File ganglia-monitor-core-2.5.7_r1959.patch of Package ganglia-monitor-core
Index: gmetad/server.c
===================================================================
--- gmetad/server.c.orig 2009-05-13 18:13:12.000000000 +0200
+++ gmetad/server.c 2009-05-13 18:13:34.986084223 +0200
@@ -3,6 +3,7 @@
#include <time.h>
#include <ganglia/llist.h>
#include <ganglia/my_inet_ntop.h>
+#include <stdlib.h>
#include <stdarg.h>
#include "dtd.h"
#include "gmetad.h"
@@ -335,14 +336,13 @@ tree_report(datum_t *key, datum_t *val,
/* sacerdoti: This function does a tree walk while respecting the filter path.
* Will return valid XML even if we have chosen a subtree. Since tree depth is
- * bounded, this function guarantees O(1) search time. The recursive structure
- * does not require any memory allocations.
+ * bounded, this function guarantees O(1) search time.
*/
static int
process_path (client_t *client, char *path, datum_t *myroot, datum_t *key)
{
char *p, *q, *pathend;
- char element[256];
+ char *element;
int rc, len;
datum_t *found;
datum_t findkey;
@@ -384,6 +384,10 @@ process_path (client_t *client, char *pa
if (!q) q=pathend;
len = q-p;
+ element = malloc(len + 1);
+ if ( element == NULL )
+ return 1;
+
strncpy(element, p, len);
element[len] = '\0';
@@ -403,8 +407,10 @@ process_path (client_t *client, char *pa
}
else
{
+ /* element not found */
rc = process_path(client, 0, myroot, NULL);
}
+ free(element);
}
if (rc) return 1;
@@ -502,7 +508,7 @@ server_thread (void *arg)
int len;
client_t client;
char remote_ip[16];
- char request[REQUESTLEN];
+ char request[REQUESTLEN + 1];
llist_entry *le;
datum_t rootdatum;
@@ -565,8 +571,8 @@ server_thread (void *arg)
if (process_request(&client, request))
{
err_msg("Got a malformed path request from %s", remote_ip);
- /* Send them the entire tree to discourage attacks. */
- strcpy(request, "/");
+ close(client.fd);
+ continue;
}
}
else