Line 0
Link Here
|
|
|
1 |
--- cgi/getcgi.c.orig 2011-08-17 17:06:27.000000000 +0930 |
2 |
+++ cgi/getcgi.c 2013-01-11 17:02:53.000000000 +1030 |
3 |
@@ -137,14 +137,15 @@ |
4 |
/* check for NULL query string environment variable - 04/28/00 (Ludo Bosmans) */ |
5 |
if(getenv("QUERY_STRING") == NULL) { |
6 |
cgiinput = (char *)malloc(1); |
7 |
- if(cgiinput == NULL) { |
8 |
- printf("getcgivars(): Could not allocate memory for CGI input.\n"); |
9 |
- exit(1); |
10 |
- } |
11 |
- cgiinput[0] = '\x0'; |
12 |
+ if(cgiinput != NULL) |
13 |
+ cgiinput[0] = '\x0'; |
14 |
} |
15 |
else |
16 |
cgiinput = strdup(getenv("QUERY_STRING")); |
17 |
+ if(cgiinput == NULL) { |
18 |
+ printf("getcgivars(): Could not allocate memory for CGI input.\n"); |
19 |
+ exit(1); |
20 |
+ } |
21 |
} |
22 |
|
23 |
else if(!strcmp(request_method, "POST") || !strcmp(request_method, "PUT")) { |
24 |
@@ -220,7 +221,12 @@ |
25 |
paircount = 0; |
26 |
nvpair = strtok(cgiinput, "&"); |
27 |
while(nvpair) { |
28 |
- pairlist[paircount++] = strdup(nvpair); |
29 |
+ pairlist[paircount] = strdup(nvpair); |
30 |
+ if( NULL == pairlist[paircount]) { |
31 |
+ printf("getcgivars(): Could not allocate memory for name-value pair #%d.\n", paircount); |
32 |
+ exit(1); |
33 |
+ } |
34 |
+ paircount++; |
35 |
if(!(paircount % 256)) { |
36 |
pairlist = (char **)realloc(pairlist, (paircount + 256) * sizeof(char **)); |
37 |
if(pairlist == NULL) { |
38 |
@@ -245,13 +251,29 @@ |
39 |
/* get the variable name preceding the equal (=) sign */ |
40 |
if((eqpos = strchr(pairlist[i], '=')) != NULL) { |
41 |
*eqpos = '\0'; |
42 |
- unescape_cgi_input(cgivars[i * 2 + 1] = strdup(eqpos + 1)); |
43 |
+ cgivars[i * 2 + 1] = strdup(eqpos + 1); |
44 |
+ if( NULL == cgivars[ i * 2 + 1]) { |
45 |
+ printf("getcgivars(): Could not allocate memory for cgi value #%d.\n", i); |
46 |
+ exit(1); |
47 |
+ } |
48 |
+ unescape_cgi_input(cgivars[i * 2 + 1]); |
49 |
+ } |
50 |
+ else { |
51 |
+ cgivars[i * 2 + 1] = strdup(""); |
52 |
+ if( NULL == cgivars[ i * 2 + 1]) { |
53 |
+ printf("getcgivars(): Could not allocate memory for empty stringfor variable value #%d.\n", i); |
54 |
+ exit(1); |
55 |
+ } |
56 |
+ unescape_cgi_input(cgivars[i * 2 + 1]); |
57 |
} |
58 |
- else |
59 |
- unescape_cgi_input(cgivars[i * 2 + 1] = strdup("")); |
60 |
|
61 |
/* get the variable value (or name/value of there was no real "pair" in the first place) */ |
62 |
- unescape_cgi_input(cgivars[i * 2] = strdup(pairlist[i])); |
63 |
+ cgivars[i * 2] = strdup(pairlist[i]); |
64 |
+ if( NULL == cgivars[ i * 2]) { |
65 |
+ printf("getcgivars(): Could not allocate memory for cgi name #%d.\n", i); |
66 |
