE-2007-5623)
This patch comes from the Gentoo Portage tree but I couldn't find the author. I sent an email and will give credits when I get an answer. git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1814 f882894a-f735-0410-b71e-b25c423dba1c
-rw-r--r--plugins/check_snmp.c16
1 files changed, 10 insertions, 6 deletions
diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c
index 3f9a03d2..9fa4a60b 100644
--- a/plugins/check_snmp.c
+++ b/plugins/check_snmp.c
@@ -226,12 +226,16 @@ main (int argc, char **argv)
ptr = output;
- strcat(perfstr, "| ");
+ strncat(perfstr, "| ", sizeof(perfstr)-strlen(perfstr)-1);
while (ptr) {
char *foo;
+ unsigned int copylen;
foo = strstr (ptr, delimiter);
- strncat(perfstr, ptr, foo-ptr);
+ copylen = foo-ptr;
+ if (copylen > sizeof(perfstr)-strlen(perfstr)-1)
+ copylen = sizeof(perfstr)-strlen(perfstr)-1;
+ strncat(perfstr, ptr, copylen);
ptr = foo;
if (ptr == NULL)
@@ -364,11 +368,11 @@ main (int argc, char **argv)
i++;
- strcat(perfstr, "=");
- strcat(perfstr, show);
+ strncat(perfstr, "=", sizeof(perfstr)-strlen(perfstr)-1);
+ strncat(perfstr, show, sizeof(perfstr)-strlen(perfstr)-1);
if (type)
- strcat(perfstr, type);
- strcat(perfstr, " ");
+ strncat(perfstr, type, sizeof(perfstr)-strlen(perfstr)-1);
+ strncat(perfstr, " ", sizeof(perfstr)-strlen(perfstr)-1);
} /* end while (ptr) */