Module: check_mk
Branch: master
Commit: 9258f94590e83467ecce49b0da58e88251a7258c
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=9258f94590e834…
Author: Mathias Kettner <mk(a)mathias-kettner.de>
Date: Tue Jan 4 14:45:12 2011 +0100
Livestatus: check string lengths
(Thanks to Oliver Hauer)
---
ChangeLog | 3 +++
livestatus/src/module.c | 8 ++++----
livestatus/src/pnp4nagios.cc | 10 +++++-----
livestatus/src/unixcat.c | 1 +
4 files changed, 13 insertions(+), 9 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 30948db..96a4194 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,9 @@
Multisite:
* New reschedule icon now also works for non-local sites.
+ Livestatus:
+ * Check for buffer overflows (replace strcat with strncat, etc.)
+
1.1.9i3:
INCOMPATIBLE CHANGES:
* You need a current version of Livestatus for Multisite to work!
diff --git a/livestatus/src/module.c b/livestatus/src/module.c
index 46c2e81..2f55de6 100644
--- a/livestatus/src/module.c
+++ b/livestatus/src/module.c
@@ -493,7 +493,7 @@ void check_pnp_path()
void livestatus_parse_arguments(const char *args_orig)
{
/* set default socket path */
- strcpy(g_socket_path, DEFAULT_SOCKET_PATH);
+ strncpy(g_socket_path, DEFAULT_SOCKET_PATH, sizeof(g_socket_path) - 1);
/* there is no default PNP path */
g_pnp_path[0] = 0;
@@ -510,7 +510,7 @@ void livestatus_parse_arguments(const char *args_orig)
char *left = next_token(&part, '=');
char *right = next_token(&part, 0);
if (!right) {
- strncpy(g_socket_path, left, sizeof(g_socket_path));
+ strncpy(g_socket_path, left, sizeof(g_socket_path) - 1);
}
else {
if (!strcmp(left, "debug")) {
@@ -582,9 +582,9 @@ void livestatus_parse_arguments(const char *args_orig)
}
}
else if (!strcmp(left, "pnp_path")) {
- strcpy(g_pnp_path, right);
+ strncpy(g_pnp_path, right, sizeof(g_pnp_path) - 1);
if (right[strlen(right) - 1] != '/')
- strcat(g_pnp_path, "/"); // make sure, that trailing slash
is always there
+ strncat(g_pnp_path, "/", sizeof(g_pnp_path) -
strlen(g_pnp_path) - 1 ); // make sure, that trailing slash is always there
check_pnp_path();
}
else {
diff --git a/livestatus/src/pnp4nagios.cc b/livestatus/src/pnp4nagios.cc
index 84ae30d..20fd289 100644
--- a/livestatus/src/pnp4nagios.cc
+++ b/livestatus/src/pnp4nagios.cc
@@ -44,19 +44,19 @@ int pnpgraph_present(char *host, char *service)
return -1;
char path[4096];
- strcpy(path, g_pnp_path);
+ strncpy(path, g_pnp_path, sizeof(path) - 1);
char *end = path + strlen(path);
- strcpy(end, host);
+ strncpy(end, host, sizeof(end) - 1);
cleanup_pnpname(end);
- strcat(end, "/");
+ strncat(end, "/", sizeof(end) - strlen(end) - 1);
end = end + strlen(end);
if (service) {
- strcat(end, service);
+ strncat(end, service, sizeof(end) - strlen(end) - 1);
cleanup_pnpname(end);
strcat(end, ".xml");
}
else
- strcat(end, "_HOST_.xml");
+ strncat(end, "_HOST_.xml", sizeof(end) - strlen(end) - 1);
if (0 == access(path, R_OK))
return 1;
diff --git a/livestatus/src/unixcat.c b/livestatus/src/unixcat.c
index 2d61d74..e98e4a8 100644
--- a/livestatus/src/unixcat.c
+++ b/livestatus/src/unixcat.c
@@ -29,6 +29,7 @@
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
+#include <string.h>
#include <pthread.h>
#include <unistd.h>
#include <signal.h>