[PATCH] fix out of bounds access in display_notifications
Olaf Hering
olh at suse.de
Fri Sep 8 11:41:06 CEST 2006
Do not write outside the hostname array.
snprintf will likely terminate the string anyway.
---
cgi/notifications.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: nagios-2.5/cgi/notifications.c
===================================================================
--- nagios-2.5.orig/cgi/notifications.c
+++ nagios-2.5/cgi/notifications.c
@@ -553,7 +553,7 @@ void display_notifications(void){
/* get the host name */
temp_buffer=(char *)strtok(NULL,";");
snprintf(host_name,sizeof(host_name),"%s",(temp_buffer==NULL)?"":temp_buffer);
- host_name[sizeof(host_name)]='\x0';
+ host_name[sizeof(host_name) - 1]='\x0';
/* get the service name */
if(notification_type==SERVICE_NOTIFICATION){
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
More information about the Developers
mailing list