From bfd2885b5b3fe58a70fce7b100a63a31c07a3d37 Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Sun, 11 Apr 2021 11:59:27 +0200 Subject: [PATCH] Revert "Adding d/p/10_check_pqsql_db_name_too_strict (Closes: #982847)" This reverts commit c055b9a04a98bc51801333ebbecae4611e1bd7df. --- .../patches/10_check_pqsql_db_name_too_strict | 31 ------------------- debian/patches/series | 1 - 2 files changed, 32 deletions(-) delete mode 100644 debian/patches/10_check_pqsql_db_name_too_strict diff --git a/debian/patches/10_check_pqsql_db_name_too_strict b/debian/patches/10_check_pqsql_db_name_too_strict deleted file mode 100644 index 32fbd11..0000000 --- a/debian/patches/10_check_pqsql_db_name_too_strict +++ /dev/null @@ -1,31 +0,0 @@ -From dae075e65a38c65352d04f8c8fdfa21e2056d01c Mon Sep 17 00:00:00 2001 -From: Florian Lohoff -Date: Mon, 15 Feb 2021 15:34:07 +0100 -Subject: [PATCH] Using snprintf which honors the buffers size and guarantees - null termination. (Closes: #1601) - -As strcpy may overflow the resulting buffer: - -flo@p5:~$ /tmp/f/usr/lib/nagios/plugins/check_pgsql -d "$(seq 1 10000)" -*** buffer overflow detected ***: terminated -Aborted - -I would propose to change the code rather like this, using snprintf -which honors the buffers size and guarantees null termination. ---- - plugins/check_pgsql.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/plugins/check_pgsql.c b/plugins/check_pgsql.c -index 11ce6916..b8fc5f1d 100644 ---- a/plugins/check_pgsql.c -+++ b/plugins/check_pgsql.c -@@ -347,7 +347,7 @@ process_arguments (int argc, char **argv) - if (!is_pg_dbname (optarg)) /* checks length and valid chars */ - usage2 (_("Database name is not valid"), optarg); - else /* we know length, and know optarg is terminated, so us strcpy */ -- strcpy (dbName, optarg); -+ snprintf(dbName, NAMEDATALEN, "%s", optarg); - break; - case 'l': /* login name */ - if (!is_pg_logname (optarg)) diff --git a/debian/patches/series b/debian/patches/series index 3fcc438..de39cb6 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,3 +1,2 @@ 02_check_icmp_links # commited upstream -10_check_pqsql_db_name_too_strict