ALT Linux repos
Group :: Monitoring
RPM: nagios
Main Changelog Spec Patches Sources Download Gear Bugs and FR Repocop
Patch: nagios-3.0.6-CVE-2014-1878.patch
Download
Download
diff --git a/nagios/cgi/cmd.c b/nagios/cgi/cmd.c
index c9a6996..0941a75 100644
--- a/nagios/cgi/cmd.c
+++ b/nagios/cgi/cmd.c
@@ -1902,14 +1902,16 @@ static int cmd_submitf(int id, const char *fmt, ...)
return ERROR;
len = snprintf(cmd, sizeof(cmd) - 1, "[%lu] %s;", time(NULL), command);
- if (len < 0)
+ if (len < 0 || len >= sizeof(cmd))
return ERROR;
- va_start(ap, fmt);
- len2 = vsnprintf(&cmd[len], sizeof(cmd) - len - 1, fmt, ap);
- va_end(ap);
- if (len2 < 0)
- return ERROR;
+ if (fmt) {
+ va_start(ap, fmt);
+ len2 = vsnprintf(&cmd[len], sizeof(cmd) - len - 1, fmt, ap);
+ va_end(ap);
+ if (len2 < 0 || len2 >= sizeof(cmd))
+ return ERROR;
+ }
return write_command_to_file(cmd);
}