|
Line 0
Link Here
|
|
|
1 |
--- cgi/getcgi.c.orig 2011-08-17 17:06:27.000000000 +0930 |
| 2 |
+++ cgi/getcgi.c 2013-01-11 17:02:53.000000000 +1030 |
| 3 |
@@ -137,14 +137,15 @@ |
| 4 |
/* check for NULL query string environment variable - 04/28/00 (Ludo Bosmans) */ |
| 5 |
if(getenv("QUERY_STRING") == NULL) { |
| 6 |
cgiinput = (char *)malloc(1); |
| 7 |
- if(cgiinput == NULL) { |
| 8 |
- printf("getcgivars(): Could not allocate memory for CGI input.\n"); |
| 9 |
- exit(1); |
| 10 |
- } |
| 11 |
- cgiinput[0] = '\x0'; |
| 12 |
+ if(cgiinput != NULL) |
| 13 |
+ cgiinput[0] = '\x0'; |
| 14 |
} |
| 15 |
else |
| 16 |
cgiinput = strdup(getenv("QUERY_STRING")); |
| 17 |
+ if(cgiinput == NULL) { |
| 18 |
+ printf("getcgivars(): Could not allocate memory for CGI input.\n"); |
| 19 |
+ exit(1); |
| 20 |
+ } |
| 21 |
} |
| 22 |
|
| 23 |
else if(!strcmp(request_method, "POST") || !strcmp(request_method, "PUT")) { |
| 24 |
@@ -220,7 +221,12 @@ |
| 25 |
paircount = 0; |
| 26 |
nvpair = strtok(cgiinput, "&"); |
| 27 |
while(nvpair) { |
| 28 |
- pairlist[paircount++] = strdup(nvpair); |
| 29 |
+ pairlist[paircount] = strdup(nvpair); |
| 30 |
+ if( NULL == pairlist[paircount]) { |
| 31 |
+ printf("getcgivars(): Could not allocate memory for name-value pair #%d.\n", paircount); |
| 32 |
+ exit(1); |
| 33 |
+ } |
| 34 |
+ paircount++; |
| 35 |
if(!(paircount % 256)) { |
| 36 |
pairlist = (char **)realloc(pairlist, (paircount + 256) * sizeof(char **)); |
| 37 |
if(pairlist == NULL) { |
| 38 |
@@ -245,13 +251,29 @@ |
| 39 |
/* get the variable name preceding the equal (=) sign */ |
| 40 |
if((eqpos = strchr(pairlist[i], '=')) != NULL) { |
| 41 |
*eqpos = '\0'; |
| 42 |
- unescape_cgi_input(cgivars[i * 2 + 1] = strdup(eqpos + 1)); |
| 43 |
+ cgivars[i * 2 + 1] = strdup(eqpos + 1); |
| 44 |
+ if( NULL == cgivars[ i * 2 + 1]) { |
| 45 |
+ printf("getcgivars(): Could not allocate memory for cgi value #%d.\n", i); |
| 46 |
+ exit(1); |
| 47 |
+ } |
| 48 |
+ unescape_cgi_input(cgivars[i * 2 + 1]); |
| 49 |
+ } |
| 50 |
+ else { |
| 51 |
+ cgivars[i * 2 + 1] = strdup(""); |
| 52 |
+ if( NULL == cgivars[ i * 2 + 1]) { |
| 53 |
+ printf("getcgivars(): Could not allocate memory for empty stringfor variable value #%d.\n", i); |
| 54 |
+ exit(1); |
| 55 |
+ } |
| 56 |
+ unescape_cgi_input(cgivars[i * 2 + 1]); |
| 57 |
} |
| 58 |
- else |
| 59 |
- unescape_cgi_input(cgivars[i * 2 + 1] = strdup("")); |
| 60 |
|
| 61 |
/* get the variable value (or name/value of there was no real "pair" in the first place) */ |
| 62 |
- unescape_cgi_input(cgivars[i * 2] = strdup(pairlist[i])); |
| 63 |
+ cgivars[i * 2] = strdup(pairlist[i]); |
| 64 |
+ if( NULL == cgivars[ i * 2]) { |
| 65 |
+ printf("getcgivars(): Could not allocate memory for cgi name #%d.\n", i); |
