[Nagiosplug-checkins] SF.net SVN: nagiosplug: [1807] nagiosplug/trunk/plugins/check_http.c

[hweiss at users.sourceforge.net]

Revision: 1807
          http://nagiosplug.svn.sourceforge.net/nagiosplug/?rev=1807&view=rev
Author:   hweiss
Date:     2007-10-14 15:19:29 -0700 (Sun, 14 Oct 2007)

Log Message:
-----------
Fix a possible segfault if using "-f follow" and the server sends a
forged "LLLLocation" header prefixed with multiple "L"s (fabiodds -
1813346)

Modified Paths:
--------------
    nagiosplug/trunk/plugins/check_http.c

Modified: nagiosplug/trunk/plugins/check_http.c
===================================================================
--- nagiosplug/trunk/plugins/check_http.c	2007-10-11 04:21:27 UTC (rev 1806)
+++ nagiosplug/trunk/plugins/check_http.c	2007-10-14 22:19:29 UTC (rev 1807)
@@ -1062,7 +1062,6 @@
 
 
 /* per RFC 2396 */
-#define HDR_LOCATION "%*[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]: "
 #define URI_HTTP "%5[HTPShtps]"
 #define URI_HOST "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
 #define URI_PORT "%6d" /* MAX_PORT's width is 5 chars, 6 to detect overflow */
@@ -1092,7 +1091,7 @@
     die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate url\n"));
 
   while (pos) {
-    sscanf (pos, "%[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]:%n", xx, &i);
+    sscanf (pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n", xx, &i);
     if (i == 0) {
       pos += (size_t) strcspn (pos, "\r\n");
       pos += (size_t) strspn (pos, "\r\n");


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.