[PATCH] fix out of bounds access in display_notifications

Ethan Galstad nagios at nagios.org
Mon Oct 9 07:20:24 CEST 2006

Previous message: Host check retries?
Next message: NDO
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Olaf Hering wrote:
> Do not write outside the hostname array.
> snprintf will likely terminate the string anyway.
> 
> ---
>  cgi/notifications.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> Index: nagios-2.5/cgi/notifications.c
> ===================================================================
> --- nagios-2.5.orig/cgi/notifications.c
> +++ nagios-2.5/cgi/notifications.c
> @@ -553,7 +553,7 @@ void display_notifications(void){
>  			/* get the host name */
>  			temp_buffer=(char *)strtok(NULL,";");
>  			snprintf(host_name,sizeof(host_name),"%s",(temp_buffer==NULL)?"":temp_buffer);
> -			host_name[sizeof(host_name)]='\x0';
> +			host_name[sizeof(host_name) - 1]='\x0';
>  
>  			/* get the service name */
>  			if(notification_type==SERVICE_NOTIFICATION){
> 

Thanks for all the patches Olaf!  They will be committed to CVS shortly...


Ethan Galstad,
Nagios Developer
---
Email: nagios at nagios.org
Website: http://www.nagios.org

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Previous message: Host check retries?
Next message: NDO
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Developers mailing list