[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [xymon] RE: bb-rep.sh & bb-snapshot.sh

To: xymon (at) xymon.com
Subject: Re: [xymon] RE: bb-rep.sh & bb-snapshot.sh
From: Henrik "StÃ¸rner" <henrik (at) hswn.dk>
Date: Thu, 27 Jan 2011 21:22:05 +0000 (UTC)
Newsgroups: lists.hobbit
Organization: Linux Users Inc.
References: <649179590B7FBC46B67B68E6F2BCBEC705E8ABB7 (at) EX01.service.utwente.nl>
User-agent: nn/6.7.3

In <649179590B7FBC46B67B68E6F2BCBEC705E8ABB7 (at) EX01.service.utwente.nl> <R.Biesbroek (at) icts.utwente.nl> writes:

>In the source code of report.c and snapshot.c (in the map ./web) there
>is a declaration in the main function: "char htmldelim[20];". In the
>same main function we can find: " sprintf(htmldelim, "xymonrep-%u-%u",
>(int)getpid(), (unsigned int)getcurrenttime(NULL));"

>Because the size of "char htmldelim[20];" is not sufficient enough
>(requires around 25 or so) this process will crash. 

Thank You! Very nice catch - good to have this done before the
4.3.0 release.

There is also a potential crash that can be induced by feeding the
report CGI a long "style" setting. I've fixed that as well in a
commit just now.


Regards,
Henrik

References:
- RE: bb-rep.sh & bb-snapshot.sh
  - From: R.Biesbroek

Prev by Date: Availability Report
Next by Date: Re: [xymon] Problem with DISK IGNORE
Previous by thread: RE: bb-rep.sh & bb-snapshot.sh
Next by thread: Availability Report
Index(es):
- Date
- Thread