[Nagiosplug-checkins] SF.net SVN: nagiosplug:[2171] nagiosplug/trunk/plugins/check_snmp.c

dermoth at users.sourceforge.net dermoth at users.sourceforge.net
Wed Mar 18 08:54:15 CET 2009

Previous message: [Nagiosplug-checkins] SF.net SVN: nagiosplug:[2170] nagiosplug/trunk/tools/tinderbox_build
Next message: [Nagiosplug-checkins] SF.net SVN: nagiosplug:[2172] nagiosplug/trunk/plugins/t/check_snmp.t
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Revision: 2171
          http://nagiosplug.svn.sourceforge.net/nagiosplug/?rev=2171&view=rev
Author:   dermoth
Date:     2009-03-18 07:54:15 +0000 (Wed, 18 Mar 2009)

Log Message:
-----------
check_snmp: Fix potential buffer overflow - enforce MAX_OIDS limit (John A. Barbuto)

From: Thomas Guyot-Sionnest <dermoth at aei.ca>

Modified Paths:
--------------
    nagiosplug/trunk/plugins/check_snmp.c

Modified: nagiosplug/trunk/plugins/check_snmp.c
===================================================================
--- nagiosplug/trunk/plugins/check_snmp.c	2009-03-18 07:39:26 UTC (rev 2170)
+++ nagiosplug/trunk/plugins/check_snmp.c	2009-03-18 07:54:15 UTC (rev 2171)
@@ -527,9 +527,8 @@
 					needmibs = TRUE;
 			}
 			oids = calloc(MAX_OIDS, sizeof (char *));
-			for (ptr = strtok(optarg, ", "); ptr != NULL; ptr = strtok(NULL, ", ")) {
+			for (ptr = strtok(optarg, ", "); ptr != NULL && j < MAX_OIDS; ptr = strtok(NULL, ", "), j++) {
 				oids[j] = strdup(ptr);
-				j++;
 			}
 			numoids = j;
 			if (c == 'E' || c == 'e') {


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

Previous message: [Nagiosplug-checkins] SF.net SVN: nagiosplug:[2170] nagiosplug/trunk/tools/tinderbox_build
Next message: [Nagiosplug-checkins] SF.net SVN: nagiosplug:[2172] nagiosplug/trunk/plugins/t/check_snmp.t
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Commits mailing list