File icinga-CVE-2015-8010.patch of Package icinga.9111

Index: icinga-1.13.3/cgi/cgiutils.c
===================================================================
--- icinga-1.13.3.orig/cgi/cgiutils.c
+++ icinga-1.13.3/cgi/cgiutils.c
@@ -31,6 +31,7 @@
 #include "../include/comments.h"
 
 #include "../include/cgiutils.h"
+#include "../include/getcgi.h"
 
 char            main_config_file[MAX_FILENAME_LENGTH];
 char            command_file[MAX_FILENAME_LENGTH];
@@ -77,7 +78,6 @@ int             enable_splunk_integratio
 char            *splunk_url = NULL;
 int             lock_author_names = TRUE;
 
-char		*authorization_config_file = NULL;
 char		*authorized_for_all_host_commands = NULL;
 char		*authorized_for_all_hosts = NULL;
 char		*authorized_for_all_service_commands = NULL;
@@ -209,6 +209,7 @@ extern serviceescalation *serviceescalat
 
 extern hoststatus      *hoststatus_list;
 extern servicestatus   *servicestatus_list;
+extern html_request    *html_request_list;
 
 
 char encoded_url_string[4][MAX_INPUT_BUFFER]; // 4 to be able to use url_encode 4 times
@@ -721,11 +722,7 @@ int read_cgi_config_file(char *filename)
 		else if (!strcmp(var, "read_gzip_logs"))
 			read_gzip_logs = (atoi(val) > 0) ? TRUE : FALSE;
 
-		else if (!strcmp(var, "authorization_config_file")) {
-			authorization_config_file = strdup(val);
-			strip(authorization_config_file);
-
-		} else if (!strcmp(var, "authorized_for_all_host_commands")) {
+		else if (!strcmp(var, "authorized_for_all_host_commands")) {
 			authorized_for_all_host_commands = strdup(val);
 			strip(authorized_for_all_host_commands);
 
@@ -1864,18 +1861,18 @@ void get_time_string(time_t *raw_time, c
 
 /* get time string for an interval of time */
 void get_interval_time_string(double time_units, char *buffer, int buffer_length) {
-	unsigned long total_seconds;
-	int hours = 0;
-	int minutes = 0;
-	int seconds = 0;
+	double total_seconds;
+	int hours = 0.0;
+	int minutes = 0.0;
+	double seconds = 0.0;
 
-	total_seconds = (unsigned long)(time_units * interval_length);
+	total_seconds = (double)(time_units * interval_length);
 	hours = (int)total_seconds / 3600;
-	total_seconds %= 3600;
+	total_seconds -= (hours * 3600);
 	minutes = (int)total_seconds / 60;
-	total_seconds %= 60;
-	seconds = (int)total_seconds;
-	snprintf(buffer, buffer_length, "%dh %dm %ds", hours, minutes, seconds);
+	total_seconds -= (minutes * 60);
+	seconds = total_seconds;
+	snprintf(buffer, buffer_length, "%dh %dm %.2fs", hours, minutes, seconds);
 	buffer[buffer_length - 1] = '\x0';
 
 	return;
@@ -2228,54 +2225,50 @@ void display_info_table(char *title, aut
 }
 
 void display_nav_table(time_t ts_start, time_t ts_end) {
-	char *temp_buffer;
+	char temp_buffer[MAX_INPUT_BUFFER] = "";
 	char url[MAX_INPUT_BUFFER] = "";
-	char stripped_query_string[MAX_INPUT_BUFFER] = "";
 	char date_time[MAX_INPUT_BUFFER];
 	struct tm *t;
 	time_t ts_midnight = 0L;
 	time_t current_time = 0L;
+	html_request *temp_request_item = NULL;
 
 	/* define base url */
 	switch (CGI_ID) {
 	case HISTORY_CGI_ID:
-		strcat(url, HISTORY_CGI);
+		strncpy(url, HISTORY_CGI, sizeof(url));
 		break;
 	case NOTIFICATIONS_CGI_ID:
-		strcat(url, NOTIFICATIONS_CGI);
+		strncpy(url, NOTIFICATIONS_CGI, sizeof(url));
 		break;
 	case SHOWLOG_CGI_ID:
-		strcat(url, SHOWLOG_CGI);
+		strncpy(url, SHOWLOG_CGI, sizeof(url));
 		break;
 	default:
-		strcat(url, "NO_URL_DEFINED");
+		strncpy(url, "NO_URL_DEFINED", sizeof(url));
 		break;
 	}
 
-	/* get url options but filter out "ts_end", "ts_start" and "start" */
-	if (getenv("QUERY_STRING") != NULL && strcmp(getenv("QUERY_STRING"), "")) {
-		if(strlen(getenv("QUERY_STRING")) > MAX_INPUT_BUFFER - 1) {
-			write_to_cgi_log("display_nav_table(): Query string exceeds max length. Returning without displaying nav table.\n");
-			return;
+	url[sizeof(url) - 1] = '\x0';
+
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		if (temp_request_item->is_valid == FALSE || temp_request_item->option == NULL) {
+			continue;
 		}
-		strcpy(stripped_query_string, getenv("QUERY_STRING"));
-		strip_html_brackets(stripped_query_string);
 
-		/* check if concatenated strings exceed MAX_INPUT_BUFFER */
-		if (strlen(url) + strlen(stripped_query_string) + 1 > MAX_INPUT_BUFFER - 1) {
-			write_to_cgi_log("display_nav_table(): Full query string exceeds max length. Returning without displaying nav table.\n");
-			return;
+		/* filter out "limit" and "start" */
+		if (!strcmp(temp_request_item->option, "ts_start") || !strcmp(temp_request_item->option, "ts_end") || !strcmp(temp_request_item->option, "start")) {
+			continue;
 		}
 
-		for (temp_buffer = my_strtok(stripped_query_string, "&"); temp_buffer != NULL; temp_buffer = my_strtok(NULL, "&")) {
-			if (strncmp(temp_buffer, "ts_start=", 9) != 0 && strncmp(temp_buffer, "ts_end=", 6) != 0 && strncmp(temp_buffer, "start=", 6) != 0) {
-				if (strstr(url, "?"))
-					strcat(url, "&");
-				else
-					strcat(url, "?");
-				strcat(url, temp_buffer);
-			}
+		strncpy(temp_buffer, url, sizeof(temp_buffer));
+		if (temp_request_item->value != NULL) {
+			snprintf(url, sizeof(url) - 1, "%s%s%s=%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", url_encode(temp_request_item->option), url_encode(temp_request_item->value));
+		} else {
+			snprintf(url, sizeof(url) - 1, "%s%s%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", url_encode(temp_request_item->option));
 		}
+		url[sizeof(url) - 1] = '\x0';
 	}
 
 	/* get the current time */
@@ -2870,49 +2863,45 @@ void print_generic_error_message(char *t
  *  a new page with the desired content.
 **/
 void print_export_link(int content_type, char *cgi, char *add_to_url) {
-	char stripped_query_string[MAX_INPUT_BUFFER] = "";
 	char link[MAX_INPUT_BUFFER] = "";
+	char temp_buffer[MAX_INPUT_BUFFER] = "";
+	html_request *temp_request_item = NULL;
 
 	if (cgi == NULL)
 		return;
 
-	strcat(link, cgi);
+	strncpy(link, cgi, sizeof(link));
+	link[sizeof(link) - 1] = '\x0';
 
-	/* just do stuff if some options are requested */
-	if (getenv("QUERY_STRING") != NULL && strcmp(getenv("QUERY_STRING"), "")) {
-		if(strlen(getenv("QUERY_STRING")) > MAX_INPUT_BUFFER - 1) {
-			write_to_cgi_log("print_export_link(): Query string exceeds max length. Returning without displaying export link.\n");
-			return;
-		}
-		strcpy(stripped_query_string, getenv("QUERY_STRING"));
-		strip_html_brackets(stripped_query_string);
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
 
-		/* check if concatenated strings exceed MAX_INPUT_BUFFER */
-		if (strlen(link) + strlen(stripped_query_string) + 1 > MAX_INPUT_BUFFER - 1) {
-			write_to_cgi_log("print_export_link(): Full query string exceeds max length. Returning without displaying export link.\n");
-			return;
+		if (temp_request_item->is_valid == FALSE || temp_request_item->option == NULL) {
+			continue;
 		}
 
-		strcat(link, "?");
-		strcat(link, stripped_query_string);
+		strncpy(temp_buffer, link, sizeof(temp_buffer));
+		if (temp_request_item->value != NULL) {
+			snprintf(link, sizeof(link) - 1, "%s%s%s=%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", url_encode(temp_request_item->option), url_encode(temp_request_item->value));
+		} else {
+			snprintf(link, sizeof(link) - 1, "%s%s%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", url_encode(temp_request_item->option));
+		}
+		link[sizeof(link) - 1] = '\x0';
 	}
 
 	/* add string to url */
-	if (add_to_url != NULL && strlen(add_to_url) != 0 && strlen(link) + strlen(stripped_query_string) + strlen(add_to_url) + 2 <= MAX_INPUT_BUFFER - 1) {
-		if (strlen(stripped_query_string) != 0)
-			strcat(link, "&");
-		else
-			strcat(link, "?");
-		strcat(link, add_to_url);
+	if (add_to_url != NULL && strlen(add_to_url) != 0) {
+		strncpy(temp_buffer, link, sizeof(temp_buffer));
+		snprintf(link, sizeof(link) - 1, "%s%s%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&amp;" : "?", add_to_url);
+		link[sizeof(link) - 1] = '\x0';
 	}
 
 	/* print formatted link */
 	if (content_type == CSV_CONTENT)
-		printf("<a href='%s%scsvoutput' target='_blank'><img src='%s%s' style='vertical-align: middle;' border='0' alt='%s' title='%s'></a>\n", link, (strlen(stripped_query_string) != 0) ? "&" : "?", url_images_path, EXPORT_CSV_ICON, EXPORT_CSV_ICON_ALT, EXPORT_CSV_ICON_ALT);
+		printf("<a href='%s%scsvoutput' target='_blank'><img src='%s%s' style='vertical-align: middle;' border='0' alt='%s' title='%s'></a>\n", link, (strstr(link, "?")) ? "&amp;" : "?", url_images_path, EXPORT_CSV_ICON, EXPORT_CSV_ICON_ALT, EXPORT_CSV_ICON_ALT);
 	else if (content_type == JSON_CONTENT)
-		printf("<a href='%s%sjsonoutput' target='_blank'><img src='%s%s' style='vertical-align: middle;' border='0' alt='%s' title='%s'></a>\n", link, (strlen(stripped_query_string) != 0) ? "&" : "?", url_images_path, EXPORT_JSON_ICON, EXPORT_JSON_ICON_ALT, EXPORT_JSON_ICON_ALT);
+		printf("<a href='%s%sjsonoutput' target='_blank'><img src='%s%s' style='vertical-align: middle;' border='0' alt='%s' title='%s'></a>\n", link, (strstr(link, "?")) ? "&amp;" : "?", url_images_path, EXPORT_JSON_ICON, EXPORT_JSON_ICON_ALT, EXPORT_JSON_ICON_ALT);
 	else if (content_type == XML_CONTENT)
-		printf("<a href='%s%sxmloutput' target='_blank'><img src='%s%s' style='vertical-align: middle;' border='0' alt='%s' title='%s'></a>\n", link, (strlen(stripped_query_string) != 0) ? "&" : "?", url_images_path, EXPORT_XML_ICON, EXPORT_XML_ICON_ALT, EXPORT_XML_ICON_ALT);
+		printf("<a href='%s%sxmloutput' target='_blank'><img src='%s%s' style='vertical-align: middle;' border='0' alt='%s' title='%s'></a>\n", link, (strstr(link, "?")) ? "&amp;" : "?", url_images_path, EXPORT_XML_ICON, EXPORT_XML_ICON_ALT, EXPORT_XML_ICON_ALT);
 	else
 		printf("<a href='%s' target='_blank'><img src='%s%s' style='vertical-align: middle;' border='0' alt='%s' title='%s'></a>\n", link, url_images_path, EXPORT_LINK_ICON, EXPORT_LINK_ICON_ALT, EXPORT_LINK_ICON_ALT);
 
@@ -3667,16 +3656,15 @@ void print_modified_attributes(int conte
 /*******************  pagination functions ************************/
 /******************************************************************/
 void page_num_selector(int result_start, int total_entries, int displayed_entries) {
-
 	char link[MAX_INPUT_BUFFER] = "";
-	char stripped_query_string[MAX_INPUT_BUFFER] = "";
-	char *temp_buffer;
+	char temp_buffer[MAX_INPUT_BUFFER] = "";
 	int total_pages = 1;
 	int current_page = 1;
 	//int next_page = 0;
 	int previous_page = 0;
 	int display_from = 0;
 	int display_to = 0;
+	html_request *temp_request_item = NULL;
 
 	/* define base url */
 	switch (CGI_ID) {
@@ -3685,49 +3673,44 @@ void page_num_selector(int result_start,
 	// 	strcat(link, STATUS_CGI);
 	// 	break;
 	case CONFIG_CGI_ID:
-		strcat(link, CONFIG_CGI);
+		strncpy(link, CONFIG_CGI, sizeof(link));
 		break;
 	case EXTINFO_CGI_ID:
-		strcat(link, EXTINFO_CGI);
+		strncpy(link, EXTINFO_CGI, sizeof(link));
 		break;
 	case HISTORY_CGI_ID:
-		strcat(link, HISTORY_CGI);
+		strncpy(link, HISTORY_CGI, sizeof(link));
 		break;
 	case NOTIFICATIONS_CGI_ID:
-		strcat(link, NOTIFICATIONS_CGI);
+		strncpy(link, NOTIFICATIONS_CGI, sizeof(link));
 		break;
 	case SHOWLOG_CGI_ID:
-		strcat(link, SHOWLOG_CGI);
+		strncpy(link, SHOWLOG_CGI, sizeof(link));
 		break;
 	default:
-		strcat(link, "NO_URL_DEFINED");
+		strncpy(link, "NO_URL_DEFINED", sizeof(link));
 		break;
 	}
+	link[sizeof(link) - 1] = '\x0';
 
-	/* get url options but filter out "limit" and "status" */
-	if (getenv("QUERY_STRING") != NULL && strcmp(getenv("QUERY_STRING"), "")) {
-		if(strlen(getenv("QUERY_STRING")) > MAX_INPUT_BUFFER - 1) {
-			write_to_cgi_log("page_num_selector(): Query string exceeds max length. Returning without displaying num selector.\n");
-			return;
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		if (temp_request_item->is_valid == FALSE || temp_request_item->option == NULL) {
+			continue;
 		}
-		strcpy(stripped_query_string, getenv("QUERY_STRING"));
-		strip_html_brackets(stripped_query_string);
 
-		/* check if concatenated strings exceed MAX_INPUT_BUFFER */
-		if (strlen(link) + strlen(stripped_query_string) + 1 > MAX_INPUT_BUFFER - 1) {
-			write_to_cgi_log("page_num_selector(): Full query string exceeds max length. Returning without displaying num selector.\n");
-			return;
+		/* filter out "limit" and "start" */
+		if (!strcmp(temp_request_item->option, "limit") || !strcmp(temp_request_item->option, "start")) {
+			continue;
 		}
 
-		for (temp_buffer = my_strtok(stripped_query_string, "&"); temp_buffer != NULL; temp_buffer = my_strtok(NULL, "&")) {
-			if (strncmp(temp_buffer, "limit=", 6) != 0 && strncmp(temp_buffer, "start=", 6) != 0) {
-				if (strstr(link, "?"))
-					strcat(link, "&");
-				else
-					strcat(link, "?");
-				strcat(link, temp_buffer);
-			}
+		strncpy(temp_buffer, link, sizeof(temp_buffer));
+		if (temp_request_item->value != NULL) {
+			snprintf(link, sizeof(link) - 1, "%s%s%s=%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&amp;" : "?", url_encode(temp_request_item->option), url_encode(temp_request_item->value));
+		} else {
+			snprintf(link, sizeof(link) - 1, "%s%s%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&amp;" : "?", url_encode(temp_request_item->option));
 		}
+		link[sizeof(link) - 1] = '\x0';
 	}
 
 	/* calculate pages */
@@ -3796,61 +3779,55 @@ void page_num_selector(int result_start,
 }
 
 void page_limit_selector(int result_start) {
-
 	static int id = 0;	// gets every dropdown a single id to activate msdropdown
 	char link[MAX_INPUT_BUFFER] = "";
-	char stripped_query_string[MAX_INPUT_BUFFER] = "";
-	char *temp_buffer;
+	char temp_buffer[MAX_INPUT_BUFFER] = "";
+	html_request *temp_request_item = NULL;
 
 	/* define base url */
 	switch (CGI_ID) {
 	case STATUS_CGI_ID:
-		strcat(link, STATUS_CGI);
+		strncpy(link, STATUS_CGI, sizeof(link));
 		break;
 	case CONFIG_CGI_ID:
-		strcat(link, CONFIG_CGI);
+		strncpy(link, CONFIG_CGI, sizeof(link));
 		break;
 	case EXTINFO_CGI_ID:
-		strcat(link, EXTINFO_CGI);
+		strncpy(link, EXTINFO_CGI, sizeof(link));
 		break;
 	case HISTORY_CGI_ID:
-		strcat(link, HISTORY_CGI);
+		strncpy(link, HISTORY_CGI, sizeof(link));
 		break;
 	case NOTIFICATIONS_CGI_ID:
-		strcat(link, NOTIFICATIONS_CGI);
+		strncpy(link, NOTIFICATIONS_CGI, sizeof(link));
 		break;
 	case SHOWLOG_CGI_ID:
-		strcat(link, SHOWLOG_CGI);
+		strncpy(link, SHOWLOG_CGI, sizeof(link));
 		break;
 	default:
-		strcat(link, "NO_URL_DEFINED");
+		strncpy(link, "NO_URL_DEFINED", sizeof(link));
 		break;
 	}
+	link[sizeof(link) - 1] = '\x0';
 
-	/* get url options but filter out "limit" and "status" */
-	if (getenv("QUERY_STRING") != NULL && strcmp(getenv("QUERY_STRING"), "")) {
-		if(strlen(getenv("QUERY_STRING")) > MAX_INPUT_BUFFER - 1) {
-			write_to_cgi_log("page_limit_selector(): Query string exceeds max length. Returning without displaying page limit selector.\n");
-			return;
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		if (temp_request_item->is_valid == FALSE || temp_request_item->option == NULL) {
+			continue;
 		}
-		strcpy(stripped_query_string, getenv("QUERY_STRING"));
-		strip_html_brackets(stripped_query_string);
 
-		/* check if concatenated strings exceed MAX_INPUT_BUFFER */
-		if (strlen(link) + strlen(stripped_query_string) + 1 > MAX_INPUT_BUFFER - 1) {
-			write_to_cgi_log("page_limit_selector(): Full query string exceeds max length. Returning without displaying page limit selector.\n");
-			return;
+		/* filter out "limit" and "start" */
+		if (!strcmp(temp_request_item->option, "limit") || !strcmp(temp_request_item->option, "start")) {
+			continue;
 		}
 