+ exit(1); |
67 |
+ } |
68 |
+ unescape_cgi_input(cgivars[i * 2]); |
69 |
} |
70 |
|
71 |
/* terminate the name-value list */ |
72 |
--- cgi/history.c.orig 2011-08-17 17:06:27.000000000 +0930 |
73 |
+++ cgi/history.c 2013-01-11 17:03:18.000000000 +1030 |
74 |
@@ -805,16 +805,22 @@ |
75 |
else if(display_type == DISPLAY_HOSTS) { |
76 |
|
77 |
if(history_type == HOST_HISTORY || history_type == SERVICE_HISTORY) { |
78 |
- sprintf(match1, " HOST ALERT: %s;", host_name); |
79 |
- sprintf(match2, " SERVICE ALERT: %s;", host_name); |
80 |
+ snprintf(match1, sizeof( match1), |
81 |
+ " HOST ALERT: %s;", host_name); |
82 |
+ snprintf(match2, sizeof( match2), |
83 |
+ " SERVICE ALERT: %s;", host_name); |
84 |
} |
85 |
else if(history_type == HOST_FLAPPING_HISTORY || history_type == SERVICE_FLAPPING_HISTORY) { |
86 |
- sprintf(match1, " HOST FLAPPING ALERT: %s;", host_name); |
87 |
- sprintf(match2, " SERVICE FLAPPING ALERT: %s;", host_name); |
88 |
+ snprintf(match1, sizeof( match1), |
89 |
+ " HOST FLAPPING ALERT: %s;", host_name); |
90 |
+ snprintf(match2, sizeof( match2), |
91 |
+ " SERVICE FLAPPING ALERT: %s;", host_name); |
92 |
} |
93 |
else if(history_type == HOST_DOWNTIME_HISTORY || history_type == SERVICE_DOWNTIME_HISTORY) { |
94 |
- sprintf(match1, " HOST DOWNTIME ALERT: %s;", host_name); |
95 |
- sprintf(match2, " SERVICE DOWNTIME ALERT: %s;", host_name); |
96 |
+ snprintf(match1, sizeof( match1), |
97 |
+ " HOST DOWNTIME ALERT: %s;", host_name); |
98 |
+ snprintf(match2, sizeof( match2), |
99 |
+ " SERVICE DOWNTIME ALERT: %s;", host_name); |
100 |
} |
101 |
|
102 |
if(show_all_hosts == TRUE) |
103 |
@@ -853,11 +859,11 @@ |
104 |
else if(display_type == DISPLAY_SERVICES) { |
105 |
|
106 |
if(history_type == SERVICE_HISTORY) |
107 |
- sprintf(match1, " SERVICE ALERT: %s;%s;", host_name, svc_description); |
108 |
+ snprintf(match1, sizeof( match1), " SERVICE ALERT: %s;%s;", host_name, svc_description); |
109 |
else if(history_type == SERVICE_FLAPPING_HISTORY) |
110 |
- sprintf(match1, " SERVICE FLAPPING ALERT: %s;%s;", host_name, svc_description); |
111 |
+ snprintf(match1, sizeof( match1), " SERVICE FLAPPING ALERT: %s;%s;", host_name, svc_description); |
112 |
else if(history_type == SERVICE_DOWNTIME_HISTORY) |
113 |
- sprintf(match1, " SERVICE DOWNTIME ALERT: %s;%s;", host_name, svc_description); |
114 |
+ snprintf(match1, sizeof( match1), " SERVICE DOWNTIME ALERT: %s;%s;", host_name, svc_description); |
115 |
|
116 |
if(strstr(temp_buffer, match1) && (history_type == SERVICE_HISTORY || history_type == SERVICE_FLAPPING_HISTORY || history_type == SERVICE_DOWNTIME_HISTORY)) |
117 |
display_line = TRUE; |