From 09bfb1b482f428b1c11f68b5be7d134ba5e3b457 Mon Sep 17 00:00:00 2001 From: PhiBo Date: Wed, 24 Nov 2021 11:23:47 +0100 Subject: Fix possible overflow in check_ups (Fixes: #1030) diff --git a/plugins/check_ups.c b/plugins/check_ups.c index e9e56a5..0de37a2 100644 --- a/plugins/check_ups.c +++ b/plugins/check_ups.c @@ -402,7 +402,10 @@ get_ups_variable (const char *varname, char *buf, size_t buflen) /* create the command string to send to the UPS daemon */ /* Add LOGOUT to avoid read failure logs */ - sprintf (send_buffer, "GET VAR %s %s\nLOGOUT\n", ups_name, varname); + if (snprintf (send_buffer, sizeof(send_buffer), "GET VAR %s %s\nLOGOUT\n", ups_name, varname) >= sizeof(send_buffer)) { + printf("%s\n", _("UPS name to long for buffer")); + return ERROR; + } /* send the command to the daemon and get a response back */ if (process_tcp_request -- cgit v0.10-9-g596f