-		for (temp_buffer = my_strtok(stripped_query_string, "&"); temp_buffer != NULL; temp_buffer = my_strtok(NULL, "&")) {
-			if (strncmp(temp_buffer, "limit=", 6) != 0 && strncmp(temp_buffer, "start=", 6) != 0) {
-				if (strstr(link, "?"))
-					strcat(link, "&");
-				else
-					strcat(link, "?");
-				strcat(link, temp_buffer);
-			}
+		strncpy(temp_buffer, link, sizeof(temp_buffer));
+		if (temp_request_item->value != NULL) {
+			snprintf(link, sizeof(link) - 1, "%s%s%s=%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&amp;" : "?", url_encode(temp_request_item->option), url_encode(temp_request_item->value));
+		} else {
+			snprintf(link, sizeof(link) - 1, "%s%s%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&amp;" : "?", url_encode(temp_request_item->option));
 		}
+		link[sizeof(link) - 1] = '\x0';
 	}
 
 	/* display drop down menu to select result limit */
Index: icinga-1.13.3/include/getcgi.h
===================================================================
--- icinga-1.13.3.orig/include/getcgi.h
+++ icinga-1.13.3/include/getcgi.h
@@ -22,12 +22,25 @@
  *
  *****************************************************************************/
 
+#include "../include/cgiutils.h"
+
 #ifdef __cplusplus
   extern "C" {
 #endif
 
-char **getcgivars(void);
-void free_cgivars(char **);
+/** @brief html request struct
+ *
+ *  structure to hold html reqest data to prevent XSS attacks
+**/
+typedef struct html_request_struct {
+	char *option;					/**< pointer to option string */
+	char *value;					/**< pointer to value string */
+	int is_valid;					/**< bool to mark if this request is valid */
+	struct html_request_struct *next;		/**< next html_request entry */
+} html_request;
+
+html_request *getcgivars(void);
+void free_html_request(html_request *);
 void unescape_cgi_input(char *);
 void sanitize_cgi_input(char **);
 unsigned char hex_to_char(char *);
Index: icinga-1.13.3/cgi/avail.c
===================================================================
--- icinga-1.13.3.orig/cgi/avail.c
+++ icinga-1.13.3/cgi/avail.c
@@ -230,7 +230,7 @@ void free_archived_state_list(archived_s
 void read_archived_state_data(void);
 unsigned long calculate_total_time(time_t, time_t);
 
-int process_cgivars(void);
+void process_cgivars(void);
 
 int backtrack_archives = 2;
 int earliest_archive = 0;
@@ -245,6 +245,8 @@ extern char *csv_data_enclosure;
 
 timeperiod *current_timeperiod = NULL;
 
+html_request *html_request_list = NULL;			/**< contains html requested data */
+
 int CGI_ID = AVAIL_CGI_ID;
 
 int main(int argc, char **argv) {
@@ -1095,43 +1097,28 @@ int main(int argc, char **argv) {
 	document_footer(CGI_ID);
 
 	/* free all other allocated memory */
+	free_html_request(html_request_list);
 	free_memory();
 
 	return OK;
 }
 
-int process_cgivars(void) {
-	char **variables;
+void process_cgivars(void) {
 	char *temp_buffer = NULL;
 	char *key = NULL;
 	char *value = NULL;
-	int error = FALSE;
-	int x;
+	timeperiod *temp_timeperiod = NULL;
+	html_request *temp_request_item = NULL;
 
-	variables = getcgivars();
+	html_request_list = getcgivars();
 
-	for (x = 0; variables[x] != NULL; x+=2) {
-		key = variables[x];
-		value = variables[x+1];
-
-		/* do some basic length checking on the variable key to prevent buffer overflows */
-		if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-			error = TRUE;
-			break;
-		}
-		/* likewise, check the value if present */
-		if (value != NULL)
-			if (strlen(value) >= MAX_INPUT_BUFFER - 1) {
-				error = TRUE;
-				break;
-		}
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		key = temp_request_item->option;
+		value = temp_request_item->value;
 
 		/* we found the hostgroup argument */
-		if (!strcmp(key, "hostgroup")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		if (!strcmp(key, "hostgroup") && value != NULL) {
 
 			if ((hostgroup_name = (char *)strdup(value)) == NULL)
 				hostgroup_name = "";
@@ -1139,14 +1126,12 @@ int process_cgivars(void) {
 
 			display_type = DISPLAY_HOSTGROUP_AVAIL;
 			show_all_hostgroups = (strcmp(hostgroup_name, "all")) ? FALSE : TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the servicegroup argument */
-		else if (!strcmp(key, "servicegroup")) {
-			if (variables[x] == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "servicegroup") && value != NULL) {
 
 			if ((servicegroup_name = (char *)strdup(value)) == NULL)
 				servicegroup_name = "";
@@ -1154,14 +1139,12 @@ int process_cgivars(void) {
 
 			display_type = DISPLAY_SERVICEGROUP_AVAIL;
 			show_all_servicegroups = (strcmp(servicegroup_name, "all")) ? FALSE : TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the host argument */
-		else if (!strcmp(key, "host")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "host") && value != NULL) {
 
 			if ((host_name = (char *)strdup(value)) == NULL)
 				host_name = "";
@@ -1171,14 +1154,12 @@ int process_cgivars(void) {
 			if (strlen(service_desc) == 0)
 				display_type = DISPLAY_HOST_AVAIL;
 			show_all_hosts = (strcmp(host_name, "all")) ? FALSE : TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the service description argument */
-		else if (!strcmp(key, "service")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "service") && value != NULL) {
 
 			if ((service_desc = (char *)strdup(value)) == NULL)
 				service_desc = "";
@@ -1186,14 +1167,12 @@ int process_cgivars(void) {
 
 			display_type = DISPLAY_SERVICE_AVAIL;
 			show_all_services = (strcmp(service_desc, "all")) ? FALSE : TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found a combined host/service */
-		else if (!strcmp(key, "hostservice")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "hostservice") && value != NULL) {
 
 			temp_buffer = strtok(value, "^");
 
@@ -1211,110 +1190,90 @@ int process_cgivars(void) {
 
 			display_type = DISPLAY_SERVICE_AVAIL;
 			show_all_services = (strcmp(service_desc, "all")) ? FALSE : TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found first time argument */
-		else if (!strcmp(key, "t1")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "t1") && value != NULL) {
 
 			t1 = (time_t)strtoul(value, NULL, 10);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found first time argument */
-		else if (!strcmp(key, "t2")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "t2") && value != NULL) {
 
 			t2 = (time_t)strtoul(value, NULL, 10);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the assume initial states option */
-		else if (!strcmp(key, "assumeinitialstates")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "assumeinitialstates") && value != NULL) {
 
 			if (!strcmp(value, "yes"))
 				assume_initial_states = TRUE;
 			else
 				assume_initial_states = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the assume state during program not running option */
-		else if (!strcmp(key, "assumestatesduringnotrunning")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "assumestatesduringnotrunning") && value != NULL) {
 
 			if (!strcmp(value, "yes"))
 				assume_states_during_notrunning = TRUE;
 			else
 				assume_states_during_notrunning = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the initial assumed host state option */
-		else if (!strcmp(key, "initialassumedhoststate")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "initialassumedhoststate") && value != NULL) {
 
 			initial_assumed_host_state = atoi(value);
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the initial assumed service state option */
-		else if (!strcmp(key, "initialassumedservicestate")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "initialassumedservicestate") && value != NULL) {
 
 			initial_assumed_service_state = atoi(value);
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the assume state retention option */
-		else if (!strcmp(key, "assumestateretention")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "assumestateretention") && value != NULL) {
 
 			if (!strcmp(value, "yes"))
 				assume_state_retention = TRUE;
 			else
 				assume_state_retention = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the include soft states option */
-		else if (!strcmp(key, "includesoftstates")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "includesoftstates") && value != NULL) {
 
 			if (!strcmp(value, "yes"))
 				include_soft_states = TRUE;
 			else
 				include_soft_states = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the backtrack archives argument */
-		else if (!strcmp(key, "backtrack")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "backtrack") && value != NULL) {
 
 			backtrack_archives = atoi(value);
 			if (backtrack_archives < 0)
@@ -1322,17 +1281,11 @@ int process_cgivars(void) {
 			if (backtrack_archives > MAX_ARCHIVE_BACKTRACKS)
 				backtrack_archives = MAX_ARCHIVE_BACKTRACKS;
 
-#ifdef DEBUG
-			printf("BACKTRACK ARCHIVES: %d\n", backtrack_archives);
-#endif
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the standard timeperiod argument */
-		else if (!strcmp(key, "timeperiod")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "timeperiod") && value != NULL) {
 
 			if (!strcmp(value, "today"))
 				timeperiod_type = TIMEPERIOD_TODAY;
@@ -1367,40 +1320,50 @@ int process_cgivars(void) {
 
 			convert_timeperiod_to_times(timeperiod_type, &t1, &t2);
 			compute_time_from_parts = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the embed option */
-		else if (!strcmp(key, "embedded"))
+		else if (!strcmp(key, "embedded")) {
 			embedded = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the noheader option */
-		else if (!strcmp(key, "noheader"))
+		else if (!strcmp(key, "noheader")) {
 			display_header = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the CSV output option */
 		else if (!strcmp(key, "csvoutput")) {
 			display_header = FALSE;
 			content_type = CSV_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the JSON output option */
 		else if (!strcmp(key, "jsonoutput")) {
 			display_header = FALSE;
 			content_type = JSON_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the XML output option */
 		else if (!strcmp(key, "xmloutput")) {
 			display_header = FALSE;
 			content_type = XML_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the content type argument */
-		else if (!strcmp(key, "content_type")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "content_type") && value != NULL) {
 
 			if (!strcmp(value, "xml"))
 				content_type = XML_CONTENT;
@@ -1415,26 +1378,34 @@ int process_cgivars(void) {
 
 			if (content_type != HTML_CONTENT)
 				display_header = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the log entries option  */
-		else if (!strcmp(key, "show_log_entries"))
+		else if (!strcmp(key, "show_log_entries")) {
 			show_log_entries = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the full log entries option */
-		else if (!strcmp(key, "full_log_entries"))
+		else if (!strcmp(key, "full_log_entries")) {
 			full_log_entries = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the get date parts option */
-		else if (!strcmp(key, "get_date_parts"))
+		else if (!strcmp(key, "get_date_parts")) {
 			get_date_parts = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the report type selection option */
-		else if (!strcmp(key, "report_type")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "report_type") && value != NULL) {
+
 			if (!strcmp(value, "hostgroups"))
 				select_hostgroups = TRUE;
 			else if (!strcmp(value, "servicegroups"))
@@ -1443,14 +1414,12 @@ int process_cgivars(void) {
 				select_hosts = TRUE;
 			else
 				select_services = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "smon")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "smon") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1458,14 +1427,12 @@ int process_cgivars(void) {
 			start_month = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "sday")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "sday") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1473,14 +1440,12 @@ int process_cgivars(void) {
 			start_day = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "syear")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "syear") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1488,14 +1453,12 @@ int process_cgivars(void) {
 			start_year = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "smin")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "smin") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1503,14 +1466,12 @@ int process_cgivars(void) {
 			start_minute = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "ssec")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "ssec") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1518,14 +1479,12 @@ int process_cgivars(void) {
 			start_second = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "shour")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "shour") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1533,15 +1492,13 @@ int process_cgivars(void) {
 			start_hour = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 
 		/* we found time argument */
-		else if (!strcmp(key, "emon")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "emon") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1549,14 +1506,12 @@ int process_cgivars(void) {
 			end_month = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "eday")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "eday") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1564,14 +1519,12 @@ int process_cgivars(void) {
 			end_day = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "eyear")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "eyear") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1579,14 +1532,12 @@ int process_cgivars(void) {
 			end_year = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "emin")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "emin") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1594,14 +1545,12 @@ int process_cgivars(void) {
 			end_minute = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "esec")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "esec") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1609,14 +1558,12 @@ int process_cgivars(void) {
 			end_second = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "ehour")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "ehour") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1624,28 +1571,23 @@ int process_cgivars(void) {
 			end_hour = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the show scheduled downtime option */
-		else if (!strcmp(key, "showscheduleddowntime")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "showscheduleddowntime") && value != NULL) {
 
 			if (!strcmp(value, "yes"))
 				show_scheduled_downtime = TRUE;
 			else
 				show_scheduled_downtime = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the report timeperiod option */
-		else if (!strcmp(key, "rpttimeperiod")) {
-			timeperiod *temp_timeperiod;
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "rpttimeperiod") && value != NULL) {
 
 			for (temp_timeperiod = timeperiod_list; temp_timeperiod != NULL; temp_timeperiod = temp_timeperiod->next) {
 				if (!strcmp(url_encode(temp_timeperiod->name), value)) {
@@ -1653,18 +1595,19 @@ int process_cgivars(void) {
 					break;
 				}
 			}
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "nodaemoncheck"))
+		else if (!strcmp(key, "nodaemoncheck") && value != NULL) {
 			daemon_check = FALSE;
-
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 	}
 
-	/* free memory allocated to the CGI variables */
-	free_cgivars(variables);
-
-	return error;
+	return;
 }
 
 
Index: icinga-1.13.3/cgi/cgiauth.c
===================================================================
--- icinga-1.13.3.orig/cgi/cgiauth.c
+++ icinga-1.13.3/cgi/cgiauth.c
@@ -33,7 +33,6 @@
 extern hostgroup	*hostgroup_list;
 extern servicegroup	*servicegroup_list;
 
-extern char		*authorization_config_file;
 extern char		*authorized_for_all_host_commands;
 extern char		*authorized_for_all_hosts;
 extern char		*authorized_for_all_service_commands;
@@ -136,8 +135,6 @@ int get_authentication_information(authd
 	authinfo->authorized_for_read_only = FALSE;
 	authinfo->authorized_for_comments_read_only = FALSE;
 	authinfo->authorized_for_downtimes_read_only = FALSE;
-	authinfo->number_of_authentication_rules = 0;
-	authinfo->authentication_rules = NULL;
 
 	/* set empty default_user_name if uninitialized */
 	if (default_user_name == NULL)
@@ -177,9 +174,6 @@ int get_authentication_information(authd
 
 	/* parse all auth vars */
 
-	if (authorization_config_file != NULL)
-		parse_authorization_config_file(authorization_config_file, authinfo);
-
 	AUTH_USER(all_host_commands)
 	AUTH_USER(all_hosts)
 	AUTH_USER(all_service_commands)
@@ -209,133 +203,9 @@ int get_authentication_information(authd
 	return OK;
 }
 
-/* parsing authorization configuration file */
-int parse_authorization_config_file(char* filename, authdata* authinfo) {
-	mmapfile *thefile;
-	char *input = NULL;
-	char *temp_ptr = NULL;
-	char *temp_rule = NULL;
-	char *role = NULL;
-	char *roles = NULL;
-	char *roles_tmp = NULL;
-	char test_char[2];
-	int role_match = FALSE;
-
-	/* Shibboleth environment variable */
-	if (getenv("entitlement") == NULL) {
-		//printf("<p><div class='errorMessage'>Authorization information: entitlement variable is empty</div></p>");
-		return ERROR;
-	}
-
-	roles = getenv("entitlement");
-
-	roles_tmp = (char *)malloc(strlen(roles) + 1);
-
-	/* read in authorization config file */
-	if ((thefile = mmap_fopen(filename)) != NULL) {
-
-		while (1) {
-			/* read the next line */
-			if ((input = mmap_fgets_multiline(thefile)) == NULL)
-				break;
-
-			strip(input);
-
-			test_char[0] = input[0];
-			test_char[1] = '\0';
-
-			/* ignore comment */
-			if (strcmp(test_char, "#") == 0)
-				continue;
-
-			temp_ptr = strtok(input, "=");
-
-			if (temp_ptr == NULL)
-				continue;
-
-			temp_rule = strtok(NULL, "=");
-
-			if (temp_rule == NULL)
-				continue;
-
-			strcpy(roles_tmp, roles);
-			role = strtok(roles_tmp, ";");
-
-			while (role != NULL) {
-
-				if (strcmp(role, temp_ptr) == 0) {
-					role_match = TRUE;
-					break;
-				}
-
-				role = strtok(NULL, ";");
-			}
-
-			if (role_match == FALSE)
-				continue;
-
-			authinfo->number_of_authentication_rules++;
-			strip(temp_rule);
-
-			/* increment the authentication_rules array */
-			authinfo->authentication_rules = realloc(authinfo->authentication_rules, (sizeof(char*)) * authinfo->number_of_authentication_rules);
-
-			if (authinfo->authentication_rules == NULL)
-				return ERROR;
-
-			authinfo->authentication_rules[authinfo->number_of_authentication_rules - 1] = malloc(sizeof(char) * (strlen(temp_rule) + 1));
-			strcpy(authinfo->authentication_rules[authinfo->number_of_authentication_rules - 1], temp_rule);
-		}
-
-		/* free memory and close the file */
-		free(input);
-		mmap_fclose(thefile);
-	}
-
-	free(roles_tmp);
-
-	return OK;
-}
-
-/* set default authz permissions */
-int set_authz_permissions(char* permission, authdata* authinfo) {
-
-	if (strcmp(permission, "r") == 0) { /* only read permissions */
-		authinfo->authorized_for_read_only = TRUE;
-		authinfo->authorized_for_system_information = TRUE;
-		authinfo->authorized_for_configuration_information = TRUE;
-		authinfo->authorized_for_system_commands = FALSE;
-		authinfo->authorized_for_all_service_commands = FALSE;
-		authinfo->authorized_for_all_host_commands = FALSE;
-	} else if (strcmp(permission, "w") == 0) { /* read + write permissions */
-		authinfo->authorized_for_read_only = FALSE;
-		authinfo->authorized_for_system_information = TRUE;
-		authinfo->authorized_for_system_commands = TRUE;
-		authinfo->authorized_for_configuration_information = TRUE;
-		authinfo->authorized_for_all_service_commands = TRUE;
-		authinfo->authorized_for_all_host_commands = TRUE;
-	}
-
-	return TRUE;
-}
-
 /* check if user is authorized to view information about a particular host */
 int is_authorized_for_host(host *hst, authdata *authinfo) {
 	contact *temp_contact;
-	char *host_list = NULL;
-	char *host_list2 = NULL;
-	char *list_tmp = NULL;
-	char *list_tmp2 = NULL;
-	char *host2 = NULL;
-	char *tmp = NULL;
-	char *tmp_permission = NULL;
-	char *tmp_service = NULL;
-	char *hg_name = NULL;
-	int i;
-	int j;
-	char permission[2];
-	int ok = FALSE;
-	int is_ok = FALSE;
 
 	/* if we're not using authentication, fake it */
 	if (use_authentication == FALSE)
@@ -364,98 +234,6 @@ int is_authorized_for_host(host *hst, au
 	if (is_escalated_contact_for_host(hst, temp_contact) == TRUE)
 		return TRUE;
 
