From: Ezra Peisach Date: Tue, 19 Jun 2007 06:05:47 +0000 (+0200) Subject: csv, rrdtool plugin: Initialize a buffer correctly. X-Git-Tag: collectd-4.0.3~4 X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=bc5591c27f011b587d0816e737f5bc57621d18c0;p=collectd.git csv, rrdtool plugin: Initialize a buffer correctly. While reading the source code, I found the following: In csv.c (line 44) and rrdtool.c (line 363) (value_list_to_string) the following syntax exists: memset (buffer, '\0', sizeof (buffer_len)); The sizeof should be removed - assuming that the desire is to zero the buffer and not the first four (sizeof(int)) bytes. Based on the code paths - I do not see an information leak - or any security implications... --- diff --git a/ChangeLog b/ChangeLog index 748daebd..b6eed3d5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,8 @@ 2007-06-18, Version 4.0.3 * cpu plugin: Fix the Darwin / Mac OS X code. * ping plugin: Use the return value of `getpid', not its address. + * csv, rrdtool plugin: Fixed a bug that prevented an buffer to be + initialized correctly. 2007-06-12, Version 4.0.2 * hddtemp and ntpd plugin: Corrected the parsing of port numbers when diff --git a/src/csv.c b/src/csv.c index fcd707eb..192cf52e 100644 --- a/src/csv.c +++ b/src/csv.c @@ -41,7 +41,7 @@ static int value_list_to_string (char *buffer, int buffer_len, int status; int i; - memset (buffer, '\0', sizeof (buffer_len)); + memset (buffer, '\0', buffer_len); status = snprintf (buffer, buffer_len, "%u", (unsigned int) vl->time); if ((status < 1) || (status >= buffer_len)) diff --git a/src/rrdtool.c b/src/rrdtool.c index ea962905..d20a8142 100644 --- a/src/rrdtool.c +++ b/src/rrdtool.c @@ -361,7 +361,7 @@ static int value_list_to_string (char *buffer, int buffer_len, int status; int i; - memset (buffer, '\0', sizeof (buffer_len)); + memset (buffer, '\0', buffer_len); status = snprintf (buffer, buffer_len, "%u", (unsigned int) vl->time); if ((status < 1) || (status >= buffer_len))