From 7cafb0e84550035fe671662c293122be975065ca Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Fri, 15 Feb 2019 10:36:28 +0100 Subject: check_by_ssh: fix child process leak on timeouts When check_by_ssh runs into a timeout it simply exits keeping all child processes running. Simply adopting the kill loop from runcmd_timeout_alarm_handler() fixes this. Signed-off-by: Sven Nierlein --- plugins/check_pgsql.c | 1 + 1 file changed, 1 insertion(+) (limited to 'plugins/check_pgsql.c') diff --git a/plugins/check_pgsql.c b/plugins/check_pgsql.c index 5cd47093..11ce6916 100644 --- a/plugins/check_pgsql.c +++ b/plugins/check_pgsql.c @@ -34,6 +34,7 @@ const char *email = "devel@monitoring-plugins.org"; #include "common.h" #include "utils.h" +#include "utils_cmd.h" #include "netutils.h" #include -- cgit v1.2.3-74-g34f1 From dae075e65a38c65352d04f8c8fdfa21e2056d01c Mon Sep 17 00:00:00 2001 From: Florian Lohoff Date: Mon, 15 Feb 2021 15:34:07 +0100 Subject: Using snprintf which honors the buffers size and guarantees null termination. (Closes: #1601) As strcpy may overflow the resulting buffer: flo@p5:~$ /tmp/f/usr/lib/nagios/plugins/check_pgsql -d "$(seq 1 10000)" *** buffer overflow detected ***: terminated Aborted I would propose to change the code rather like this, using snprintf which honors the buffers size and guarantees null termination. --- plugins/check_pgsql.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins/check_pgsql.c') diff --git a/plugins/check_pgsql.c b/plugins/check_pgsql.c index 11ce6916..b8fc5f1d 100644 --- a/plugins/check_pgsql.c +++ b/plugins/check_pgsql.c @@ -347,7 +347,7 @@ process_arguments (int argc, char **argv) if (!is_pg_dbname (optarg)) /* checks length and valid chars */ usage2 (_("Database name is not valid"), optarg); else /* we know length, and know optarg is terminated, so us strcpy */ - strcpy (dbName, optarg); + snprintf(dbName, NAMEDATALEN, "%s", optarg); break; case 'l': /* login name */ if (!is_pg_logname (optarg)) -- cgit v1.2.3-74-g34f1