-	/* authz parsing */
-	if (authinfo->number_of_authentication_rules != 0) {
-
-		strcpy(permission, "r");
-
-		for (i = 0; i < authinfo->number_of_authentication_rules; i++) {
-
-			list_tmp = malloc(strlen(authinfo->authentication_rules[i]) + 1);
-			strcpy(list_tmp, authinfo->authentication_rules[i]);
-			strip(list_tmp);
-
-			/* for this situation: :service:r */
-			if (list_tmp[0] == ':')
-				continue;
-
-			/* "w" is the maximum  permission, do not need continue */
-			if (strcmp(permission, "w") == 0)
-				break;
-
-			host_list = strtok(list_tmp, ":");
-
-			host_list2 = malloc(strlen(host_list) + 1);
-			strcpy(host_list2, host_list);
-
-			tmp_service = strtok(NULL, ":");
-			tmp_permission = strtok(NULL, ":");
-			host2 = strtok(host_list2, ",");
-
-			while (host2 != NULL) {
-
-				list_tmp2 = malloc(strlen(host2) + 1);
-				strcpy(list_tmp2, host2);
-				strip(list_tmp2);
-
-				/* host group parsing */
-				if (list_tmp2[0] == '@') {
-					hg_name = malloc(strlen(list_tmp2) + 1);
-					strcpy(hg_name, list_tmp2);
-
-					for (j = 0; j < strlen(hg_name); j++)
-						hg_name[j] = hg_name[j + 1];
-
-					if (is_host_member_of_hostgroup(find_hostgroup(hg_name), hst) == TRUE) {
-						is_ok = TRUE;
-					} else {
-						host2 = strtok(NULL, ",");
-						free(hg_name);
-						continue;
-					}
-
-					free(hg_name);
-				}
-
-				if (strcmp(list_tmp2, hst->name) == 0 || strcmp(list_tmp2, "*") == 0)
-					is_ok = TRUE;
-
-				if (is_ok == TRUE) {
-
-					/* for this situation: host::r */
-					if (tmp_permission == NULL)
-						tmp_permission = tmp_service;
-
-					if (tmp_permission != NULL) {
-						tmp = malloc(strlen(tmp_permission) + 1);
-						strcpy(tmp, tmp_permission);
-						strip(tmp); /* "w" will overwrite "r" permission */
-
-						if (strcmp(permission, "r") == 0 && strcmp(tmp, "w") == 0) {
-							strcpy(permission, "w");
-						}
-
-						free(tmp);
-					}
-
-					ok = TRUE;
-				}
-
-				host2 = strtok(NULL, ",");
-				free(list_tmp2);
-			}
-
-			free(list_tmp);
-			free(host_list2);
-		}
-
-		if (ok == TRUE) {
-			set_authz_permissions(permission, authinfo);
-			return TRUE;
-		}
-
-	} /* end of authz parsing */
-
 	return FALSE;
 }
 
@@ -545,24 +323,6 @@ int is_authorized_for_downtimes_read_onl
 int is_authorized_for_service(service *svc, authdata *authinfo) {
 	host *temp_host = NULL;
 	contact *temp_contact = NULL;
-	char *host_list = NULL;
-	char *host_list2 = NULL;
-	char *service_list = NULL;
-	char *list_tmp = NULL;
-	char *service = NULL;
-	char *host2 = NULL;
-	char *read_only = NULL;
-	char *list_tmp2 = NULL;
-	char *list_tmp3 = NULL;
-	char *list_tmp4 = NULL;
-	char *sg_name = NULL;
-	char *hg_name = NULL;
-	int i = 0;
-	int j = 0;
-	int ok = FALSE;
-	int is_ok = FALSE;
-	int is_ok2 = FALSE;
-	char permission[2];
 
 	/* if we're not using authentication, fake it */
 	if (use_authentication == FALSE)
@@ -589,130 +349,8 @@ int is_authorized_for_service(service *s
 	/* 06-02-2010 added config option, if set FALSE, this condition won't match and
 	   user must be authorized for the services too in order to view them 			*/
 
-	if (is_authorized_for_host(temp_host, authinfo) == TRUE) {
-
-		/* first off, let attribute based auth decide, then show_all_services_host_is_authorized_for==TRUE */
-
-		/* authz parsing */
-		if (authinfo->number_of_authentication_rules != 0) {
-			strcpy(permission, "r");
-
-			for (i = 0; i < authinfo->number_of_authentication_rules; i++) {
-
-				/* "w" is the maximum  permission, do not need continue */
-				if (strcmp(permission, "w") == 0) break;
-
-				list_tmp = malloc(strlen(authinfo->authentication_rules[i]) + 1);
-				strcpy(list_tmp, authinfo->authentication_rules[i]);
-
-				host_list = strtok(list_tmp, ":");
-
-				host_list2 = malloc(strlen(host_list) + 1);
-				strcpy(host_list2, host_list);
-
-				service_list = strtok(NULL, ":");
-				read_only = strtok(NULL, ":");
-				service = strtok(service_list, ",");
-
-				while (service != NULL) {
-					list_tmp2 = malloc(strlen(service) + 1);
-					strcpy(list_tmp2, service);
-					strip(list_tmp2);
-
-					/* service group parsing */
-					if (list_tmp2[0] == '@') {
-						sg_name = malloc(strlen(list_tmp2) + 1);
-						strcpy(sg_name, list_tmp2);
-
-						for (j = 0; j < strlen(sg_name); j++)
-							sg_name[j] = sg_name[j + 1];
-
-						if (is_service_member_of_servicegroup(find_servicegroup(sg_name), svc) == TRUE) {
-							is_ok2 = TRUE;
-						} else {
-							service = strtok(NULL, ",");
-							free(sg_name);
-							continue;
-						}
-
-						free(sg_name);
-					}
-
-					if (strcmp(list_tmp2, svc->display_name) == 0 || strcmp(list_tmp2, "*") == 0)
-						is_ok2 = TRUE;
-
-					if (is_ok2 == TRUE) {
-						host2 = strtok(host_list2, ",");
-
-						while (host2 != NULL) {
-							list_tmp3 = malloc(strlen(host2) + 1);
-							strcpy(list_tmp3, host2);
-							strip(list_tmp3);
-
-							/* host group parsing */
-							if (list_tmp3[0] == '@') {
-								hg_name = malloc(strlen(list_tmp3) + 1);
-								strcpy(hg_name, list_tmp3);
-
-								for (j = 0; j < strlen(hg_name); j++)
-									hg_name[j] = hg_name[j + 1];
-
-								if (is_host_member_of_hostgroup(find_hostgroup(hg_name), temp_host) == TRUE) {
-									is_ok = TRUE;
-								} else {
-									host2 = strtok(NULL, ",");
-									free(hg_name);
-									continue;
-								}
-
-								free(hg_name);
-							}
-
-							if (strcmp(list_tmp2, svc->host_name) == 0 || strcmp(list_tmp2, "*") == 0)
-								is_ok = TRUE;
-
-							if (is_ok == TRUE) {
-								if (read_only != NULL) {
-									list_tmp4 = malloc(strlen(read_only) + 1);
-									strcpy(list_tmp4, read_only);
-									strip(list_tmp4); /* "w" will overwrite "r" permission */
-
-									if (strcmp(permission, "r") == 0 && strcmp(list_tmp4, "w") == 0) {
-										strcpy(permission, "w");
-									}
-
-									free(list_tmp4);
-								}
-
-								ok = TRUE;
-							}
-
-							host2 = strtok(NULL, ",");
-							free(list_tmp3);
-						}
-					}
-
-					service = strtok(NULL, ",");
-					free(list_tmp2);
-				}
-
-				free(list_tmp);
-				free(host_list2);
-			}
-
-			if (ok == TRUE) {
-				set_authz_permissions(permission, authinfo);
-				return TRUE;
-			}
-
-		} /* end of authz parsing */
-		else {
-			/* user does not need to be authorized for the services too in order to view them? */
-			if (show_all_services_host_is_authorized_for == TRUE) {
-				return TRUE;
-			}
-		}
-	}
+	if (is_authorized_for_host(temp_host, authinfo) == TRUE && show_all_services_host_is_authorized_for == TRUE)
+		return TRUE;
 
 	/* find the contact */
 	temp_contact = find_contact(authinfo->username);
Index: icinga-1.13.3/cgi/cmd.c
===================================================================
--- icinga-1.13.3.orig/cgi/cmd.c
+++ icinga-1.13.3/cgi/cmd.c
@@ -178,6 +178,7 @@ unsigned long attr = MODATTR_NONE;		/**<
 double interval = 1.0;				/**< default modified *_interval */
 
 authdata current_authdata;			/**< struct to hold current authentication data */
+html_request *html_request_list = NULL;		/**< contains html requested data */
 
 /** Initialize the struct */
 struct hostlist commands[NUMBER_OF_STRUCTS];
@@ -283,13 +284,10 @@ void check_comment_sanity(int*);
 void check_time_sanity(int*);
 
 /** @brief Parses the requested GET/POST variables
- *  @retval TRUE
- *  @retval FALSE
- *  @return wether parsing was successful or not
  *
  *  @n This function parses the request and set's the necessary variables
 **/
-int process_cgivars(void);
+void process_cgivars(void);
 
 
 /** @brief Yes we need a main function **/
@@ -309,6 +307,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -318,6 +317,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -340,6 +340,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -350,6 +351,7 @@ int main(void) {
 		print_error(NULL, ERROR_CGI_STATUS_DATA, FALSE);
 		document_footer(CGI_ID);
 		free_memory();
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -407,146 +409,112 @@ int main(void) {
 	document_footer(CGI_ID);
 
 	/* free allocated memory */
+	free_html_request(html_request_list);
 	free_memory();
 	free_object_data();
 
 	return OK;
 }
 
-int process_cgivars(void) {
-	char **variables;
+void process_cgivars(void) {
 	char *temp_buffer = NULL;
 	char *key = NULL;
 	char *value = NULL;
-	int error = FALSE;
-	int x;
+	int x = 0;
 	int z = 0;
 	int sticky_ack_set = FALSE;		/* default is TRUE */
+	html_request *temp_request_item = NULL;
 
-	variables = getcgivars();
+	html_request_list = getcgivars();
 
-	/* Process the variables */
-	for (x = 0; variables[x] != NULL; x+=2) {
-		key = variables[x];
-		value = variables[x+1];
-
-		/* do some basic length checking on the variable identifier to prevent buffer overflows */
-		if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-			error = TRUE;
-			break;
-		}
-		/* likewise, check the value if there is one */
-		if (value != NULL)
-			if (strlen(value) >= MAX_INPUT_BUFFER - 1) {
-				error = TRUE;
-				break;
-		}
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		key = temp_request_item->option;
+		value = temp_request_item->value;
 
 		/* we found the command type */
-		if (!strcmp(key, "cmd_typ")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		if (!strcmp(key, "cmd_typ") && value != NULL) {
 
 			command_type = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
                 /* we found the attr */
-                else if (!strcmp(key, "attr")) {
-                        if (value == NULL) {
-                                error = TRUE;
-                                break;
-                        }
+                else if (!strcmp(key, "attr") && value != NULL) {
 
                         attr = strtoul(value, NULL, 10);
+
+			temp_request_item->is_valid = TRUE;
                 }
 
                 /* we found the attr */
-                else if (!strcmp(key, "interval")) {
-                        if (value == NULL) {
-                                error = TRUE;
-                                break;
-                        }
+                else if (!strcmp(key, "interval") && value != NULL) {
 #ifdef HAVE_STRTOF
 			interval = strtof(value, NULL);
 #else
 			/* Solaris 8 doesn't have strtof() */
 			interval = (float)strtod(value, NULL);
 #endif
+
+			temp_request_item->is_valid = TRUE;
                 }
 
 		/* we found the command mode */
-		else if (!strcmp(key, "cmd_mod")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "cmd_mod") && value != NULL) {
 
 			command_mode = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found a comment id or a downtime id*/
-		else if (!strcmp(key, "com_id") || !strcmp(key, "down_id")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if ((!strcmp(key, "com_id") || !strcmp(key, "down_id"))  && value != NULL) {
 
 			multi_ids[z] = strtoul(value, NULL, 10);
 			z++;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the notification delay */
-		else if (!strcmp(key, "not_dly")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "not_dly") && value != NULL) {
 
 			notification_delay = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the schedule delay */
-		else if (!strcmp(key, "sched_dly")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "sched_dly") && value != NULL) {
 
 			schedule_delay = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the comment author */
-		else if (!strcmp(key, "com_author")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "com_author") && value != NULL) {
 
 			if ((comment_author = (char *)strdup(value)) == NULL)
 				comment_author = "";
 			strip_html_brackets(comment_author);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the comment data */
-		else if (!strcmp(key, "com_data")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "com_data") && value != NULL) {
 
 			if ((comment_data = (char *)strdup(value)) == NULL)
 				comment_data = "";
 			strip_html_brackets(comment_data);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the host name */
-		else if (!strcmp(key, "host")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "host") && value != NULL) {
 
 			if ((host_name = (char *)strdup(value)) == NULL)
 				host_name = "";
@@ -555,27 +523,24 @@ int process_cgivars(void) {
 
 				/* Store hostname in struct */
 				commands[x].host_name = host_name;
+				x++;
 			}
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the hostgroup name */
-		else if (!strcmp(key, "hostgroup")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "hostgroup") && value != NULL) {
 
 			if ((hostgroup_name = (char *)strdup(value)) == NULL)
 				hostgroup_name = "";
 			strip_html_brackets(hostgroup_name);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the service name */
-		else if (!strcmp(key, "service")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "service") && value != NULL) {
 
 			if ((service_desc = (char *)strdup(value)) == NULL)
 				service_desc = "";
@@ -583,51 +548,54 @@ int process_cgivars(void) {
 				strip_html_brackets(service_desc);
 
 				/* Store service description in struct */
-				commands[(x-2)].description = service_desc;
+				commands[(x-1)].description = service_desc;
 			}
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found a combined host/service */
-		else if (!strcmp(key, "hostservice")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "hostservice") && value != NULL) {
 
 			temp_buffer = strtok(value, "^");
 
-			if ((host_name = (char *)strdup(temp_buffer)) == NULL)
-				host_name = "";
-			else {
+			if ((host_name = (char *)strdup(temp_buffer)) == NULL) {
+				continue;
+			} else {
 				strip_html_brackets(host_name);
 				commands[x].host_name = host_name;
 			}
 
 			temp_buffer = strtok(NULL, "");
 
-			if ((service_desc = (char *)strdup(temp_buffer)) == NULL)
-				service_desc = "";
-			else {
+			if ((service_desc = (char *)strdup(temp_buffer)) == NULL) {
+				my_free(commands[x].host_name);
+				continue;
+			} else {
 				strip_html_brackets(service_desc);
 				commands[x].description = service_desc;
 			}
+
+			x++;
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the servicegroup name */
-		else if (!strcmp(key, "servicegroup")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "servicegroup") && value != NULL) {
 
 			if ((servicegroup_name = (char *)strdup(value)) == NULL)
 				servicegroup_name = "";
 			strip_html_brackets(servicegroup_name);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we got the persistence option for a comment */
-		else if (!strcmp(key, "persistent"))
+		else if (!strcmp(key, "persistent")) {
 			persistent_comment = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we got the notification option for an acknowledgement */
 		else if (!strcmp(key, "send_notification")) {
@@ -636,6 +604,8 @@ int process_cgivars(void) {
 			/* if the value was omitted, assume it is enabled */
 			if (value == NULL)
 				send_notification = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we got the acknowledgement type */
@@ -645,155 +615,154 @@ int process_cgivars(void) {
 			/* if the value was omitted, assume it is enabled */
 			if (value == NULL)
 				sticky_ack_set = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we use the end_time as expire time */
-		else if (!strcmp(key, "use_ack_end_time"))
+		else if (!strcmp(key, "use_ack_end_time")) {
 			use_ack_end_time = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we use the end_time as disabled notifcations expire time */
-		else if (!strcmp(key, "use_disabled_notif_end_time"))
+		else if (!strcmp(key, "use_disabled_notif_end_time")) {
 			use_disabled_notif_end_time = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we got the service check force option */
-		else if (!strcmp(key, "force_check"))
+		else if (!strcmp(key, "force_check")) {
 			force_check = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we got the option to affect host and all its services */
-		else if (!strcmp(key, "ahas"))
+		else if (!strcmp(key, "ahas")) {
 			affect_host_and_services = TRUE;
-
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 		/* we got the option to propagate to child hosts */
-		else if (!strcmp(key, "ptc"))
+		else if (!strcmp(key, "ptc")) {
 			propagate_to_children = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we got the option for fixed downtime */
-		else if (!strcmp(key, "fixed")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "fixed") && value != NULL) {
 
 			fixed = (atoi(value) > 0) ? TRUE : FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we got the triggered by downtime option */
-		else if (!strcmp(key, "trigger")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "trigger") && value != NULL) {
 
 			triggered_by = strtoul(value, NULL, 10);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we got the child options */
-		else if (!strcmp(key, "childoptions")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "childoptions") && value != NULL) {
 
 			child_options = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the plugin output */
-		else if (!strcmp(key, "plugin_output")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "plugin_output") && value != NULL) {
+
+			strncpy(plugin_output, value, MAX_INPUT_BUFFER);
 
-			strcpy(plugin_output, value);
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the performance data */
-		else if (!strcmp(key, "performance_data")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "performance_data") && value != NULL) {
+
+			strncpy(performance_data, value, MAX_INPUT_BUFFER);
 
-			strcpy(performance_data, value);
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the plugin state */
-		else if (!strcmp(key, "plugin_state")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "plugin_state") && value != NULL) {
 
 			plugin_state = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the hour duration */
-		else if (!strcmp(key, "hours")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "hours") && value != NULL) {
 
 			if (atoi(value) < 0) {
-				error = TRUE;
-				break;
+				continue;
 			}
 			duration += (unsigned long)(atoi(value) * 3600);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the minute duration */
-		else if (!strcmp(key, "minutes")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "minutes") && value != NULL) {
 
 			if (atoi(value) < 0) {
-				error = TRUE;
-				break;
+				continue;
 			}
 			duration += (unsigned long)(atoi(value) * 60);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the start time */
-		else if (!strcmp(key, "start_time")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "start_time") && value != NULL) {
 
-			start_time_string = (char *)malloc(strlen(value) + 1);
-			if (start_time_string == NULL)
+			if ((start_time_string = (char *)strdup(value)) == NULL) {
 				start_time_string = "";
-			else
-				strcpy(start_time_string, value);
+			}
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the end time */
-		else if (!strcmp(key, "end_time")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "end_time") && value != NULL) {
 
-			end_time_string = (char *)malloc(strlen(value) + 1);
-			if (end_time_string == NULL)
+			if ((end_time_string = (char *)strdup(value)) == NULL) {
 				end_time_string = "";
-			else
-				strcpy(end_time_string, value);
+			}
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the forced notification option */
-		else if (!strcmp(key, "force_notification"))
+		else if (!strcmp(key, "force_notification")) {
 			force_notification = NOTIFICATION_OPTION_FORCED;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the broadcast notification option */
-		else if (!strcmp(key, "broadcast_notification"))
+		else if (!strcmp(key, "broadcast_notification")) {
 			broadcast_notification = NOTIFICATION_OPTION_BROADCAST;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we got the persistence option for a comment */
-		else if (!strcmp(key, "nodaemoncheck"))
+		else if (!strcmp(key, "nodaemoncheck")) {
 			daemon_check = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 	}
 
