diff options
author | Florian Lohoff <f@zz.de> | 2021-02-15 15:34:07 +0100 |
---|---|---|
committer | Jan Wagner <waja@cyconet.org> | 2021-02-15 15:34:07 +0100 |
commit | dae075e65a38c65352d04f8c8fdfa21e2056d01c (patch) | |
tree | a9606e752ff105f10653d4ac48b279c0fd800fef | |
parent | 05d7f70d4553e19ea5eb27ec5c97098f014550df (diff) | |
download | monitoring-plugins-dae075e65a38c65352d04f8c8fdfa21e2056d01c.tar.gz |
Using snprintf which honors the buffers size and guarantees null termination. (Closes: #1601)
As strcpy may overflow the resulting buffer:
flo@p5:~$ /tmp/f/usr/lib/nagios/plugins/check_pgsql -d "$(seq 1 10000)"
*** buffer overflow detected ***: terminated
Aborted
I would propose to change the code rather like this, using snprintf
which honors the buffers size and guarantees null termination.
-rw-r--r-- | plugins/check_pgsql.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/plugins/check_pgsql.c b/plugins/check_pgsql.c index 11ce6916..b8fc5f1d 100644 --- a/plugins/check_pgsql.c +++ b/plugins/check_pgsql.c @@ -347,7 +347,7 @@ process_arguments (int argc, char **argv) if (!is_pg_dbname (optarg)) /* checks length and valid chars */ usage2 (_("Database name is not valid"), optarg); else /* we know length, and know optarg is terminated, so us strcpy */ - strcpy (dbName, optarg); + snprintf(dbName, NAMEDATALEN, "%s", optarg); break; case 'l': /* login name */ if (!is_pg_logname (optarg)) |