From bc5591c27f011b587d0816e737f5bc57621d18c0 Mon Sep 17 00:00:00 2001 From: Ezra Peisach Date: Tue, 19 Jun 2007 08:05:47 +0200 Subject: [PATCH] csv, rrdtool plugin: Initialize a buffer correctly. While reading the source code, I found the following: In csv.c (line 44) and rrdtool.c (line 363) (value_list_to_string) the following syntax exists: memset (buffer, '\0', sizeof (buffer_len)); The sizeof should be removed - assuming that the desire is to zero the buffer and not the first four (sizeof(int)) bytes. Based on the code paths - I do not see an information leak - or any security implications... --- ChangeLog | 2 ++ src/csv.c | 2 +- src/rrdtool.c | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 748daebd..b6eed3d5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,8 @@ 2007-06-18, Version 4.0.3 * cpu plugin: Fix the Darwin / Mac OS X code. * ping plugin: Use the return value of `getpid', not its address. + * csv, rrdtool plugin: Fixed a bug that prevented an buffer to be + initialized correctly. 2007-06-12, Version 4.0.2 * hddtemp and ntpd plugin: Corrected the parsing of port numbers when diff --git a/src/csv.c b/src/csv.c index fcd707eb..192cf52e 100644 --- a/src/csv.c +++ b/src/csv.c @@ -41,7 +41,7 @@ static int value_list_to_string (char *buffer, int buffer_len, int status; int i; - memset (buffer, '\0', sizeof (buffer_len)); + memset (buffer, '\0', buffer_len); status = snprintf (buffer, buffer_len, "%u", (unsigned int) vl->time); if ((status < 1) || (status >= buffer_len)) diff --git a/src/rrdtool.c b/src/rrdtool.c index ea962905..d20a8142 100644 --- a/src/rrdtool.c +++ b/src/rrdtool.c @@ -361,7 +361,7 @@ static int value_list_to_string (char *buffer, int buffer_len, int status; int i; - memset (buffer, '\0', sizeof (buffer_len)); + memset (buffer, '\0', buffer_len); status = snprintf (buffer, buffer_len, "%u", (unsigned int) vl->time); if ((status < 1) || (status >= buffer_len)) -- 2.11.0