@@ -801,10 +770,7 @@ int process_cgivars(void) {
 		sticky_ack = sticky_ack_set;
 	}
 
-	/* free memory allocated to the CGI variables */
-	free_cgivars(variables);
-
-	return error;
+	return;
 }
 
 void print_object_list(int list_type) {
Index: icinga-1.13.3/cgi/config.c
===================================================================
--- icinga-1.13.3.orig/cgi/config.c
+++ icinga-1.13.3/cgi/config.c
@@ -47,7 +47,6 @@ extern hostescalation *hostescalation_li
 extern module *module_list;
 
 extern char *action_url_target;
-extern char *authorization_config_file;
 extern char *authorized_for_all_host_commands;
 extern char *authorized_for_all_hosts;
 extern char *authorized_for_all_service_commands;
@@ -146,7 +145,7 @@ extern int use_ssl_authentication;
 extern int week_starts_on_monday;
 
 
-int process_cgivars(void);
+void process_cgivars(void);
 void display_options(void);
 void display_hosts(void);
 void display_hostgroups(void);
@@ -181,9 +180,9 @@ char hashed_color[8];
 char *item_name = NULL;					/**< contains exact name user is looking for */
 char *search_string = NULL;				/**< contains search string if user searched something */
 regex_t search_preg;					/**< contains compiled regex term to use with regexec() */
+html_request *html_request_list = NULL;			/**< contains html requested data */
 
 char *org_action_url_target = "";
-char *org_authorization_config_file = "";
 char *org_authorized_for_all_host_commands = "";
 char *org_authorized_for_all_hosts = "";
 char *org_authorized_for_all_service_commands = "";
@@ -301,6 +300,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -310,6 +310,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -319,6 +320,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -462,6 +464,7 @@ int main(void) {
 	if (is_authorized_for_configuration_information(&current_authdata) == FALSE) {
 		print_generic_error_message("It appears as though you do not have permission to view the configuration information you requested...", "If you believe this is an error, check the HTTP server authentication requirements for accessing this CGI and check the authorization options in your CGI configuration file.", 0);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return OK;
 	}
 
@@ -581,90 +584,62 @@ int main(void) {
 		page_num_selector(result_start, total_entries, displayed_entries);
 
 	document_footer(CGI_ID);
+	free_html_request(html_request_list);
 
 	return OK;
 }
 
-int process_cgivars(void) {
-	char **variables;
+void process_cgivars(void) {
 	char *key = NULL;
 	char *value = NULL;
-	int error = FALSE;
-	int x;
+	html_request *temp_request_item = NULL;
 
-	variables = getcgivars();
+	html_request_list = getcgivars();
 	to_expand[0] = '\0';
 
-	for (x = 0; variables[x] != NULL; x+=2) {
-		key = variables[x];
-		value = variables[x+1];
-
-		/* do some basic length checking on the variable identifier to prevent buffer overflows */
-		if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-			error = TRUE;
-			break;
-		}
-		/* likewise, check the value for length if it's present */
-		if (value != NULL)
-			if (strlen(value) >= MAX_INPUT_BUFFER - 1) {
-				error = TRUE;
-				break;
-		}
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		key = temp_request_item->option;
+		value = temp_request_item->value;
 
 		/* we found the search_string argument */
 		if (!strcmp(key, "search_string")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
-
-			if (strlen(value) != 0)
+			if (value != NULL && strlen(value) != 0) {
 				search_string = strdup(value);
+				temp_request_item->is_valid = TRUE;
+			}
 		}
 
 		/* we found the item_name argument */
 		else if (!strcmp(key, "item_name")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
-
-			if (strlen(value) != 0)
+			if (value != NULL && strlen(value) != 0) {
 				item_name = strdup(value);
+				temp_request_item->is_valid = TRUE;
+			}
 		}
 
 		/* we found the host name */
-		else if (!strcmp(key, "host")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
-
+		else if (!strcmp(key, "host") && value != NULL) {
 			host_name = strdup(value);
 			if (host_name == NULL)
 				host_name = "";
 			strip_html_brackets(host_name);
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the service name */
-		else if (!strcmp(key, "service")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
-
+		else if (!strcmp(key, "service") && value != NULL) {
 			service_desc = strdup(value);
 			if (service_desc == NULL)
 				service_desc = "";
 			strip_html_brackets(service_desc);
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the configuration type argument */
-		else if (!strcmp(key, "type")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "type") && value != NULL) {
+
+			temp_request_item->is_valid = TRUE;
 
 			/* what information should we display? */
 			if (!strcmp(value, "hosts"))
@@ -699,71 +674,68 @@ int process_cgivars(void) {
 				display_type = DISPLAY_CGICONFIG;
 			else if (!strcmp(value, "all"))
 				display_type = DISPLAY_ALL;
+			else
+				temp_request_item->is_valid = FALSE;
 		}
 
 		/* we found the embed option */
-		else if (!strcmp(key, "embedded"))
+		else if (!strcmp(key, "embedded")) {
 			embedded = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "nodaemoncheck"))
+		else if (!strcmp(key, "nodaemoncheck")) {
 			daemon_check = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the string-to-expand argument */
-		else if (!strcmp(key, "expand")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "expand") && value != NULL) {
+
 			strncpy(to_expand, value, MAX_COMMAND_BUFFER);
 			to_expand[MAX_COMMAND_BUFFER - 1] = '\0';
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the CSV output option */
 		else if (!strcmp(key, "csvoutput")) {
 			display_header = FALSE;
 			content_type = CSV_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the JSON output option */
 		else if (!strcmp(key, "jsonoutput")) {
 			display_header = FALSE;
 			content_type = JSON_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* start num results to skip on displaying statusdata */
-		else if (!strcmp(key, "start")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "start") && value != NULL) {
 
 			result_start = atoi(value);
 
 			if (result_start < 1)
 				result_start = 1;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* amount of results to display */
-		else if (!strcmp(key, "limit")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
-
+		else if (!strcmp(key, "limit") && value != NULL) {
 			get_result_limit = atoi(value);
+			temp_request_item->is_valid = TRUE;
 		}
-
-		/* we received an invalid argument */
-		else
-			error = TRUE;
-
 	}
 
-	/* free memory allocated to the CGI variables */
-	free_cgivars(variables);
-
-	return error;
+	return;
 }
 
 void display_hosts(void) {
@@ -774,7 +746,7 @@ void display_hosts(void) {
 	char *processed_string = NULL;
 	int options = 0;
 	int odd = 0;
-	char time_string[2][16];
+	char time_string[2][32];
 	char *bg_class = "";
 	int contact = 0;
 	int json_start = TRUE;
@@ -2069,7 +2041,7 @@ void display_services(void) {
 	char *processed_string = NULL;
 	char command_line[MAX_INPUT_BUFFER];
 	char host_service_name[MAX_INPUT_BUFFER];
-	char time_string[2][16];
+	char time_string[2][32];
 	char *bg_class;
 	int options;
 	int odd = 0;
@@ -3187,7 +3159,7 @@ void display_serviceescalations(void) {
 	serviceescalation *temp_se = NULL;
 	contactsmember *temp_contactsmember = NULL;
 	contactgroupsmember *temp_contactgroupsmember = NULL;
-	char time_string[16] = "";
+	char time_string[32] = "";
 	int options = FALSE;
 	int odd = 0;
 	char *bg_class = "";
@@ -3563,7 +3535,7 @@ void display_hostescalations(void) {
 	hostescalation *temp_he = NULL;
 	contactsmember *temp_contactsmember = NULL;
 	contactgroupsmember *temp_contactgroupsmember = NULL;
-	char time_string[16] = "";
+	char time_string[32] = "";
 	int options = FALSE;
 	int odd = 0;
 	char *bg_class = "";
@@ -3986,7 +3958,6 @@ void display_cgiconfig(void) {
 	*/
 
 	PRINT_CONFIG_LINE_STRING(action_url_target, org_action_url_target)
-	PRINT_CONFIG_LINE_STRING(authorization_config_file, org_authorization_config_file)
 	PRINT_CONFIG_LINE_AUTH(authorized_for_all_host_commands, org_authorized_for_all_host_commands)
 	PRINT_CONFIG_LINE_AUTH(authorized_for_all_hosts, org_authorized_for_all_hosts)
 	PRINT_CONFIG_LINE_AUTH(authorized_for_all_service_commands, org_authorized_for_all_service_commands)
@@ -4465,7 +4436,6 @@ void store_default_settings(void) {
 
 	/* fill all NULL pointers with an empty string */
 	action_url_target = (action_url_target == NULL) ? "" : action_url_target;
-	authorization_config_file = (authorization_config_file == NULL) ? "" : authorization_config_file;
 	authorized_for_all_host_commands = (authorized_for_all_host_commands == NULL) ? "" : authorized_for_all_host_commands;
 	authorized_for_all_hosts = (authorized_for_all_hosts == NULL) ? "" : authorized_for_all_hosts;
 	authorized_for_all_service_commands = (authorized_for_all_service_commands == NULL) ? "" : authorized_for_all_service_commands;
@@ -4505,7 +4475,6 @@ void store_default_settings(void) {
 
 	/* copy vars to org_vars*/
 	org_action_url_target = strdup(action_url_target);
-	org_authorization_config_file = strdup(authorization_config_file);
 	org_authorized_for_all_host_commands = strdup(authorized_for_all_host_commands);
 	org_authorized_for_all_hosts = strdup(authorized_for_all_hosts);
 	org_authorized_for_all_service_commands = strdup(authorized_for_all_service_commands);
Index: icinga-1.13.3/cgi/extinfo.c
===================================================================
--- icinga-1.13.3.orig/cgi/extinfo.c
+++ icinga-1.13.3/cgi/extinfo.c
@@ -109,7 +109,7 @@ typedef struct sortdata_struct {
 	struct sortdata_struct *next;
 } sortdata;
 
-int process_cgivars(void);
+void process_cgivars(void);
 
 void show_process_info(void);
 void show_host_info(void);
@@ -131,6 +131,8 @@ authdata current_authdata;
 
 sortdata *sortdata_list = NULL;
 
+html_request *html_request_list = NULL;			/**< contains html requested data */
+
 char *host_name = "";
 char *hostgroup_name = "";
 char *servicegroup_name = "";
@@ -188,6 +190,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -197,6 +200,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -206,6 +210,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -216,6 +221,7 @@ int main(void) {
 		print_error(NULL, ERROR_CGI_STATUS_DATA, FALSE);
 		document_footer(CGI_ID);
 		free_memory();
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -812,42 +818,27 @@ int main(void) {
 	free_comment_data();
 	free_downtime_data();
 	free_sortdata_list();
+	free_html_request(html_request_list);
 
 	return OK;
 }
 
-int process_cgivars(void) {
-	char **variables;
+void process_cgivars(void) {
 	char *key = NULL;
 	char *value = NULL;
-	int error = FALSE;
 	int temp_type;
-	int x;
+	html_request *temp_request_item = NULL;
 
-	variables = getcgivars();
+	html_request_list = getcgivars();
 
-	for (x = 0; variables[x] != NULL; x+=2) {
-		key = variables[x];
-		value = variables[x+1];
-
-		/* do some basic length checking on the variable identifier to prevent buffer overflows */
-		if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-			error = TRUE;
-			break;
-		}
-		/* likewise, check the value if it exists */
-		if (value != NULL)
-			if (strlen(value) >= MAX_INPUT_BUFFER - 1) {
-				error = TRUE;
-				break;
-		}
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		key = temp_request_item->option;
+		value = temp_request_item->value;
 
 		/* we found the display type */
-		if (!strcmp(key, "type")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		if (!strcmp(key, "type") && value != NULL) {
+
 			temp_type = atoi(value);
 			if (temp_type == DISPLAY_HOST_INFO)
 				display_type = DISPLAY_HOST_INFO;
@@ -867,97 +858,89 @@ int process_cgivars(void) {
 				display_type = DISPLAY_SCHEDULING_QUEUE;
 			else
 				display_type = DISPLAY_PROCESS_INFO;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the host name */
-		else if (!strcmp(key, "host")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "host") && value != NULL) {
 
 			host_name = strdup(value);
 			if (host_name == NULL)
 				host_name = "";
 			strip_html_brackets(host_name);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the hostgroup name */
-		else if (!strcmp(key, "hostgroup")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "hostgroup") && value != NULL) {
 
 			hostgroup_name = strdup(value);
 			if (hostgroup_name == NULL)
 				hostgroup_name = "";
 			strip_html_brackets(hostgroup_name);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the service name */
-		else if (!strcmp(key, "service")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "service") && value != NULL) {
 
 			service_desc = strdup(value);
 			if (service_desc == NULL)
 				service_desc = "";
 			strip_html_brackets(service_desc);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the servicegroup name */
-		else if (!strcmp(key, "servicegroup")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "servicegroup") && value != NULL) {
 
 			servicegroup_name = strdup(value);
 			if (servicegroup_name == NULL)
 				servicegroup_name = "";
 			strip_html_brackets(servicegroup_name);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the sort type argument */
-		else if (!strcmp(key, "sorttype")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "sorttype") && value != NULL) {
 
 			sort_type = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the sort option argument */
-		else if (!strcmp(key, "sortoption")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "sortoption") && value != NULL) {
 
 			sort_option = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the CSV output option */
 		else if (!strcmp(key, "csvoutput")) {
 			display_header = FALSE;
 			content_type = CSV_CONTENT;
+
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the JSON output option */
 		else if (!strcmp(key, "jsonoutput")) {
 			display_header = FALSE;
 			content_type = JSON_CONTENT;
+
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
-		else if (!strcmp(key, "csvtype")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "csvtype") && value != NULL) {
 
 			if (!strcmp(value, "comment"))
 				csv_type = CSV_COMMENT;
@@ -965,54 +948,63 @@ int process_cgivars(void) {
 				csv_type = CSV_DOWNTIME;
 			else
 				csv_type = CSV_DEFAULT;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the embed option */
-		else if (!strcmp(key, "embedded"))
+		else if (!strcmp(key, "embedded")) {
 			embedded = TRUE;
 
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
+
 		/* we found the noheader option */
-		else if (!strcmp(key, "noheader"))
+		else if (!strcmp(key, "noheader")) {
 			display_header = FALSE;
 
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
+
 		/* we found the pause option */
-		else if (!strcmp(key, "paused"))
+		else if (!strcmp(key, "paused")) {
 			refresh = FALSE;
 
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
+
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "nodaemoncheck"))
+		else if (!strcmp(key, "nodaemoncheck")) {
 			daemon_check = FALSE;
 
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
+
 		/* start num results to skip on displaying statusdata */
-		else if (!strcmp(key, "start")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "start") && value != NULL) {
 
 			result_start = atoi(value);
 
 			if (result_start < 1)
 				result_start = 1;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* amount of results to display */
-		else if (!strcmp(key, "limit")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "limit") && value != NULL) {
 
 			get_result_limit = atoi(value);
-		}
 
+			temp_request_item->is_valid = TRUE;
+		}
 	}
 
-
-	/* free memory allocated to the CGI variables */
-	free_cgivars(variables);
-
-	return error;
+	return;
 }
 
 void show_process_info(void) {
Index: icinga-1.13.3/cgi/getcgi.c
===================================================================
--- icinga-1.13.3.orig/cgi/getcgi.c
+++ icinga-1.13.3/cgi/getcgi.c
@@ -138,22 +138,18 @@ void unescape_cgi_input(char *input) {
 	return;
 }
 
-
-
-/* read the CGI input and place all name/val pairs into list. returns list containing name1, value1, name2, value2, ... , NULL */
-/* this is a hacked version of a routine I found a long time ago somewhere - can't remember where anymore */
-char **getcgivars(void) {
-	register int i;
+html_request *getcgivars(void) {
 	char *request_method;
 	char *content_type;
 	char *content_length_string;
 	int content_length;
 	char *cgiinput;
-	char **cgivars;
-	char **pairlist;
-	int paircount;
 	char *nvpair;
 	char *eqpos;
+	char *temp_pair;
+	html_request *new_html_request_list = NULL;
+	html_request *new_request_item = NULL;
+	html_request *last_request_item = NULL;
 
 	/* initialize char variable(s) */
 	cgiinput = "";
@@ -237,92 +233,88 @@ char **getcgivars(void) {
 		exit(1);
 	}
 
-	/* first, split on ampersands (&) to extract the name-value pairs into pairlist */
-	/* allocate memory for 256 name-value pairs at a time, increasing by same
-	   amount as necessary... */
-	pairlist = (char **)malloc(256 * sizeof(char **));
-	if (pairlist == NULL) {
-		printf("getcgivars(): Could not allocate memory for name-value pairlist.\n");
-		exit(1);
-	}
-	paircount = 0;
-	nvpair = strtok(cgiinput, "&");
+	nvpair = my_strtok(cgiinput, "&");
 	while (nvpair) {
-		pairlist[paircount] = strdup(nvpair);
-		if(pairlist[paircount++] == NULL) {
-			printf("getcgivars(): Could not allocate memory for name-value pair element #%d.\n", paircount);
+
+		temp_pair = strdup(nvpair);
+		if(temp_pair == NULL) {
+			printf("getcgivars(): Could not allocate memory for name-value pair element %s.\n", nvpair);
 			exit(1);
 		}
-		if (paircount > MAX_CGI_INPUT_PAIRS)
-			break;
-		if (!(paircount % 256)) {
-			pairlist = (char **)realloc(pairlist, (paircount + 256) * sizeof(char **));
-			if (pairlist == NULL) {
-				printf("getcgivars(): Could not re-allocate memory for name-value pairlist.\n");
-				exit(1);
-			}
-		}
-		nvpair = strtok(NULL, "&");
-	}
 
-	/* terminate the list */
-	pairlist[paircount] = '\x0';
+		/* allocating new memory */
+		new_request_item = (html_request *)malloc(sizeof(html_request));
+		if(new_request_item == NULL) {
+			printf("getcgivars(): Could not allocate memory for new html_request element.\n");
+			my_free(temp_pair);
+			exit(1);
+		}
 
-	/* extract the names and values from the pairlist */
-	cgivars = (char **)malloc((paircount * 2 + 1) * sizeof(char **));
-	if (cgivars == NULL) {
-		printf("getcgivars(): Could not allocate memory for name-value list.\n");
-		exit(1);
-	}
+		new_request_item->option = NULL;
+		new_request_item->value = NULL;
+		new_request_item->is_valid = FALSE;
+		new_request_item->next = NULL;
 