| 66 |
+ exit(1); |
| 67 |
+ } |
| 68 |
+ unescape_cgi_input(cgivars[i * 2]); |
| 69 |
} |
| 70 |
|
| 71 |
/* terminate the name-value list */ |
| 72 |
--- cgi/history.c.orig 2011-08-17 17:06:27.000000000 +0930 |
| 73 |
+++ cgi/history.c 2013-01-11 17:03:18.000000000 +1030 |
| 74 |
@@ -805,16 +805,22 @@ |
| 75 |
else if(display_type == DISPLAY_HOSTS) { |
| 76 |
|
| 77 |
if(history_type == HOST_HISTORY || history_type == SERVICE_HISTORY) { |
| 78 |
- sprintf(match1, " HOST ALERT: %s;", host_name); |
| 79 |
- sprintf(match2, " SERVICE ALERT: %s;", host_name); |
| 80 |
+ snprintf(match1, sizeof( match1), |
| 81 |
+ " HOST ALERT: %s;", host_name); |
| 82 |
+ snprintf(match2, sizeof( match2), |
| 83 |
+ " SERVICE ALERT: %s;", host_name); |
| 84 |
} |
| 85 |
else if(history_type == HOST_FLAPPING_HISTORY || history_type == SERVICE_FLAPPING_HISTORY) { |
| 86 |
- sprintf(match1, " HOST FLAPPING ALERT: %s;", host_name); |
| 87 |
- sprintf(match2, " SERVICE FLAPPING ALERT: %s;", host_name); |
| 88 |
+ snprintf(match1, sizeof( match1), |
| 89 |
+ " HOST FLAPPING ALERT: %s;", host_name); |
| 90 |
+ snprintf(match2, sizeof( match2), |
| 91 |
+ " SERVICE FLAPPING ALERT: %s;", host_name); |
| 92 |
} |
| 93 |
else if(history_type == HOST_DOWNTIME_HISTORY || history_type == SERVICE_DOWNTIME_HISTORY) { |
| 94 |
- sprintf(match1, " HOST DOWNTIME ALERT: %s;", host_name); |
| 95 |
- sprintf(match2, " SERVICE DOWNTIME ALERT: %s;", host_name); |
| 96 |
+ snprintf(match1, sizeof( match1), |
| 97 |
+ " HOST DOWNTIME ALERT: %s;", host_name); |
| 98 |
+ snprintf(match2, sizeof( match2), |
| 99 |
+ " SERVICE DOWNTIME ALERT: %s;", host_name); |
| 100 |
} |
| 101 |
|
| 102 |
if(show_all_hosts == TRUE) |
| 103 |
@@ -853,11 +859,11 @@ |
| 104 |
else if(display_type == DISPLAY_SERVICES) { |
| 105 |
|
| 106 |
if(history_type == SERVICE_HISTORY) |
| 107 |
- sprintf(match1, " SERVICE ALERT: %s;%s;", host_name, svc_description); |
| 108 |
+ snprintf(match1, sizeof( match1), " SERVICE ALERT: %s;%s;", host_name, svc_description); |
| 109 |
else if(history_type == SERVICE_FLAPPING_HISTORY) |
| 110 |
- sprintf(match1, " SERVICE FLAPPING ALERT: %s;%s;", host_name, svc_description); |
| 111 |
+ snprintf(match1, sizeof( match1), " SERVICE FLAPPING ALERT: %s;%s;", host_name, svc_description); |
| 112 |
else if(history_type == SERVICE_DOWNTIME_HISTORY) |
| 113 |
- sprintf(match1, " SERVICE DOWNTIME ALERT: %s;%s;", host_name, svc_description); |
| 114 |
+ snprintf(match1, sizeof( match1), " SERVICE DOWNTIME ALERT: %s;%s;", host_name, svc_description); |
| 115 |
|
| 116 |
if(strstr(temp_buffer, match1) && (history_type == SERVICE_HISTORY || history_type == SERVICE_FLAPPING_HISTORY || history_type == SERVICE_DOWNTIME_HISTORY)) |
| 117 |
display_line = TRUE; |