On Mon, Feb 15, 2021 at 10:27:04AM +0000, Debian Bug Tracking System wrote: > 982847: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982847 > Debian Bug Tracking System > Contact ow...@bugs.debian.org with problems
Hi,
as strcpy may overflow the resulting buffer:
flo@p5:~$ /tmp/f/usr/lib/nagios/plugins/check_pgsql -d "$(seq 1 10000)"
*** buffer overflow detected ***: terminated
Aborted
I would propose to change the code rather like this, using snprintf
which honors the buffers size and guarantees null termination.
@@ -344,11 +343,7 @@ process_arguments (int argc, char **argv)
pgport = optarg;
break;
case 'd': /* database name */
- if (!is_pg_dbname (optarg)) /* checks length and valid
chars */
- usage2 (_("Database name is not valid"),
optarg);
- else /* we know length, and know optarg is terminated,
so us strcpy */
- strcpy (dbName, optarg);
- break;
+ snprintf(dbName, NAMEDATALEN, "%s", optarg);
case 'l': /* login name */
if (!is_pg_logname (optarg))
usage2 (_("User name is not valid"), optarg);
--
Florian Lohoff f...@zz.de
"Autoritaetsduselei ist der groesste Feind der Wahrheit" - Albert Einstein
signature.asc
Description: PGP signature