-	for (i = 0; i < paircount; i++) {
-		/* get the variable name preceding the equal (=) sign */
-		if ((eqpos = strchr(pairlist[i], '=')) != NULL) {
+		/* get value */
+		if ((eqpos = strchr(temp_pair, '=')) != NULL) {
 			*eqpos = '\0';
-			cgivars[i*2+1] = strdup(eqpos + 1);
-			if(cgivars[i*2+1] == NULL) {
-				printf("getcgivars(): Could not allocate memory for cgi param value #%d,%s.\n", i,eqpos + 1);
+			new_request_item->value = strdup(eqpos + 1);
+			if(new_request_item->value == NULL) {
+				printf("getcgivars(): Could not allocate memory for cgi param value: %s=%s.\n", temp_pair,eqpos + 1);
+				exit(1);
+			}
+			unescape_cgi_input(new_request_item->value);
+			/* do some basic length checking */
+			if (strlen(new_request_item->value) >= MAX_INPUT_BUFFER - 1) {
+				printf("getcgivars(): length of cgi param value exceeds MAX_INPUT_BUFFER: %d.\n", MAX_INPUT_BUFFER);
 				exit(1);
 			}
-			unescape_cgi_input(cgivars[i*2+1]);
-
-		} else {
-			cgivars[i*2+1] = NULL;
 		}
 
-		/* get the variable value (or name/value of there was no real "pair" in the first place) */
-		cgivars[i*2] = strdup(pairlist[i]);
-		if(cgivars[i*2] == NULL) {
-			printf("getcgivars(): Could not allocate memory for cgi param name #%d,%s.\n", i,eqpos + 1);
+		/* get option name
+		   just reuse the temp_pair pointer without allocating new memory
+		*/
+		new_request_item->option = temp_pair;
+		unescape_cgi_input(new_request_item->option);
+		if (strlen(new_request_item->option) >= MAX_INPUT_BUFFER - 1) {
+			printf("getcgivars(): length of cgi param option exceeds MAX_INPUT_BUFFER: %d.\n", MAX_INPUT_BUFFER);
 			exit(1);
 		}
-		unescape_cgi_input(cgivars[i*2]);
-	}
 
-	/* terminate the name-value list */
-	cgivars[paircount*2] = '\x0';
+		if (new_html_request_list == NULL) {
+			new_html_request_list = new_request_item;
+			new_html_request_list->next = NULL;
+			last_request_item = new_html_request_list;
+		} else {
+			last_request_item->next = new_request_item;
+			last_request_item = new_request_item;
+			last_request_item->next = NULL;
+		}
+
+		nvpair = my_strtok(NULL, "&");
+	}
 
 	/* free allocated memory */
 	free(cgiinput);
-	for (i = 0; pairlist[i] != NULL; i++)
-		free(pairlist[i]);
-	free(pairlist);
-
-	/* sanitize the name-value strings */
-	sanitize_cgi_input(cgivars);
 
 	/* return the list of name-value strings */
-	return cgivars;
+	return new_html_request_list;
 }
 
+/* free() memory allocated to storing the CGI request data */
+void free_html_request(html_request *html_request_list) {
+	html_request *this_html_request = NULL;
+	html_request *next_html_request = NULL;
+
+	/* free memory for html request list */
+	for (this_html_request = html_request_list; this_html_request != NULL; this_html_request = next_html_request) {
+		next_html_request = this_html_request->next;
+		my_free(this_html_request->option);
+		my_free(this_html_request->value);
+		my_free(this_html_request);
+	}
 
-
-/* free() memory allocated to storing the CGI variables */
-void free_cgivars(char **cgivars) {
-	register int x;
-
-	for (x = 0; cgivars[x] != '\x0'; x++)
-		free(cgivars[x]);
+	html_request_list = NULL;
 
 	return;
 }
Index: icinga-1.13.3/cgi/histogram.c
===================================================================
--- icinga-1.13.3.orig/cgi/histogram.c
+++ icinga-1.13.3/cgi/histogram.c
@@ -128,6 +128,8 @@ typedef struct timeslice_data_struct {
 
 timeslice_data *tsdata;
 
+html_request *html_request_list = NULL;			/**< contains html requested data */
+
 void compute_report_times(void);
 void graph_all_histogram_data(void);
 void add_archived_state(int, time_t);
@@ -135,7 +137,7 @@ void read_archived_state_data(void);
 void draw_line(int, int, int, int, int);
 void draw_dashed_line(int, int, int, int, int);
 
-int process_cgivars(void);
+void process_cgivars(void);
 
 
 time_t t1;
@@ -235,6 +237,7 @@ int main(int argc, char **argv) {
 			document_header(CGI_ID, FALSE, "Error");
 			print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE);
 			document_footer(CGI_ID);
+			free_html_request(html_request_list);
 		}
 		return ERROR;
 	}
@@ -246,6 +249,7 @@ int main(int argc, char **argv) {
 			document_header(CGI_ID, FALSE, "Error");
 			print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE);
 			document_footer(CGI_ID);
+			free_html_request(html_request_list);
 		}
 		return ERROR;
 	}
@@ -257,6 +261,7 @@ int main(int argc, char **argv) {
 			document_header(CGI_ID, FALSE, "Error");
 			print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE);
 			document_footer(CGI_ID);
+			free_html_request(html_request_list);
 		}
 		return ERROR;
 	}
@@ -268,6 +273,7 @@ int main(int argc, char **argv) {
 			document_header(CGI_ID, FALSE, "Error");
 			print_error(NULL, ERROR_CGI_STATUS_DATA, FALSE);
 			document_footer(CGI_ID);
+			free_html_request(html_request_list);
 		}
 		free_memory();
 		return ERROR;
@@ -497,6 +503,7 @@ int main(int argc, char **argv) {
 		}
 
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		free_memory();
 		return ERROR;
 	}
@@ -886,136 +893,114 @@ int main(int argc, char **argv) {
 	document_footer(CGI_ID);
 
 	/* free all other allocated memory */
+	free_html_request(html_request_list);
 	free_memory();
 
 	return OK;
 }
 
-int process_cgivars(void) {
-	char **variables;
+void process_cgivars(void) {
 	char *key = NULL;
 	char *value = NULL;
 	char *temp_buffer = NULL;
-	int error = FALSE;
-	int x;
+	html_request *temp_request_item = NULL;
 
-	variables = getcgivars();
+	html_request_list = getcgivars();
 
-	for (x = 0; variables[x] != NULL; x+=2) {
-		key = variables[x];
-		value = variables[x+1];
-
-		/* do some basic length checking on the variable identifier to prevent buffer overflows */
-		if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-			error = TRUE;
-			break;
-		}
-		/* likewise, check the value for length if it exists */
-		if (key != NULL)
-			if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-				error = TRUE;
-				break;
-		}
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		key = temp_request_item->option;
+		value = temp_request_item->value;
 
 		/* we found the host argument */
-		if (!strcmp(key, "host")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		if (!strcmp(key, "host") && value != NULL) {
 
 			if ((host_name = (char *)strdup(value)) == NULL)
 				host_name = "";
 			strip_html_brackets(host_name);
 
 			display_type = DISPLAY_HOST_HISTOGRAM;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the node width argument */
-		else if (!strcmp(key, "service")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "service") && value != NULL) {
 
 			if ((service_desc = (char *)strdup(value)) == NULL)
 				service_desc = "";
 			strip_html_brackets(service_desc);
 
 			display_type = DISPLAY_SERVICE_HISTOGRAM;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found a combined host/service */
-		else if (!strcmp(key, "hostservice")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "hostservice") && value != NULL) {
 
 			temp_buffer = strtok(value, "^");
 
-			if ((host_name = (char *)strdup(temp_buffer)) == NULL)
-				host_name = "";
-			else
+			if ((host_name = (char *)strdup(temp_buffer)) == NULL) {
+				continue;
+			} else {
 				strip_html_brackets(host_name);
+			}
 
 			temp_buffer = strtok(NULL, "");
 
-			if ((service_desc = (char *)strdup(temp_buffer)) == NULL)
-				service_desc = "";
-			else
+			if ((service_desc = (char *)strdup(temp_buffer)) == NULL) {
+				my_free(host_name);
+				continue;
+			} else {
 				strip_html_brackets(service_desc);
+			}
 
 			display_type = DISPLAY_SERVICE_HISTOGRAM;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found first time argument */
-		else if (!strcmp(key, "t1")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "t1") && value != NULL) {
 
 			t1 = (time_t)strtoul(value, NULL, 10);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found first time argument */
-		else if (!strcmp(key, "t2")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "t2") && value != NULL) {
 
 			t2 = (time_t)strtoul(value, NULL, 10);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the image creation option */
 		else if (!strcmp(key, "createimage")) {
 			content_type = IMAGE_CONTENT;
+
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the backtrack archives argument */
-		else if (!strcmp(key, "backtrack")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "backtrack") && value != NULL) {
 
 			backtrack_archives = atoi(value);
 			if (backtrack_archives < 0)
 				backtrack_archives = 0;
 			if (backtrack_archives > MAX_ARCHIVE_BACKTRACKS)
 				backtrack_archives = MAX_ARCHIVE_BACKTRACKS;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the standard timeperiod argument */
-		else if (!strcmp(key, "timeperiod")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "timeperiod") && value != NULL) {
 
 			if (!strcmp(value, "today"))
 				timeperiod_type = TIMEPERIOD_TODAY;
@@ -1051,14 +1036,12 @@ int process_cgivars(void) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				convert_timeperiod_to_times(timeperiod_type, &t1, &t2);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "smon")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "smon") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1066,14 +1049,12 @@ int process_cgivars(void) {
 			start_month = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "sday")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "sday") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1081,14 +1062,12 @@ int process_cgivars(void) {
 			start_day = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "syear")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "syear") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1096,14 +1075,12 @@ int process_cgivars(void) {
 			start_year = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "smin")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "smin") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1111,14 +1088,12 @@ int process_cgivars(void) {
 			start_minute = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "ssec")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "ssec") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1126,14 +1101,12 @@ int process_cgivars(void) {
 			start_second = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "shour")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "shour") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1141,15 +1114,13 @@ int process_cgivars(void) {
 			start_hour = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 
 		/* we found time argument */
-		else if (!strcmp(key, "emon")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "emon") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1157,14 +1128,12 @@ int process_cgivars(void) {
 			end_month = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "eday")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "eday") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1172,14 +1141,12 @@ int process_cgivars(void) {
 			end_day = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "eyear")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "eyear") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1187,14 +1154,12 @@ int process_cgivars(void) {
 			end_year = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "emin")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "emin") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1202,14 +1167,12 @@ int process_cgivars(void) {
 			end_minute = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "esec")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "esec") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1217,14 +1180,12 @@ int process_cgivars(void) {
 			end_second = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "ehour")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "ehour") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1232,26 +1193,33 @@ int process_cgivars(void) {
 			end_hour = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the embed option */
-		else if (!strcmp(key, "embedded"))
+		else if (!strcmp(key, "embedded")) {
 			embedded = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the noheader option */
-		else if (!strcmp(key, "noheader"))
+		else if (!strcmp(key, "noheader")) {
 			display_header = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "nodaemoncheck"))
+		else if (!strcmp(key, "nodaemoncheck")) {
 			daemon_check = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the input option */
-		else if (!strcmp(key, "input")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "input") && value != NULL) {
 
 			if (!strcmp(value, "gethost"))
 				input_type = GET_INPUT_HOST_TARGET;
@@ -1261,34 +1229,28 @@ int process_cgivars(void) {
 				input_type = GET_INPUT_OPTIONS;
 			else
 				input_type = GET_INPUT_TARGET_TYPE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the graph states option */
-		else if (!strcmp(key, "graphevents")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "graphevents") && value != NULL) {
 
 			graph_events = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the graph state types option */
-		else if (!strcmp(key, "graphstatetypes")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "graphstatetypes") && value != NULL) {
 
 			graph_statetypes = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the breakdown option */
-		else if (!strcmp(key, "breakdown")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "breakdown") && value != NULL) {
 
 			if (!strcmp(value, "monthly"))
 				breakdown_type = BREAKDOWN_MONTHLY;
@@ -1298,54 +1260,45 @@ int process_cgivars(void) {
 				breakdown_type = BREAKDOWN_DAY_OF_WEEK;
 			else
 				breakdown_type = BREAKDOWN_HOURLY;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the assume state retention option */
-		else if (!strcmp(key, "assumestateretention")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "assumestateretention") && value != NULL) {
 
 			if (!strcmp(value, "yes"))
 				assume_state_retention = TRUE;
 			else
 				assume_state_retention = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the initial states logged option */
-		else if (!strcmp(key, "initialstateslogged")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "initialstateslogged") && value != NULL) {
 
 			if (!strcmp(value, "yes"))
 				initial_states_logged = TRUE;
 			else
 				initial_states_logged = FALSE;
 
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the new states only option */
-		else if (!strcmp(key, "newstatesonly")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "newstatesonly") && value != NULL) {
 
 			if (!strcmp(value, "yes"))
 				new_states_only = TRUE;
 			else
 				new_states_only = FALSE;
 
+			temp_request_item->is_valid = TRUE;
 		}
 	}
 
-	/* free memory allocated to the CGI variables */
-	free_cgivars(variables);
-
-	return error;
+	return;
 }
 
 
Index: icinga-1.13.3/cgi/history.c
===================================================================
--- icinga-1.13.3.orig/cgi/history.c
+++ icinga-1.13.3/cgi/history.c
@@ -76,6 +76,8 @@ time_t ts_end = 0L;				/**< end time as
 
 authdata current_authdata;			/**< struct to hold current authentication data */
 
+html_request *html_request_list = NULL;		/**< contains html requested data */
+
 int CGI_ID = HISTORY_CGI_ID;			/**< ID to identify the cgi for functions in cgiutils.c */
 /** @} */
 
@@ -87,13 +89,10 @@ int CGI_ID = HISTORY_CGI_ID;			/**< ID t
 void show_history(void);
 
 /** @brief Parses the requested GET/POST variables
- *  @return wether parsing was successful or not
- *	@retval TRUE
- *	@retval FALSE
  *
  *  @n This function parses the request and set's the necessary variables
 **/
-int process_cgivars(void);
+void process_cgivars(void);
 
 /** @brief Yes we need a main function **/
 int main(void) {
@@ -111,6 +110,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -120,6 +120,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -129,6 +130,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -310,42 +312,26 @@ int main(void) {
 	document_footer(CGI_ID);
 
 	/* free allocated memory */
+	free_html_request(html_request_list);
 	free_memory();
 
 	return OK;
 }
 
-int process_cgivars(void) {
-	char **variables;
+void process_cgivars(void) {
 	char *key = NULL;
 	char *value = NULL;
-	int error = FALSE;
-	int x;
+	html_request *temp_request_item = NULL;
 
-	variables = getcgivars();
+	html_request_list = getcgivars();
 
-	for (x = 0; variables[x] != NULL; x+=2) {
-		key = variables[x];
-		value = variables[x+1];
-
-		/* do some basic length checking on the variable identifier to prevent buffer overflows */
-		if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-			error = TRUE;
-			break;
-		}
-		/* likewise, check the value if it exists */
-		if (value != NULL)
-			if (strlen(value) >= MAX_INPUT_BUFFER - 1) {
-				error = TRUE;
-				break;
-		}
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		key = temp_request_item->option;
+		value = temp_request_item->value;
 
 		/* we found the host argument */
-		if (!strcmp(key, "host")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		if (!strcmp(key, "host") && value != NULL) {
 
 			if ((host_name = (char *)strdup(value)) == NULL)
 				host_name = "";
@@ -357,159 +343,164 @@ int process_cgivars(void) {
 				show_all_hosts = TRUE;
 			else
 				show_all_hosts = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the service argument */
-		else if (!strcmp(key, "service")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "service") && value != NULL) {
 
 			if ((service_desc = (char *)strdup(value)) == NULL)
 				service_desc = "";
 			strip_html_brackets(service_desc);
 
 			display_type = DISPLAY_SERVICES;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the hostgroup argument */
-		else if (!strcmp(key, "hostgroup")) {
+		else if (!strcmp(key, "hostgroup") && value != NULL) {
 			display_type = DISPLAY_HOSTGROUPS;
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+
 			if ((hostgroup_name = strdup(value)) == NULL)
 				hostgroup_name = "";
 			strip_html_brackets(hostgroup_name);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the servicegroup argument */
-		else if (!strcmp(key, "servicegroup")) {
+		else if (!strcmp(key, "servicegroup") && value != NULL) {
 			display_type = DISPLAY_SERVICEGROUPS;
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+
 			if ((servicegroup_name = strdup(value)) == NULL)
 				servicegroup_name = "";
 			strip_html_brackets(servicegroup_name);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the history type argument */
-		else if (!strcmp(key, "type")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "type") && value != NULL) {
 
 			history_options = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the history state type argument */
-		else if (!strcmp(key, "statetype")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "statetype") && value != NULL) {
 
 			state_options = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found first time argument */
-		else if (!strcmp(key, "ts_start")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "ts_start") && value != NULL) {
 
 			ts_start = (time_t)strtoul(value, NULL, 10);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found last time argument */
-		else if (!strcmp(key, "ts_end")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "ts_end") && value != NULL) {
 
 			ts_end = (time_t)strtoul(value, NULL, 10);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the order argument */
-		else if (!strcmp(key, "order")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "order") && value != NULL) {
 
 			if (!strcmp(value, "new2old"))
 				reverse = FALSE;
 			else if (!strcmp(value, "old2new"))
 				reverse = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the embed option */
-		else if (!strcmp(key, "embedded"))
+		else if (!strcmp(key, "embedded")) {
 			embedded = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the noheader option */
-		else if (!strcmp(key, "noheader"))
+		else if (!strcmp(key, "noheader")) {
 			display_header = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "nodaemoncheck"))
+		else if (!strcmp(key, "nodaemoncheck")) {
 			daemon_check = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nofrills option */
-		else if (!strcmp(key, "nofrills"))
+		else if (!strcmp(key, "nofrills")) {
 			display_frills = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the notimebreaks option */
-		else if (!strcmp(key, "notimebreaks"))
+		else if (!strcmp(key, "notimebreaks")) {
 			display_timebreaks = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the no system messages option */
-		else if (!strcmp(key, "nosystem"))
+		else if (!strcmp(key, "nosystem")) {
 			display_system_messages = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the no flapping alerts option */
-		else if (!strcmp(key, "noflapping"))
+		else if (!strcmp(key, "noflapping")) {
 			display_flapping_alerts = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the no downtime alerts option */
-		else if (!strcmp(key, "nodowntime"))
+		else if (!strcmp(key, "nodowntime")) {
 			display_downtime_alerts = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* start num results to skip on displaying statusdata */
-		else if (!strcmp(key, "start")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "start") && value != NULL) {
 
 			result_start = atoi(value);
 
 			if (result_start < 1)
 				result_start = 1;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* amount of results to display */
-		else if (!strcmp(key, "limit")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "limit") && value != NULL) {
 
 			get_result_limit = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 	}
 
-	/* free memory allocated to the CGI variables */
-	free_cgivars(variables);
-
-	return error;
+	return;
 }
 
 void show_history(void) {
Index: icinga-1.13.3/cgi/notifications.c
===================================================================
--- icinga-1.13.3.orig/cgi/notifications.c
+++ icinga-1.13.3/cgi/notifications.c
@@ -75,6 +75,8 @@ time_t ts_end = 0L;				/**< end time as
 
 authdata current_authdata;			/**< struct to hold current authentication data */
 
+html_request *html_request_list = NULL;		/**< contains html requested data */
+
 int CGI_ID = NOTIFICATIONS_CGI_ID;		/**< ID to identify the cgi for functions in cgiutils.c */
 /** @} */
 
