check_snmp: Fix potential buffer overflow - enforce MAX_OIDS limit (John A. Barbuto)

author Thomas Guyot-Sionnest <dermoth@aei.ca>

Wed, 18 Mar 2009 07:47:23 +0000 (03:47 -0400)

committer Thomas Guyot-Sionnest <dermoth@aei.ca>

Wed, 18 Mar 2009 07:47:23 +0000 (03:47 -0400)
author Thomas Guyot-Sionnest <dermoth@aei.ca>
Wed, 18 Mar 2009 07:47:23 +0000 (03:47 -0400)
committer Thomas Guyot-Sionnest <dermoth@aei.ca>
Wed, 18 Mar 2009 07:47:23 +0000 (03:47 -0400)
diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c

index 3dc52dffa7e7bc8a855f70099e0b2df40e85448e..41a5ea1a61e1440ffc25c50d24cec378fea1e0f2 100644 (file)
--- a/plugins/check_snmp.c
+++ b/plugins/check_snmp.c
@@ -527,9 +527,8 @@ process_arguments (int argc, char **argv)
                                         needmibs = TRUE;
                         }
                         oids = calloc(MAX_OIDS, sizeof (char *));
-                       for (ptr = strtok(optarg, ", "); ptr != NULL; ptr = strtok(NULL, ", ")) {
+                       for (ptr = strtok(optarg, ", "); ptr != NULL && j < MAX_OIDS; ptr = strtok(NULL, ", "), j++) {
                                 oids[j] = strdup(ptr);
-                               j++;
                         }
                         numoids = j;
                         if (c == 'E' || c == 'e') {
author	Thomas Guyot-Sionnest <dermoth@aei.ca>
	Wed, 18 Mar 2009 07:47:23 +0000 (03:47 -0400)
committer	Thomas Guyot-Sionnest <dermoth@aei.ca>
	Wed, 18 Mar 2009 07:47:23 +0000 (03:47 -0400)