You're suggestions are good, however the patch I put together
does what I need for Orca and does improve things. Please
feel free to submit a patch that does what you suggest.
Blair
Tobias Weingartner wrote:
>
> On Sunday, October 10, Blair Zajac wrote:
> >
> > I've been running into some problems with pathnames longer than 255
> > characters in rrd_graph. The following patch fixes these and prevents
> > buffer overflows in rrd_set_error, unless the error is longer than
> > 4096 characters.
>
> Why stop there? :-)
>
> > diff -rc ../rrdtool-1.0.7.0/src/rrd_error.c ./src/rrd_error.c
> > *** ../rrdtool-1.0.7.0/src/rrd_error.c Fri Aug 27 12:20:05 1999
> > --- ./src/rrd_error.c Sun Oct 10 18:40:24 1999
> > ***************
> > *** 16,28 ****
> > void
> > rrd_set_error(char *fmt, ...)
> > {
> > ! int maxlen = strlen(fmt)*4;
> > va_list argp;
> > rrd_clear_error();
> > - rrd_error = malloc(sizeof(char)*maxlen);
> > va_start(argp, fmt);
> > ! vsprintf(rrd_error, fmt, argp);
> > va_end(argp);
> > }
>
> This ain't perfect, if vsnprintf() exists, I'd use it...
>
> > --- 16,29 ----
> > void
> > rrd_set_error(char *fmt, ...)
> > {
> > ! static char buffer[4096];
> > va_list argp;
> > rrd_clear_error();
> > va_start(argp, fmt);
> > ! vsprintf(buffer, fmt, argp);
> > va_end(argp);
> > + rrd_error = malloc(sizeof(char)*(strlen(buffer)+1));
> > + strcpy(rrd_error, buffer);
> > }
>
> I fail to see how this will differ much. Why not just add 4096 to
> the above maxlen item? Same result, buffer at least 4K, but does not
> solve the buffer overflow potential...
>
> > diff -rc ../rrdtool-1.0.7.0/src/rrd_graph.c ./src/rrd_graph.c
> > *** ../rrdtool-1.0.7.0/src/rrd_graph.c Fri Oct 1 12:15:28 1999
> > --- ./src/rrd_graph.c Fri Oct 8 23:22:35 1999
> > ***************
> > *** 180,186 ****
> >
> > /* configuration of graph */
> >
> > ! char graphfile[255]; /* filename for graphic */
> > long xsize,ysize; /* graph area size in pixels */
> > col_trip_t graph_col[__GRC_END__]; /* real colors for the graph */
> >
> > char ylegend[200]; /* legend along the yaxis */
> > --- 180,186 ----
> >
> > /* configuration of graph */
> >
> > ! char graphfile[1024]; /* filename for graphic */
> > long xsize,ysize; /* graph area size in pixels */
> > col_trip_t graph_col[__GRC_END__]; /* real colors for the graph */
> >
> > char ylegend[200]; /* legend along the yaxis */
>
> Why not use MAXPATHLEN if it exists? And if not, then think of some
> POSIXLY decent default value for it? :-)
>
> --Toby.
> *----------------------------------------------------------------------------*
> | Tobias Weingartner | Email: [EMAIL PROTECTED] | Nothing here yet |
> | Apt B 7707-110 St. |--------------------------------| Nor here yet... |
> | Edmonton, AB | Unix Guru, Admin, Systems-Dude | Nor here... |
> | T6G 1G3 ---------------------------------------------------------------|
> | Canada / %SYSTEM-F-ANARCHISM, The operating system has been overthrown |
> *----------------------------------------------------------------------------*
>
> --
> * To unsubscribe from the rrd-developers mailing list, send a message with the
> subject: unsubscribe to [EMAIL PROTECTED]begin:vcard
n:Zajac;Blair
tel;fax:408-530-5309
tel;work:408-328-7557
x-mozilla-html:FALSE
url:http://www.geocities.com/~bzking/
org:Yahoo!/GeoCities
adr:;;3420 Central Expressway;Santa Clara;CA;95051;
version:2.1
email;internet:[EMAIL PROTECTED]
title:Technical Yahoo!
x-mozilla-cpt:;16640
fn:Dr. Blair Zajac
end:vcard