@@ -86,13 +88,10 @@ int CGI_ID = NOTIFICATIONS_CGI_ID;		/**<
 void display_notifications(void);
 
 /** @brief Parses the requested GET/POST variables
- *  @return wether parsing was successful or not
- *	@retval TRUE
- *	@retval FALSE
  *
  *  @n This function parses the request and set's the necessary variables
 **/
-int process_cgivars(void);
+void process_cgivars(void);
 
 /** @brief Yes we need a main function **/
 int main(void) {
@@ -111,6 +110,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -120,6 +120,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -129,6 +130,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -348,43 +350,27 @@ int main(void) {
 	document_footer(CGI_ID);
 
 	/* free allocated memory */
+	free_html_request(html_request_list);
 	free_memory();
 
 	return OK;
 }
 
-int process_cgivars(void) {
-	char **variables;
+void process_cgivars(void) {
 	char *key = NULL;
 	char *value = NULL;
-	int error = FALSE;
-	int x;
+	html_request *temp_request_item = NULL;
 
-	variables = getcgivars();
+	html_request_list = getcgivars();
 
-	for (x = 0; variables[x] != NULL; x+=2) {
-		key = variables[x];
-		value = variables[x+1];
-
-		/* do some basic length checking on the variable identifier to prevent buffer overflows */
-		if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-			error = TRUE;
-			break;
-		}
-		/* likewise, check the value if it exists */
-		if (value != NULL)
-			if (strlen(value) >= MAX_INPUT_BUFFER - 1) {
-				error = TRUE;
-				break;
-		}
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		key = temp_request_item->option;
+		value = temp_request_item->value;
 
 		/* we found the host argument */
-		if (!strcmp(key, "host")) {
+		if (!strcmp(key, "host") && value != NULL) {
 			query_type = DISPLAY_HOSTS;
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
 
 			if ((query_host_name = strdup(value)) == NULL)
 				query_host_name = "";
@@ -394,15 +380,13 @@ int process_cgivars(void) {
 				find_all = TRUE;
 			else
 				find_all = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the contact argument */
-		else if (!strcmp(key, "contact")) {
+		else if (!strcmp(key, "contact") && value != NULL) {
 			query_type = DISPLAY_CONTACTS;
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
 
 			if ((query_contact_name = strdup(value)) == NULL)
 				query_contact_name = "";
@@ -412,108 +396,89 @@ int process_cgivars(void) {
 				find_all = TRUE;
 			else
 				find_all = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the service argument */
-		else if (!strcmp(key, "service")) {
+		else if (!strcmp(key, "service") && value != NULL) {
 			query_type = DISPLAY_SERVICES;
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+
 			if ((query_svc_description = strdup(value)) == NULL)
 				query_svc_description = "";
 			strip_html_brackets(query_svc_description);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the hostgroup argument */
-		else if (!strcmp(key, "hostgroup")) {
+		else if (!strcmp(key, "hostgroup") && value != NULL) {
 			query_type = DISPLAY_HOSTGROUPS;
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+
 			if ((query_hostgroup_name = strdup(value)) == NULL)
 				query_hostgroup_name = "";
 			strip_html_brackets(query_hostgroup_name);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the servicegroup argument */
-		else if (!strcmp(key, "servicegroup")) {
+		else if (!strcmp(key, "servicegroup") && value != NULL) {
 			query_type = DISPLAY_SERVICEGROUPS;
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+
 			if ((query_servicegroup_name = strdup(value)) == NULL)
 				query_servicegroup_name = "";
 			strip_html_brackets(query_servicegroup_name);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the notification type argument */
-		else if (!strcmp(key, "type")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "type") && value != NULL) {
 
 			notification_options = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found first time argument */
-		else if (!strcmp(key, "ts_start")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "ts_start") && value != NULL) {
 
 			ts_start = (time_t)strtoul(value, NULL, 10);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found last time argument */
-		else if (!strcmp(key, "ts_end")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "ts_end") && value != NULL) {
 
 			ts_end = (time_t)strtoul(value, NULL, 10);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the start time */
-		else if (!strcmp(key, "start_time")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "start_time") && value != NULL) {
 
-			start_time_string = (char *)malloc(strlen(value) + 1);
-			if (start_time_string == NULL)
+			if ((start_time_string = (char *)strdup(value)) == NULL) {
 				start_time_string = "";
-			else
-				strcpy(start_time_string, value);
+			}
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the end time */
-		else if (!strcmp(key, "end_time")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "end_time") && value != NULL) {
 
-			end_time_string = (char *)malloc(strlen(value) + 1);
-			if (end_time_string == NULL)
+			if ((end_time_string = (char *)strdup(value)) == NULL) {
 				end_time_string = "";
-			else
-				strcpy(end_time_string, value);
+			}
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the standard timeperiod argument */
-		else if (!strcmp(key, "timeperiod")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "timeperiod") && value != NULL) {
 
 			if (!strcmp(value, "today"))
 				timeperiod_type = TIMEPERIOD_TODAY;
@@ -543,66 +508,76 @@ int process_cgivars(void) {
 				continue;
 
 			convert_timeperiod_to_times(timeperiod_type, &ts_start, &ts_end);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the order argument */
-		else if (!strcmp(key, "order")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "order") && value != NULL) {
 
 			if (!strcmp(value, "new2old"))
 				reverse = FALSE;
 			else if (!strcmp(value, "old2new"))
 				reverse = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the CSV output option */
 		else if (!strcmp(key, "csvoutput")) {
 			display_header = FALSE;
 			content_type = CSV_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the JSON output option */
 		else if (!strcmp(key, "jsonoutput")) {
 			display_header = FALSE;
 			content_type = JSON_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the embed option */
-		else if (!strcmp(key, "embedded"))
+		else if (!strcmp(key, "embedded")) {
 			embedded = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the noheader option */
-		else if (!strcmp(key, "noheader"))
+		else if (!strcmp(key, "noheader")) {
 			display_header = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "nodaemoncheck"))
+		else if (!strcmp(key, "nodaemoncheck")) {
 			daemon_check = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* start num results to skip on displaying statusdata */
-		else if (!strcmp(key, "start")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "start") && value != NULL) {
 
 			result_start = atoi(value);
 
 			if (result_start < 1)
 				result_start = 1;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* amount of results to display */
-		else if (!strcmp(key, "limit")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "limit") && value != NULL) {
 
 			get_result_limit = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 	}
 
@@ -622,10 +597,7 @@ int process_cgivars(void) {
 		find_all = TRUE;
 	}
 
-	/* free memory allocated to the CGI variables */
-	free_cgivars(variables);
-
-	return error;
+	return;
 }
 
 void display_notifications(void) {
Index: icinga-1.13.3/cgi/outages.c
===================================================================
--- icinga-1.13.3.orig/cgi/outages.c
+++ icinga-1.13.3/cgi/outages.c
@@ -71,7 +71,7 @@ typedef struct hostoutagesort_struct {
 	struct hostoutagesort_struct *next;
 } hostoutagesort;
 
-int process_cgivars(void);
+void process_cgivars(void);
 
 void display_network_outages(void);
 void find_hosts_causing_outages(void);
@@ -88,6 +88,8 @@ void add_affected_host(char *);
 
 authdata current_authdata;
 
+html_request *html_request_list = NULL;		/**< contains html requested data */
+
 hostoutage *hostoutage_list = NULL;
 hostoutagesort *hostoutagesort_list = NULL;
 hostoutage *currently_checked_host = NULL;
@@ -120,6 +122,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -129,6 +132,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -138,6 +142,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -147,6 +152,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(NULL, ERROR_CGI_STATUS_DATA, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		free_memory();
 		return ERROR;
 	}
@@ -191,80 +197,80 @@ int main(void) {
 	free_comment_data();
 
 	/* free all allocated memory */
+	free_html_request(html_request_list);
 	free_memory();
 
 	return OK;
 }
 
-int process_cgivars(void) {
-	char **variables;
+void process_cgivars(void) {
 	char *key = NULL;
 	char *value = NULL;
-	int error = FALSE;
-	int x;
+	html_request *temp_request_item = NULL;
 
-	variables = getcgivars();
+	html_request_list = getcgivars();
 
-	for (x = 0; variables[x] != NULL; x+=2) {
-		key = variables[x];
-		value = variables[x+1];
-
-		/* do some basic length checking on the variable identifier to prevent buffer overflows */
-		if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-			error = 1;
-			break;
-		}
-		if (value != NULL)
-			if (strlen(value) >= MAX_INPUT_BUFFER - 1) {
-				error = 1;
-				break;
-		}
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		key = temp_request_item->option;
+		value = temp_request_item->value;
 
 		/* we found the service severity divisor option */
-		if (!strcmp(key, "service_divisor")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		if (!strcmp(key, "service_divisor") && value != NULL) {
 
 			service_severity_divisor = atoi(value);
 			if (service_severity_divisor < 1)
 				service_severity_divisor = 1;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the CSV output option */
 		else if (!strcmp(key, "csvoutput")) {
 			display_header = FALSE;
 			content_type = CSV_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		else if (!strcmp(key, "jsonoutput")) {
 			display_header = FALSE;
 			content_type = JSON_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the embed option */
-		else if (!strcmp(key, "embedded"))
+		else if (!strcmp(key, "embedded")) {
 			embedded = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the noheader option */
-		else if (!strcmp(key, "noheader"))
+		else if (!strcmp(key, "noheader")) {
 			display_header = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the pause option */
-		else if (!strcmp(key, "paused"))
+		else if (!strcmp(key, "paused")) {
 			refresh = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "nodaemoncheck"))
+		else if (!strcmp(key, "nodaemoncheck")) {
 			daemon_check = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 	}
 
-	/* free memory allocated to the CGI variables */
-	free_cgivars(variables);
-
-	return error;
+	return;
 }
 
 /* shows all hosts that are causing network outages */
Index: icinga-1.13.3/cgi/showlog.c
===================================================================
--- icinga-1.13.3.orig/cgi/showlog.c
+++ icinga-1.13.3/cgi/showlog.c
@@ -85,17 +85,16 @@ time_t ts_end = 0L;				/**< end time as
 
 authdata current_authdata;			/**< struct to hold current authentication data */
 
+html_request *html_request_list = NULL;		/**< contains html requested data */
+
 int CGI_ID = SHOWLOG_CGI_ID;			/**< ID to identify the cgi for functions in cgiutils.c */
 /** @} */
 
 /** @brief Parses the requested GET/POST variables
- *  @return wether parsing was successful or not
- *	@retval TRUE
- *	@retval FALSE
  *
  *  @n This function parses the request and set's the necessary variables
 **/
-int process_cgivars(void);
+void process_cgivars(void);
 
 /** @brief displays the requested log entries
  *
@@ -126,6 +125,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -135,6 +135,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -144,6 +145,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -224,102 +226,73 @@ int main(void) {
 
 	/* free allocated memory */
 	free_memory();
+	free_html_request(html_request_list);
 
 	return OK;
 }
 
-int process_cgivars(void) {
-	char **variables;
+void process_cgivars(void) {
 	char *key = NULL;
 	char *value = NULL;
-	int error = FALSE;
-	int x;
+	html_request *temp_request_item = NULL;
 
-	variables = getcgivars();
+	html_request_list = getcgivars();
 
-	for (x = 0; variables[x] != NULL; x+=2) {
-		key = variables[x];
-		value = variables[x+1];
-
-		/* do some basic length checking on the variable identifier to prevent buffer overflows */
-		if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-			error = TRUE;
-			break;
-		}
-		if (value != NULL)
-			if (strlen(value) >= MAX_INPUT_BUFFER - 1) {
-				error = TRUE;
-				break;
-		}
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		key = temp_request_item->option;
+		value = temp_request_item->value;
 
 		/* found query string */
-		if (!strcmp(key, "query_string")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		if (!strcmp(key, "query_string") && value != NULL) {
 
 			query_string = strdup(value);
 			strip_html_brackets(query_string);
 
 			if (strlen(query_string) == 0)
 				my_free(query_string);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found first time argument */
-		else if (!strcmp(key, "ts_start")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "ts_start") && value != NULL) {
 
 			ts_start = (time_t)strtoul(value, NULL, 10);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found last time argument */
-		else if (!strcmp(key, "ts_end")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "ts_end") && value != NULL) {
 
 			ts_end = (time_t)strtoul(value, NULL, 10);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the start time */
-		else if (!strcmp(key, "start_time")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "start_time") && value != NULL) {
 
-			start_time_string = (char *)malloc(strlen(value) + 1);
-			if (start_time_string == NULL)
+			if ((start_time_string = (char *)strdup(value)) == NULL) {
 				start_time_string = "";
-			else
-				strcpy(start_time_string, value);
+			}
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the end time */
-		else if (!strcmp(key, "end_time")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "end_time") && value != NULL) {
 
-			end_time_string = (char *)malloc(strlen(value) + 1);
-			if (end_time_string == NULL)
+			if ((end_time_string = (char *)strdup(value)) == NULL) {
 				end_time_string = "";
-			else
-				strcpy(end_time_string, value);
+			}
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the standard timeperiod argument */
-		else if (!strcmp(key, "timeperiod")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "timeperiod") && value != NULL) {
 
 			if (!strcmp(value, "today"))
 				timeperiod_type = TIMEPERIOD_TODAY;
@@ -349,186 +322,174 @@ int process_cgivars(void) {
 				continue;
 
 			convert_timeperiod_to_times(timeperiod_type, &ts_start, &ts_end);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the order argument */
-		else if (!strcmp(key, "order")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "order") && value != NULL) {
 
 			if (!strcmp(value, "new2old"))
 				reverse = FALSE;
 			else if (!strcmp(value, "old2new"))
 				reverse = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* show filter */
-		else if (!strcmp(key, "display_filter")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "display_filter") && value != NULL) {
 
 			if (!strcmp(value, "true"))
 				display_filter = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* notification filter */
-		else if (!strcmp(key, "noti")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "noti") && value != NULL) {
 
 			if (!strcmp(value, "off"))
 				show_notifications = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* host status filter */
-		else if (!strcmp(key, "hst")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "hst") && value != NULL) {
 
 			if (!strcmp(value, "off"))
 				show_host_status = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* service status filter */
-		else if (!strcmp(key, "sst")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "sst") && value != NULL) {
 
 			if (!strcmp(value, "off"))
 				show_service_status = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* external commands filter */
-		else if (!strcmp(key, "cmd")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "cmd") && value != NULL) {
 
 			if (!strcmp(value, "off"))
 				show_external_commands = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* system messages filter */
-		else if (!strcmp(key, "sms")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "sms") && value != NULL) {
 
 			if (!strcmp(value, "off"))
 				show_system_messages = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* event handler filter */
-		else if (!strcmp(key, "evh")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "evh") && value != NULL) {
 
 			if (!strcmp(value, "off"))
 				show_event_handler = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* flapping filter */
-		else if (!strcmp(key, "flp")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "flp") && value != NULL) {
 
 			if (!strcmp(value, "off"))
 				show_flapping = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* downtime filter */
-		else if (!strcmp(key, "dwn")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "dwn") && value != NULL) {
 
 			if (!strcmp(value, "off"))
 				show_downtime = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the CSV output option */
 		else if (!strcmp(key, "csvoutput")) {
 			display_header = FALSE;
 			content_type = CSV_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the CSV output option */
 		else if (!strcmp(key, "jsonoutput")) {
 			display_header = FALSE;
 			content_type = JSON_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the embed option */
-		else if (!strcmp(key, "embedded"))
+		else if (!strcmp(key, "embedded")) {
 			embedded = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the noheader option */
-		else if (!strcmp(key, "noheader"))
+		else if (!strcmp(key, "noheader")) {
 			display_header = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nofrills option */
-		else if (!strcmp(key, "nofrills"))
+		else if (!strcmp(key, "nofrills")) {
 			display_frills = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the notimebreaks option */
-		else if (!strcmp(key, "notimebreaks"))
+		else if (!strcmp(key, "notimebreaks")) {
 			display_timebreaks = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "nodaemoncheck"))
+		else if (!strcmp(key, "nodaemoncheck")) {
 			daemon_check = FALSE;
-
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* start num results to skip on displaying statusdata */
-		else if (!strcmp(key, "start")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "start") && value != NULL) {
 
 			result_start = atoi(value);
 
 			if (result_start < 1)
 				result_start = 1;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* amount of results to display */
-		else if (!strcmp(key, "limit")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "limit") && value != NULL) {
 
 			get_result_limit = atoi(value);
-		}
-
-		/* we received an invalid argument */
-		else
-			error = TRUE;
 
+			temp_request_item->is_valid = TRUE;
+		}
 	}
 
-	/* free memory allocated to the CGI variables */
-	free_cgivars(variables);
-
-	return error;
+	return;
 }
 
 void display_logentries() {
Index: icinga-1.13.3/cgi/status.c
===================================================================
--- icinga-1.13.3.orig/cgi/status.c
+++ icinga-1.13.3/cgi/status.c
@@ -290,6 +290,8 @@ time_t current_time;					/**< current ti
 
 authdata current_authdata;				/**< struct to hold current authentication data */
 
+html_request *html_request_list = NULL;			/**< contains html requested data */
+
 struct namedlist req_hosts[NUM_NAMED_ENTRIES];		/**< initialze list of requested hosts */
 struct namedlist req_hostgroups[NUM_NAMED_ENTRIES];	/**< initialze list of requested hostgroups */
 struct namedlist req_servicegroups[NUM_NAMED_ENTRIES];	/**< initialze list of requested servicegroups */
@@ -564,13 +566,10 @@ void show_filters(void);
 
 
 /** @brief Parses the requested GET/POST variables
- *  @retval TRUE
- *  @retval FALSE
- *  @return wether parsing was successful or not
  *
  *  @n This function parses the request and set's the necessary variables
 **/
-int process_cgivars(void);
+void process_cgivars(void);
 
 
 /** @brief print's the table header for differnt styles
@@ -635,6 +634,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -644,6 +644,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -653,6 +654,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -662,6 +664,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(NULL, ERROR_CGI_STATUS_DATA, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		free_memory();
 		return ERROR;
 	}
@@ -1657,6 +1660,7 @@ int main(void) {
 	document_footer(CGI_ID);
 
 	/* free all allocated memory */
+	free_html_request(html_request_list);
 	free_memory();
 	free_comment_data();
 
@@ -1683,66 +1687,47 @@ int main(void) {
 	return OK;
 }
 
-int process_cgivars(void) {
-	char **variables;
+void process_cgivars(void) {
 	char *temp_buffer = NULL;
 	char *key = NULL;
 	char *value = NULL;
-	int error = FALSE;
-	int x;
+	html_request *temp_request_item = NULL;
 
