File ganglia-monitor-core-2.5.7_strncat_usage.patch of Package ganglia-monitor-core
ERROR: Program might be overflowing a buffer in strncat. Common mistake:
ERROR: BAD: strncat(buffer,charptr,sizeof(buffer)) is wrong, it takes the left over size as 3rd argument
ERROR: GOOD: strncat(buffer,charptr,sizeof(buffer)-strlen(buffer)-1)
ERROR: Please investigate and fix.
Problematic file(s) and their linenumbers:
rrd_helpers.c: 154, 160, 170
Index: gmetad/rrd_helpers.c
===================================================================
--- gmetad/rrd_helpers.c.orig 2003-05-30 00:13:17.000000000 +0200
+++ gmetad/rrd_helpers.c 2007-01-23 20:42:49.554521416 +0100
@@ -150,25 +150,25 @@ write_data_to_rrd ( const char *source,
strcpy(rrd, gmetad_config.rrd_rootdir);
if (source) {
- strncat(rrd, "/", PATHSIZE);
- strncat(rrd, source, PATHSIZE);
+ strncat(rrd, "/", (sizeof(rrd) - strlen(rrd) -1));
+ strncat(rrd, source, (sizeof(rrd) - strlen(rrd) -1));
my_mkdir( rrd );
}
if (host) {
- strncat(rrd, "/", PATHSIZE);
- strncat(rrd, host, PATHSIZE);
+ strncat(rrd, "/", (sizeof(rrd) - strlen(rrd) -1));
+ strncat(rrd, host, (sizeof(rrd) - strlen(rrd) -1));
my_mkdir( rrd );
}
else {
- strncat(rrd, "/", PATHSIZE);
- strncat(rrd, summary_dir, PATHSIZE);
+ strncat(rrd, "/", (sizeof(rrd) - strlen(rrd) -1));
+ strncat(rrd, summary_dir, (sizeof(rrd) - strlen(rrd) -1));
my_mkdir( rrd );
}
- strncat(rrd, "/", PATHSIZE);
- strncat(rrd, metric, PATHSIZE);
- strncat(rrd, ".rrd", PATHSIZE);
+ strncat(rrd, "/", (sizeof(rrd) - strlen(rrd) -1));
+ strncat(rrd, metric, (sizeof(rrd) - strlen(rrd) -1));
+ strncat(rrd, ".rrd", (sizeof(rrd) - strlen(rrd) -1));
return push_data_to_rrd( rrd, sum, num, step, process_time );