[Pkg-nagios-devel] Bug#982847: Acknowledgement (monitoring-plugins-standard: check_pgsql check of database name is too strict)

[Florian Lohoff]

On Mon, Feb 15, 2021 at 10:27:04AM +0000, Debian Bug Tracking System wrote:
> 982847: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982847
> Debian Bug Tracking System
> Contact owner at bugs.debian.org with problems

Hi,
as strcpy may overflow the resulting buffer:

flo at p5:~$ /tmp/f/usr/lib/nagios/plugins/check_pgsql -d "$(seq 1 10000)"
*** buffer overflow detected ***: terminated
Aborted


I would propose to change the code rather like this, using snprintf
which honors the buffers size and guarantees null termination.


@@ -344,11 +343,7 @@ process_arguments (int argc, char **argv)
                                pgport = optarg;
                        break;
                case 'd':     /* database name */
-                       if (!is_pg_dbname (optarg)) /* checks length and valid chars */
-                               usage2 (_("Database name is not valid"), optarg);
-                       else /* we know length, and know optarg is terminated, so us strcpy */
-                               strcpy (dbName, optarg);
-                       break;
+                       snprintf(dbName, NAMEDATALEN, "%s", optarg);
                case 'l':     /* login name */
                        if (!is_pg_logname (optarg))
                                usage2 (_("User name is not valid"), optarg);



-- 
Florian Lohoff                                                     f at zz.de
"Autoritaetsduselei ist der groesste Feind der Wahrheit" - Albert Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-nagios-devel/attachments/20210215/3d4d7ae7/attachment.sig>