-	variables = getcgivars();
+	html_request_list = getcgivars();
 
-	for (x = 0; variables[x] != NULL; x+=2) {
-		key = variables[x];
-		value = variables[x+1];
-
-		/* do some basic length checking on the variable identifier to prevent buffer overflows */
-		if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-			error = TRUE;
-			break;
-		}
-		/* likewise, check the value if it exists (NULL is valid if it does not) */
-		if (value != NULL)
-			if (strlen(value) >= MAX_INPUT_BUFFER - 1) {
-				error = TRUE;
-				break;
-		}
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		key = temp_request_item->option;
+		value = temp_request_item->value;
 
 		/* we found the search_string argument */
-		if (!strcmp(key, "search_string")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		if (!strcmp(key, "search_string") && value != NULL) {
 
 			group_style_type = STYLE_HOST_SERVICE_DETAIL;
 			search_string = strdup(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the servicefilter argument */
-		else if (!strcmp(key, "servicefilter")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "servicefilter") && value != NULL) {
 
 			service_filter = (char *)strdup(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the navbar search argument */
 		/* kept for backwards compatibility */
-		else if (!strcmp(key, "navbarsearch")) {
+		else if (!strcmp(key, "navbarsearch") && value != NULL) {
 			navbar_search = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the hostgroup argument */
-		else if (!strcmp(key, "hostgroup")) {
+		else if (!strcmp(key, "hostgroup") && value != NULL) {
 			display_type = DISPLAY_HOSTGROUPS;
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
 
 			temp_buffer = (char *)strdup(value);
 			strip_html_brackets(temp_buffer);
@@ -1751,15 +1736,13 @@ int process_cgivars(void) {
 				req_hostgroups[num_req_hostgroups++].entry = strdup(temp_buffer);
 
 			my_free(temp_buffer);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the servicegroup argument */
-		else if (!strcmp(key, "servicegroup")) {
+		else if (!strcmp(key, "servicegroup") && value != NULL) {
 			display_type = DISPLAY_SERVICEGROUPS;
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
 
 			temp_buffer = strdup(value);
 			strip_html_brackets(temp_buffer);
@@ -1768,15 +1751,13 @@ int process_cgivars(void) {
 				req_servicegroups[num_req_servicegroups++].entry = strdup(temp_buffer);
 
 			my_free(temp_buffer);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the host argument */
-		else if (!strcmp(key, "host")) {
+		else if (!strcmp(key, "host") && value != NULL) {
 			display_type = DISPLAY_HOSTS;
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
 
 			temp_buffer = strdup(value);
 			strip_html_brackets(temp_buffer);
@@ -1785,66 +1766,54 @@ int process_cgivars(void) {
 				req_hosts[num_req_hosts++].entry = strdup(temp_buffer);
 
 			my_free(temp_buffer);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the columns argument */
-		else if (!strcmp(key, "columns")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "columns") && value != NULL) {
 
 			overview_columns = atoi(value);
 			if (overview_columns <= 0)
 				overview_columns = 1;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the service status type argument */
-		else if (!strcmp(key, "servicestatustypes")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "servicestatustypes") && value != NULL) {
 
 			service_status_types = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the host status type argument */
-		else if (!strcmp(key, "hoststatustypes")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "hoststatustypes") && value != NULL) {
 
 			host_status_types = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the service properties argument */
-		else if (!strcmp(key, "serviceprops")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "serviceprops") && value != NULL) {
 
 			service_properties = strtoul(value, NULL, 10);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the host properties argument */
-		else if (!strcmp(key, "hostprops")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "hostprops") && value != NULL) {
 
 			host_properties = strtoul(value, NULL, 10);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the host or service group style argument */
-		else if (!strcmp(key, "style")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "style") && value != NULL) {
 
 			if (!strcmp(value, "overview"))
 				group_style_type = STYLE_OVERVIEW;
@@ -1860,36 +1829,30 @@ int process_cgivars(void) {
 				group_style_type = STYLE_HOST_SERVICE_DETAIL;
 			else
 				group_style_type = STYLE_SERVICE_DETAIL;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the sort type argument */
-		else if (!strcmp(key, "sorttype")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "sorttype") && value != NULL) {
 
 			sort_type = atoi(value);
 			user_sorted_manually = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the sort option argument */
-		else if (!strcmp(key, "sortoption")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "sortoption") && value != NULL) {
 
 			sort_option = atoi(value);
 			user_sorted_manually = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the sort object argument */
-		else if (!strcmp(key, "sortobject")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "sortobject") && value != NULL) {
 
 			if (!strcmp(value, "hosts"))
 				sort_object = HOST_STATUS;
@@ -1897,30 +1860,45 @@ int process_cgivars(void) {
 				sort_object = SERVICE_STATUS;
 
 			user_sorted_manually = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the embed option */
-		else if (!strcmp(key, "embedded"))
+		else if (!strcmp(key, "embedded")) {
 			embedded = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the noheader option */
-		else if (!strcmp(key, "noheader"))
+		else if (!strcmp(key, "noheader")) {
 			display_header = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nostatusheader option */
-		else if (!strcmp(key, "nostatusheader"))
+		else if (!strcmp(key, "nostatusheader")) {
 			nostatusheader_option = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the CSV output option */
 		else if (!strcmp(key, "csvoutput")) {
 			display_header = FALSE;
 			content_type = CSV_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the JSON output option */
 		else if (!strcmp(key, "jsonoutput")) {
 			display_header = FALSE;
 			content_type = JSON_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the pause option */
@@ -1928,45 +1906,55 @@ int process_cgivars(void) {
 			return_live_search_data = TRUE;
 			display_header = FALSE;
 			content_type = JSON_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the pause option */
-		else if (!strcmp(key, "paused"))
+		else if (!strcmp(key, "paused")) {
 			refresh = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "nodaemoncheck"))
+		else if (!strcmp(key, "nodaemoncheck")) {
 			daemon_check = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "allunhandledproblems"))
+		else if (!strcmp(key, "allunhandledproblems")) {
 			display_all_unhandled_problems = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "allproblems"))
+		else if (!strcmp(key, "allproblems")) {
 			display_all_problems = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* start num results to skip on displaying statusdata */
-		else if (!strcmp(key, "start")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "start") && value != NULL) {
 
 			result_start = atoi(value);
 
 			if (result_start < 1)
 				result_start = 1;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* amount of results to display */
-		else if (!strcmp(key, "limit")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "limit") && value != NULL) {
 
 			get_result_limit = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 	}
@@ -1975,10 +1963,7 @@ int process_cgivars(void) {
 	req_servicegroups[num_req_servicegroups].entry = NULL;
 	req_hosts[num_req_hosts].entry = NULL;
 
-	/* free memory allocated to the CGI variables */
-	free_cgivars(variables);
-
-	return error;
+	return;
 }
 
 
@@ -7231,8 +7216,7 @@ void print_displayed_names(int style) {
 
 void status_page_num_selector(int local_result_start, int status_type) {
 	char link[MAX_INPUT_BUFFER] = "";
-	char stripped_query_string[MAX_INPUT_BUFFER] = "";
-	char *temp_buffer;
+	char temp_buffer[MAX_INPUT_BUFFER] = "";
 	int total_pages = 1;
 	int current_page = 1;
 //	int next_page = 0;
@@ -7240,34 +7224,30 @@ void status_page_num_selector(int local_
 	int display_total = 0;
 	int display_from = 0;
 	int display_to = 0;
+	html_request *temp_request_item = NULL;
 
 	/* define base url */
-	strcat(link, STATUS_CGI);
+	strncat(link, STATUS_CGI, sizeof(link));
+	link[sizeof(link) - 1] = '\x0';
 
-	/* get url options but filter out "limit" and "status" */
-	if (getenv("QUERY_STRING") != NULL && strcmp(getenv("QUERY_STRING"), "")) {
-		if(strlen(getenv("QUERY_STRING")) > MAX_INPUT_BUFFER - 1) {
-			write_to_cgi_log("status_page_num_selector(): Query string exceeds max length. Returning without displaying page num selector.\n");
-			return;
-		}
-		strcpy(stripped_query_string, getenv("QUERY_STRING"));
-		strip_html_brackets(stripped_query_string);
-
-		/* check if concatenated strings exceed MAX_INPUT_BUFFER */
-		if (strlen(link) + strlen(stripped_query_string) + 1 > MAX_INPUT_BUFFER - 1) {
-			write_to_cgi_log("status_page_num_selector(): Full query string exceeds max length. Returning without displaying page num selector.\n");
-			return;
-		}
-
-		for (temp_buffer = my_strtok(stripped_query_string, "&"); temp_buffer != NULL; temp_buffer = my_strtok(NULL, "&")) {
-			if (strncmp(temp_buffer, "limit=", 6) != 0 && strncmp(temp_buffer, "start=", 6) != 0) {
-				if (strstr(link, "?"))
-					strcat(link, "&");
-				else
-					strcat(link, "?");
-				strcat(link, temp_buffer);
-			}
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		if (temp_request_item->is_valid == FALSE || temp_request_item->option == NULL) {
+			continue;
+		}
+
+		/* filter out "limit" and "start" */
+		if (!strcmp(temp_request_item->option, "limit") || !strcmp(temp_request_item->option, "start")) {
+			continue;
+		}
+
+		strncpy(temp_buffer, link, sizeof(temp_buffer));
+		if (temp_request_item->value != NULL) {
+			snprintf(link, sizeof(link) - 1, "%s%s%s=%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&amp;" : "?", url_encode(temp_request_item->option), url_encode(temp_request_item->value));
+		} else {
+			snprintf(link, sizeof(link) - 1, "%s%s%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&amp;" : "?", url_encode(temp_request_item->option));
 		}
+		link[sizeof(link) - 1] = '\x0';
 	}
 
 	/* calculate pages */
Index: icinga-1.13.3/cgi/statusmap.c
===================================================================
--- icinga-1.13.3.orig/cgi/statusmap.c
+++ icinga-1.13.3/cgi/statusmap.c
@@ -91,7 +91,7 @@ typedef struct layer_struct {
 	struct layer_struct *next;
 } layer;
 
-int process_cgivars(void);
+void process_cgivars(void);
 
 void display_page_header(void);
 void display_map(void);
@@ -142,6 +142,8 @@ char physical_logo_images_path[MAX_FILEN
 
 authdata current_authdata;
 
+html_request *html_request_list = NULL;			/**< contains html requested data */
+
 extern int content_type;
 
 gdImagePtr unknown_logo_image = NULL;
@@ -256,6 +258,7 @@ int main(int argc, char **argv) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -265,6 +268,7 @@ int main(int argc, char **argv) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -274,6 +278,7 @@ int main(int argc, char **argv) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(NULL, ERROR_CGI_STATUS_DATA, FALSE);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		free_memory();
 		return ERROR;
 	}
@@ -293,43 +298,27 @@ int main(int argc, char **argv) {
 	document_footer(CGI_ID);
 
 	/* free all allocated memory */
+	free_html_request(html_request_list);
 	free_memory();
 	free_layer_list();
 
 	return OK;
 }
 
-int process_cgivars(void) {
-	char **variables;
+void process_cgivars(void) {
 	char *key = NULL;
 	char *value = NULL;
-	int error = FALSE;
-	int x;
+	html_request *temp_request_item = NULL;
 
-	variables = getcgivars();
+	html_request_list = getcgivars();
 
-	for (x = 0; variables[x] != NULL; x+=2) {
-		key = variables[x];
-		value = variables[x+1];
-
-		/* do some basic length checking on the variable identifier to prevent buffer overflows */
-		if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-			error = TRUE;
-			break;
-		}
-		/* likewise, check the value if it exists */
-		if (value != NULL)
-			if (strlen(value) >= MAX_INPUT_BUFFER - 1) {
-				error = TRUE;
-				break;
-		}
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		key = temp_request_item->option;
+		value = temp_request_item->value;
 
 		/* we found the host argument */
-		if (!strcmp(key, "host")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		if (!strcmp(key, "host") && value != NULL) {
 
 			if ((host_name = (char *)strdup(value)) == NULL)
 				host_name = "all";
@@ -340,160 +329,174 @@ int process_cgivars(void) {
 				show_all_hosts = TRUE;
 			else
 				show_all_hosts = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the image creation option */
 		else if (!strcmp(key, "createimage")) {
 			content_type = IMAGE_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the embed option */
-		else if (!strcmp(key, "embedded"))
+		else if (!strcmp(key, "embedded")) {
 			embedded = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the noheader option */
-		else if (!strcmp(key, "noheader"))
+		else if (!strcmp(key, "noheader")) {
 			display_header = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the canvas origin */
-		else if (!strcmp(key, "canvas_x")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "canvas_x") && value != NULL) {
+
 			canvas_x = atoi(value);
 			user_supplied_canvas = TRUE;
-		} else if (!strcmp(key, "canvas_y")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+
+			temp_request_item->is_valid = TRUE;
+
+		} else if (!strcmp(key, "canvas_y") && value != NULL) {
+
 			canvas_y = atoi(value);
 			user_supplied_canvas = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the canvas size */
-		else if (!strcmp(key, "canvas_width")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "canvas_width") && value != NULL) {
+
 			canvas_width = atoi(value);
 			user_supplied_canvas = TRUE;
-		} else if (!strcmp(key, "canvas_height")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+
+			temp_request_item->is_valid = TRUE;
+
+		} else if (!strcmp(key, "canvas_height") && value != NULL) {
+
 			canvas_height = atoi(value);
 			user_supplied_canvas = TRUE;
-		} else if (!strcmp(key, "proximity_width")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+
+			temp_request_item->is_valid = TRUE;
+
+		} else if (!strcmp(key, "proximity_width") && value != NULL) {
+
 			proximity_width = atoi(value);
 			if (proximity_width < 0)
 				proximity_width = DEFAULT_PROXIMITY_WIDTH;
-		} else if (!strcmp(key, "proximity_height")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+
+			temp_request_item->is_valid = TRUE;
+		} else if (!strcmp(key, "proximity_height") && value != NULL) {
+
 			proximity_height = atoi(value);
 			if (proximity_height < 0)
 				proximity_height = DEFAULT_PROXIMITY_HEIGHT;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the scaling factor */
-		else if (!strcmp(key, "scaling_factor")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "scaling_factor") && value != NULL) {
+
 			user_scaling_factor = strtod(value, NULL);
 			if (user_scaling_factor > 0.0)
 				user_supplied_scaling = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the max image size */
-		else if (!strcmp(key, "max_width")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "max_width") && value != NULL) {
+
 			max_image_width = atoi(value);
-		} else if (!strcmp(key, "max_height")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+
+			temp_request_item->is_valid = TRUE;
+
+		} else if (!strcmp(key, "max_height") && value != NULL) {
+
 			max_image_height = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the layout method option */
-		else if (!strcmp(key, "layout")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "layout") && value != NULL) {
+
 			layout_method = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the no links argument*/
-		else if (!strcmp(key, "nolinks"))
+		else if (!strcmp(key, "nolinks")) {
 			use_links = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the no text argument*/
-		else if (!strcmp(key, "notext"))
+		else if (!strcmp(key, "notext")) {
 			use_text = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the no highlights argument*/
-		else if (!strcmp(key, "nohighlights"))
+		else if (!strcmp(key, "nohighlights")) {
 			use_highlights = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the no popups argument*/
-		else if (!strcmp(key, "nopopups"))
+		else if (!strcmp(key, "nopopups")) {
 			display_popups = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the layer inclusion/exclusion argument */
-		else if (!strcmp(key, "layermode")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "layermode") && value != NULL) {
 
 			if (!strcmp(value, "include"))
 				exclude_layers = FALSE;
 			else
 				exclude_layers = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the layer argument */
-		else if (!strcmp(key, "layer")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "layer") && value != NULL) {
 
 			strip_html_brackets(value);
 			add_layer(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the pause option */
-		else if (!strcmp(key, "paused"))
+		else if (!strcmp(key, "paused")) {
 			refresh = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "nodaemoncheck"))
+		else if (!strcmp(key, "nodaemoncheck")) {
 			daemon_check = FALSE;
-
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 	}
 
-	/* free memory allocated to the CGI variables */
-	free_cgivars(variables);
-
-	return error;
+	return;
 }
 
 
Index: icinga-1.13.3/cgi/summary.c
===================================================================
--- icinga-1.13.3.orig/cgi/summary.c
+++ icinga-1.13.3/cgi/summary.c
@@ -110,13 +110,15 @@ void display_recent_alerts(void);
 void display_top_alerts(void);
 void display_alerts(void);
 
-int process_cgivars(void);
+void process_cgivars(void);
 
 archived_event *event_list = NULL;
 alert_producer *producer_list = NULL;
 
 authdata current_authdata;
 
+html_request *html_request_list = NULL;			/**< contains html requested data */
+
 time_t t1;
 time_t t2;
 
@@ -609,6 +611,7 @@ int main(int argc, char **argv) {
 	document_footer(CGI_ID);
 
 	/* free all other allocated memory */
+	free_html_request(html_request_list);
 	free_memory();
 	free_event_list();
 	free_producer_list();
@@ -616,61 +619,40 @@ int main(int argc, char **argv) {
 	return OK;
 }
 
-int process_cgivars(void) {
-	char **variables;
+void process_cgivars(void) {
 	char *key = NULL;
 	char *value = NULL;
-	int error = FALSE;
-	int x;
+	html_request *temp_request_item = NULL;
 
-	variables = getcgivars();
+	html_request_list = getcgivars();
 
-	for (x = 0; variables[x] != NULL; x+=2) {
-		key = variables[x];
-		value = variables[x+1];
-
-		/* do some basic length checking on the variable identifier to prevent buffer overflows */
-		if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-			error = TRUE;
-			break;
-		}
-		/* likewise, check the value if it exists */
-		if (value != NULL)
-			if (strlen(value) >= MAX_INPUT_BUFFER - 1) {
-				error = TRUE;
-				break;
-		}
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		key = temp_request_item->option;
+		value = temp_request_item->value;
 
