aboutsummaryrefslogtreecommitdiffstats
path: root/main/nagios/CVE-2012-6096.patch
blob: 1ce1790babd23d80f46a345709eb535e0d25f884 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
diff --git a/cgi/history.c b/cgi/history.c
index 23c1146..9e018db 100644
--- a/cgi/history.c
+++ b/cgi/history.c
@@ -805,16 +805,16 @@ void get_history(void){
 			else if(display_type==DISPLAY_HOSTS){
 
 				if(history_type==HOST_HISTORY || history_type==SERVICE_HISTORY){
-					sprintf(match1," HOST ALERT: %s;",host_name);
-					sprintf(match2," SERVICE ALERT: %s;",host_name);
+					snprintf(match1, sizeof(match1), " HOST ALERT: %s;",host_name);
+					snprintf(match2, sizeof(match2), " SERVICE ALERT: %s;",host_name);
 				        }
 				else if(history_type==HOST_FLAPPING_HISTORY || history_type==SERVICE_FLAPPING_HISTORY){
-					sprintf(match1," HOST FLAPPING ALERT: %s;",host_name);
-					sprintf(match2," SERVICE FLAPPING ALERT: %s;",host_name);
+					snprintf(match1, sizeof(match1), " HOST FLAPPING ALERT: %s;",host_name);
+					snprintf(match2, sizeof(match2), " SERVICE FLAPPING ALERT: %s;",host_name);
 				        }
 				else if(history_type==HOST_DOWNTIME_HISTORY || history_type==SERVICE_DOWNTIME_HISTORY){
-					sprintf(match1," HOST DOWNTIME ALERT: %s;",host_name);
-					sprintf(match2," SERVICE DOWNTIME ALERT: %s;",host_name);
+					snprintf(match1, sizeof(match1), " HOST DOWNTIME ALERT: %s;",host_name);
+					snprintf(match2, sizeof(match2), " SERVICE DOWNTIME ALERT: %s;",host_name);
 				        }
 
 				if(show_all_hosts==TRUE)
@@ -853,11 +853,11 @@ void get_history(void){
 			else if(display_type==DISPLAY_SERVICES){
 
 				if(history_type==SERVICE_HISTORY)
-					sprintf(match1," SERVICE ALERT: %s;%s;",host_name,svc_description);
+					snprintf(match1, sizeof(match1), " SERVICE ALERT: %s;%s;",host_name,svc_description);
 				else if(history_type==SERVICE_FLAPPING_HISTORY)
-					sprintf(match1," SERVICE FLAPPING ALERT: %s;%s;",host_name,svc_description);
+					snprintf(match1, sizeof(match1), " SERVICE FLAPPING ALERT: %s;%s;",host_name,svc_description);
 				else if(history_type==SERVICE_DOWNTIME_HISTORY)
-					sprintf(match1," SERVICE DOWNTIME ALERT: %s;%s;",host_name,svc_description);
+					snprintf(match1, sizeof(match1), " SERVICE DOWNTIME ALERT: %s;%s;",host_name,svc_description);
 
 				if(strstr(temp_buffer,match1) && (history_type==SERVICE_HISTORY || history_type==SERVICE_FLAPPING_HISTORY || history_type==SERVICE_DOWNTIME_HISTORY))
 					display_line=TRUE;