Module: monitoring-plugins
Branch: wip-2.3.1
Commit: 0d504aea51f4835f038ce1943175c943a4b6b1eb
Author: Florian Lohoff <f...@zz.de>
Committer: Jan Wagner <w...@cyconet.org>
Date: Mon Feb 15 15:34:07 2021 +0100
URL:
https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=0d504ae
Using snprintf which honors the buffers size and guarantees null termination.
(Closes: #1601)
As strcpy may overflow the resulting buffer:
flo@p5:~$ /tmp/f/usr/lib/nagios/plugins/check_pgsql -d "$(seq 1 10000)"
*** buffer overflow detected ***: terminated
Aborted
I would propose to change the code rather like this, using snprintf
which honors the buffers size and guarantees null termination.
---
plugins/check_pgsql.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/plugins/check_pgsql.c b/plugins/check_pgsql.c
index 11ce691..b8fc5f1 100644
--- a/plugins/check_pgsql.c
+++ b/plugins/check_pgsql.c
@@ -347,7 +347,7 @@ process_arguments (int argc, char **argv)
if (!is_pg_dbname (optarg)) /* checks length and valid
chars */
usage2 (_("Database name is not valid"),
optarg);
else /* we know length, and know optarg is terminated,
so us strcpy */
- strcpy (dbName, optarg);
+ snprintf(dbName, NAMEDATALEN, "%s", optarg);
break;
case 'l': /* login name */
if (!is_pg_logname (optarg))