 		/* we found first time argument */
-		if (!strcmp(key, "t1")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		if (!strcmp(key, "t1") && value != NULL) {
 
 			t1 = (time_t)strtoul(value, NULL, 10);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found first time argument */
-		else if (!strcmp(key, "t2")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "t2") && value != NULL) {
 
 			t2 = (time_t)strtoul(value, NULL, 10);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the standard timeperiod argument */
-		else if (!strcmp(key, "timeperiod")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "timeperiod") && value != NULL) {
 
 			if (!strcmp(value, "today"))
 				timeperiod_type = TIMEPERIOD_TODAY;
@@ -705,38 +687,49 @@ int process_cgivars(void) {
 
 			convert_timeperiod_to_times(timeperiod_type, &t1, &t2);
 			compute_time_from_parts = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the CSV output option */
 		else if (!strcmp(key, "csvoutput")) {
 			display_header = FALSE;
 			content_type = CSV_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the JSON output option */
 		else if (!strcmp(key, "jsonoutput")) {
 			display_header = FALSE;
 			content_type = JSON_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the embed option */
-		else if (!strcmp(key, "embedded"))
+		else if (!strcmp(key, "embedded")) {
 			embedded = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the noheader option */
-		else if (!strcmp(key, "noheader"))
+		else if (!strcmp(key, "noheader")) {
 			display_header = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "nodaemoncheck"))
+		else if (!strcmp(key, "nodaemoncheck")) {
 			daemon_check = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "smon")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "smon") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -744,14 +737,12 @@ int process_cgivars(void) {
 			start_month = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "sday")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "sday") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -759,14 +750,12 @@ int process_cgivars(void) {
 			start_day = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "syear")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "syear") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -774,14 +763,12 @@ int process_cgivars(void) {
 			start_year = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "smin")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "smin") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -789,14 +776,12 @@ int process_cgivars(void) {
 			start_minute = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "ssec")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "ssec") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -804,14 +789,12 @@ int process_cgivars(void) {
 			start_second = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "shour")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "shour") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -819,15 +802,13 @@ int process_cgivars(void) {
 			start_hour = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 
 		/* we found time argument */
-		else if (!strcmp(key, "emon")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "emon") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -835,14 +816,12 @@ int process_cgivars(void) {
 			end_month = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "eday")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "eday") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -850,14 +829,12 @@ int process_cgivars(void) {
 			end_day = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "eyear")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "eyear") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -865,14 +842,12 @@ int process_cgivars(void) {
 			end_year = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "emin")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "emin") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -880,14 +855,12 @@ int process_cgivars(void) {
 			end_minute = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "esec")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "esec") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -895,14 +868,12 @@ int process_cgivars(void) {
 			end_second = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "ehour")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "ehour") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -910,95 +881,77 @@ int process_cgivars(void) {
 			end_hour = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the item limit argument */
-		else if (!strcmp(key, "limit")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "limit") && value != NULL) {
 
 			item_limit = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the state types argument */
-		else if (!strcmp(key, "statetypes")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "statetypes") && value != NULL) {
 
 			state_types = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the alert types argument */
-		else if (!strcmp(key, "alerttypes")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "alerttypes") && value != NULL) {
 
 			alert_types = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the host states argument */
-		else if (!strcmp(key, "hoststates")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "hoststates") && value != NULL) {
 
 			host_states = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the service states argument */
-		else if (!strcmp(key, "servicestates")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "servicestates") && value != NULL) {
 
 			service_states = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the generate report argument */
-		else if (!strcmp(key, "report")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "report") && value != NULL) {
 
 			generate_report = (atoi(value) > 0) ? TRUE : FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 
 		/* we found the display type argument */
-		else if (!strcmp(key, "displaytype")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "displaytype") && value != NULL) {
 
 			display_type = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the standard report argument */
-		else if (!strcmp(key, "standardreport")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "standardreport") && value != NULL) {
 
 			standard_report = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the hostgroup argument */
-		else if (!strcmp(key, "hostgroup")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "hostgroup") && value != NULL) {
 
 			if ((target_hostgroup_name = (char *)strdup(value)) == NULL)
 				target_hostgroup_name = "";
@@ -1010,14 +963,12 @@ int process_cgivars(void) {
 				show_all_hostgroups = FALSE;
 				target_hostgroup = find_hostgroup(target_hostgroup_name);
 			}
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the servicegroup argument */
-		else if (!strcmp(key, "servicegroup")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "servicegroup") && value != NULL) {
 
 			if ((target_servicegroup_name = (char *)strdup(value)) == NULL)
 				target_servicegroup_name = "";
@@ -1029,14 +980,12 @@ int process_cgivars(void) {
 				show_all_servicegroups = FALSE;
 				target_servicegroup = find_servicegroup(target_servicegroup_name);
 			}
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the host argument */
-		else if (!strcmp(key, "host")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "host") && value != NULL) {
 
 			if ((target_host_name = (char *)strdup(value)) == NULL)
 				target_host_name = "";
@@ -1048,13 +997,12 @@ int process_cgivars(void) {
 				show_all_hosts = FALSE;
 				target_host = find_host(target_host_name);
 			}
+
+			temp_request_item->is_valid = TRUE;
 		}
 	}
 
-	/* free memory allocated to the CGI variables */
-	free_cgivars(variables);
-
-	return error;
+	return;
 }
 
 /* reads log files for archived event data */
Index: icinga-1.13.3/cgi/tac.c
===================================================================
--- icinga-1.13.3.orig/cgi/tac.c
+++ icinga-1.13.3/cgi/tac.c
@@ -97,6 +97,9 @@ typedef struct hostoutage_struct {
 hostoutage *hostoutage_list = NULL;				/**< list of all host outage elements */
 
 authdata current_authdata;					/**< struct to hold current authentication data */
+
+html_request *html_request_list = NULL;				/**< contains html requested data */
+
 int CGI_ID = TAC_CGI_ID;					/**< ID to identify the cgi for functions in cgiutils.c */
 
 /** @name outages counters
@@ -345,13 +348,10 @@ int services_critical_disabled_unacknowl
 
 
 /** @brief Parses the requested GET/POST variables
- *  @retval TRUE
- *  @retval FALSE
- *  @return wether parsing was successful or not
  *
  *  @n This function parses the request and set's the necessary variables
 **/
-int process_cgivars(void);
+void process_cgivars(void);
 
 
 /** @brief fills all the counters
@@ -432,6 +432,7 @@ int main(void) {
 	if (result == ERROR) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, tac_header);
+		free_html_request(html_request_list);
 		document_footer(CGI_ID);
 		return ERROR;
 	}
@@ -446,6 +447,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(main_config_file, ERROR_CGI_MAIN_CFG, tac_header);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -459,6 +461,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(NULL, ERROR_CGI_OBJECT_DATA, tac_header);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -472,6 +475,7 @@ int main(void) {
 		document_header(CGI_ID, FALSE, "Error");
 		print_error(NULL, ERROR_CGI_STATUS_DATA, tac_header);
 		document_footer(CGI_ID);
+		free_html_request(html_request_list);
 		free_memory();
 		return ERROR;
 	}
@@ -540,6 +544,7 @@ int main(void) {
 	free_hostoutage_list();
 
 	/* free allocated memory */
+	free_html_request(html_request_list);
 	free_memory();
 
 #ifdef DEBUG
@@ -557,69 +562,61 @@ int main(void) {
 	return OK;
 }
 
-int process_cgivars(void) {
-	char **variables;
+void process_cgivars(void) {
 	char *key = NULL;
-	char *value = NULL;
-	int error = FALSE;
-	int x;
-
-	variables = getcgivars();
-
-	for (x = 0; variables[x] != NULL; x+=2) {
-		key = variables[x];
-		value = variables[x+1];
-
-		/* do some basic length checking on the variable identifier to prevent buffer overflows */
-		if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-			error = TRUE;
-			break;
-		}
-		/* likewise, check the value if it exists */
-		if (value != NULL) {
-			if (strlen(value) >= MAX_INPUT_BUFFER - 1) {
-				error = TRUE;
-				break;
-			}
-		}
+	html_request *temp_request_item = NULL;
 
+	html_request_list = getcgivars();
+
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		key = temp_request_item->option;
 
 		/* we found the embed option */
-		if (!strcmp(key, "embedded"))
+		if (!strcmp(key, "embedded")) {
 			embedded = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the noheader option */
-		else if (!strcmp(key, "noheader"))
+		else if (!strcmp(key, "noheader")) {
 			display_header = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the pause option */
-		else if (!strcmp(key, "paused"))
+		else if (!strcmp(key, "paused")) {
 			refresh = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "nodaemoncheck"))
+		else if (!strcmp(key, "nodaemoncheck")) {
 			daemon_check = FALSE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the tac_header option */
-		else if (!strcmp(key, "tac_header"))
+		else if (!strcmp(key, "tac_header")) {
 			tac_header = TRUE;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
 		/* we found the JSON output option */
 		else if (!strcmp(key, "jsonoutput")) {
 			display_header = FALSE;
 			content_type = JSON_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
-
-		/* we received an invalid argument */
-		else
-			error = TRUE;
-
 	}
 
-	/* free memory allocated to the CGI variables */
-	free_cgivars(variables);
-
-	return error;
+	return;
 }
 
 void analyze_status_data(void) {
Index: icinga-1.13.3/cgi/trends.c
===================================================================
--- icinga-1.13.3.orig/cgi/trends.c
+++ icinga-1.13.3/cgi/trends.c
@@ -86,6 +86,8 @@ extern skiplist *object_skiplists[NUM_OB
 
 authdata current_authdata;
 
+html_request *html_request_list = NULL;			/**< contains html requested data */
+
 typedef struct archived_state_struct {
 	time_t  time_stamp;
 	int     entry_type;
@@ -151,7 +153,7 @@ void scan_log_file_for_archived_state_da
 void compute_report_times(void);
 void get_time_breakdown_string(unsigned long, unsigned long, char *, char *buffer, int);
 
-int process_cgivars(void);
+void process_cgivars(void);
 
 gdImagePtr trends_image = 0;
 int color_white = 0;
@@ -305,6 +307,7 @@ int main(int argc, char **argv) {
 			document_header(CGI_ID, FALSE, "Error");
 			print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE);
 			document_footer(CGI_ID);
+			free_html_request(html_request_list);
 		}
 		return ERROR;
 	}
@@ -316,6 +319,7 @@ int main(int argc, char **argv) {
 			document_header(CGI_ID, FALSE, "Error");
 			print_error(NULL, ERROR_CGI_STATUS_DATA, FALSE);
 			document_footer(CGI_ID);
+			free_html_request(html_request_list);
 		}
 		return ERROR;
 	}
@@ -617,6 +621,7 @@ int main(int argc, char **argv) {
 
 		document_footer(CGI_ID);
 		free_memory();
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 #endif
@@ -626,6 +631,7 @@ int main(int argc, char **argv) {
 
 		document_footer(CGI_ID);
 		free_memory();
+		free_html_request(html_request_list);
 		return ERROR;
 	}
 
@@ -1101,220 +1107,183 @@ int main(int argc, char **argv) {
 	free_archived_state_list();
 
 	/* free all other allocated memory */
+	free_html_request(html_request_list);
 	free_memory();
 
 	return OK;
 }
 
-int process_cgivars(void) {
-	char **variables;
+void process_cgivars(void) {
 	char *key = NULL;
 	char *value = NULL;
 	char *temp_buffer = NULL;
-	int error = FALSE;
-	int x;
+	html_request *temp_request_item = NULL;
 
-	variables = getcgivars();
+	html_request_list = getcgivars();
 
-	for (x = 0; variables[x] != NULL; x+=2) {
-		key = variables[x];
-		value = variables[x+1];
-
-		/* do some basic length checking on the variable identifier to prevent buffer overflows */
-		if (strlen(key) >= MAX_INPUT_BUFFER - 1) {
-			error = TRUE;
-			break;
-		}
-		/* likewise check the value if it exists */
-		if (value != NULL)
-			if (strlen(value) >= MAX_INPUT_BUFFER - 1) {
-				error = TRUE;
-				break;
-		}
+	for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) {
+
+		key = temp_request_item->option;
+		value = temp_request_item->value;
 
 		/* we found the host argument */
-		if (!strcmp(key, "host")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		if (!strcmp(key, "host") && value != NULL) {
 
 			if ((host_name = (char *)strdup(value)) == NULL)
 				host_name = "";
 			strip_html_brackets(host_name);
 
 			display_type = DISPLAY_HOST_TRENDS;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the node width argument */
-		else if (!strcmp(key, "service")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "service") && value != NULL) {
 
 			if ((service_desc = (char *)strdup(value)) == NULL)
 				service_desc = "";
 			strip_html_brackets(service_desc);
 
 			display_type = DISPLAY_SERVICE_TRENDS;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found a combined host/service */
-		else if (!strcmp(key, "hostservice")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "hostservice") && value != NULL) {
 
 			temp_buffer = strtok(value, "^");
 
-			if ((host_name = (char *)strdup(temp_buffer)) == NULL)
-				host_name = "";
-			else
+			if ((host_name = (char *)strdup(temp_buffer)) == NULL) {
+				continue;
+			} else {
 				strip_html_brackets(host_name);
+			}
 
 			temp_buffer = strtok(NULL, "");
 
-			if ((service_desc = (char *)strdup(temp_buffer)) == NULL)
-				service_desc = "";
-			else
+			if ((service_desc = (char *)strdup(temp_buffer)) == NULL) {
+				my_free(host_name);
+				continue;
+			} else {
 				strip_html_brackets(service_desc);
+			}
 
 			display_type = DISPLAY_SERVICE_TRENDS;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found first time argument */
-		else if (!strcmp(key, "t1")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "t1") && value != NULL) {
 
 			t1 = (time_t)strtoul(value, NULL, 10);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found first time argument */
-		else if (!strcmp(key, "t2")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "t2") && value != NULL) {
 
 			t2 = (time_t)strtoul(value, NULL, 10);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the image creation option */
 		else if (!strcmp(key, "createimage")) {
 			content_type = IMAGE_CONTENT;
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the assume initial states option */
-		else if (!strcmp(key, "assumeinitialstates")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "assumeinitialstates") && value != NULL) {
 
 			if (!strcmp(value, "yes"))
 				assume_initial_states = TRUE;
 			else
 				assume_initial_states = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the initial assumed host state option */
-		else if (!strcmp(key, "initialassumedhoststate")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "initialassumedhoststate") && value != NULL) {
 
 			initial_assumed_host_state = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the initial assumed service state option */
-		else if (!strcmp(key, "initialassumedservicestate")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "initialassumedservicestate") && value != NULL) {
 
 			initial_assumed_service_state = atoi(value);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the assume state during program not running option */
-		else if (!strcmp(key, "assumestatesduringnotrunning")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "assumestatesduringnotrunning") && value != NULL) {
 
 			if (!strcmp(value, "yes"))
 				assume_states_during_notrunning = TRUE;
 			else
 				assume_states_during_notrunning = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the assume state retention option */
-		else if (!strcmp(key, "assumestateretention")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "assumestateretention") && value != NULL) {
 
 			if (!strcmp(value, "yes"))
 				assume_state_retention = TRUE;
 			else
 				assume_state_retention = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the include soft states option */
-		else if (!strcmp(key, "includesoftstates")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "includesoftstates") && value != NULL) {
 
 			if (!strcmp(value, "yes"))
 				include_soft_states = TRUE;
 			else
 				include_soft_states = FALSE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the zoom factor argument */
-		else if (!strcmp(key, "zoom")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "zoom") && value != NULL) {
 
 			zoom_factor = atoi(value);
 			if (zoom_factor == 0)
 				zoom_factor = 1;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the backtrack archives argument */
-		else if (!strcmp(key, "backtrack")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "backtrack") && value != NULL) {
 
 			backtrack_archives = atoi(value);
 			if (backtrack_archives < 0)
 				backtrack_archives = 0;
 			if (backtrack_archives > MAX_ARCHIVE_BACKTRACKS)
 				backtrack_archives = MAX_ARCHIVE_BACKTRACKS;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the standard timeperiod argument */
-		else if (!strcmp(key, "timeperiod")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "timeperiod") && value != NULL) {
 
 			if (!strcmp(value, "today"))
 				timeperiod_type = TIMEPERIOD_TODAY;
@@ -1350,14 +1319,12 @@ int process_cgivars(void) {
 				continue;
 
 			convert_timeperiod_to_times(timeperiod_type, &t1, &t2);
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "smon")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "smon") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1365,14 +1332,12 @@ int process_cgivars(void) {
 			start_month = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "sday")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "sday") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1380,14 +1345,12 @@ int process_cgivars(void) {
 			start_day = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "syear")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "syear") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1395,14 +1358,12 @@ int process_cgivars(void) {
 			start_year = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "smin")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "smin") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1410,14 +1371,12 @@ int process_cgivars(void) {
 			start_minute = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "ssec")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "ssec") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1425,14 +1384,12 @@ int process_cgivars(void) {
 			start_second = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "shour")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "shour") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1440,15 +1397,13 @@ int process_cgivars(void) {
 			start_hour = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 
 		/* we found time argument */
-		else if (!strcmp(key, "emon")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "emon") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1456,14 +1411,12 @@ int process_cgivars(void) {
 			end_month = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "eday")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "eday") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1471,14 +1424,12 @@ int process_cgivars(void) {
 			end_day = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "eyear")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "eyear") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1486,14 +1437,12 @@ int process_cgivars(void) {
 			end_year = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "emin")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "emin") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1501,14 +1450,12 @@ int process_cgivars(void) {
 			end_minute = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "esec")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "esec") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1516,14 +1463,12 @@ int process_cgivars(void) {
 			end_second = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found time argument */
-		else if (!strcmp(key, "ehour")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "ehour") && value != NULL) {
 
 			if (timeperiod_type != TIMEPERIOD_CUSTOM)
 				continue;
@@ -1531,32 +1476,45 @@ int process_cgivars(void) {
 			end_hour = atoi(value);
 			timeperiod_type = TIMEPERIOD_CUSTOM;
 			compute_time_from_parts = TRUE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the embed option */
-		else if (!strcmp(key, "embedded"))
+		else if (!strcmp(key, "embedded")) {
 			embedded = TRUE;
 
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
+
 		/* we found the noheader option */
-		else if (!strcmp(key, "noheader"))
+		else if (!strcmp(key, "noheader")) {
 			display_header = FALSE;
 
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
+
 		/* we found the nopopups option */
-		else if (!strcmp(key, "nopopups"))
+		else if (!strcmp(key, "nopopups")) {
 			display_popups = FALSE;
 
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
+
 		/* we found the nomap option */
 		else if (!strcmp(key, "nomap")) {
 			display_popups = FALSE;
 			use_map = FALSE;
+
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
 		}
 
 		/* we found the input option */
-		else if (!strcmp(key, "input")) {
-			if (value == NULL) {
-				error = TRUE;
-				break;
-			}
+		else if (!strcmp(key, "input") && value != NULL) {
 
 			if (!strcmp(value, "gethost"))
 				input_type = GET_INPUT_HOST_TARGET;
@@ -1566,25 +1524,36 @@ int process_cgivars(void) {
 				input_type = GET_INPUT_OPTIONS;
 			else
 				input_type = GET_INPUT_TARGET_TYPE;
+
+			temp_request_item->is_valid = TRUE;
 		}
 
 		/* we found the small image option */
-		else if (!strcmp(key, "smallimage"))
+		else if (!strcmp(key, "smallimage")) {
 			small_image = TRUE;
 
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
+
 		/* we found the nodaemoncheck option */
-		else if (!strcmp(key, "nodaemoncheck"))
+		else if (!strcmp(key, "nodaemoncheck")) {
 			daemon_check = FALSE;
 
-		else if (!strcmp(key, "ignorerestart"))
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
+
+		else if (!strcmp(key, "ignorerestart")) {
 			ignore_daemon_restart = TRUE;
 
-	}
+			temp_request_item->is_valid = TRUE;
+			my_free(temp_request_item->value);
+		}
 
-	/* free memory allocated to the CGI variables */
-	free_cgivars(variables);
+	}
 
-	return error;
+	return;
 }
openSUSE Build Service is sponsored by