Sophie: nagios-1:3.3.1-2.2.mga2 src

nagios-3.3.1-2.2.mga2.src.rpm

diff -Naur --ignore-all-space nagios/cgi/history.c nagios-CVE-2012-6096/cgi/history.c
--- nagios/cgi/history.c	2011-07-26 02:16:13.000000000 +0200
+++ nagios-CVE-2012-6096/cgi/history.c	2013-01-29 21:01:16.332104728 +0100
@@ -805,16 +805,22 @@
 			else if(display_type == DISPLAY_HOSTS) {
 
 				if(history_type == HOST_HISTORY || history_type == SERVICE_HISTORY) {
-					sprintf(match1, " HOST ALERT: %s;", host_name);
-					sprintf(match2, " SERVICE ALERT: %s;", host_name);
+					snprintf(match1, sizeof( match1), 
+							" HOST ALERT: %s;", host_name);
+					snprintf(match2, sizeof( match2), 
+							" SERVICE ALERT: %s;", host_name);
 					}
 				else if(history_type == HOST_FLAPPING_HISTORY || history_type == SERVICE_FLAPPING_HISTORY) {
-					sprintf(match1, " HOST FLAPPING ALERT: %s;", host_name);
-					sprintf(match2, " SERVICE FLAPPING ALERT: %s;", host_name);
+					snprintf(match1, sizeof( match1), 
+							" HOST FLAPPING ALERT: %s;", host_name);
+					snprintf(match2, sizeof( match2), 
+							" SERVICE FLAPPING ALERT: %s;", host_name);
 					}
 				else if(history_type == HOST_DOWNTIME_HISTORY || history_type == SERVICE_DOWNTIME_HISTORY) {
-					sprintf(match1, " HOST DOWNTIME ALERT: %s;", host_name);
-					sprintf(match2, " SERVICE DOWNTIME ALERT: %s;", host_name);
+					snprintf(match1, sizeof( match1), 
+							" HOST DOWNTIME ALERT: %s;", host_name);
+					snprintf(match2, sizeof( match2), 
+							" SERVICE DOWNTIME ALERT: %s;", host_name);
 					}
 
 				if(show_all_hosts == TRUE)
@@ -853,11 +859,11 @@
 			else if(display_type == DISPLAY_SERVICES) {
 
 				if(history_type == SERVICE_HISTORY)
-					sprintf(match1, " SERVICE ALERT: %s;%s;", host_name, svc_description);
+					snprintf(match1, sizeof( match1), " SERVICE ALERT: %s;%s;", host_name, svc_description);
 				else if(history_type == SERVICE_FLAPPING_HISTORY)
-					sprintf(match1, " SERVICE FLAPPING ALERT: %s;%s;", host_name, svc_description);
+					snprintf(match1, sizeof( match1), " SERVICE FLAPPING ALERT: %s;%s;", host_name, svc_description);
 				else if(history_type == SERVICE_DOWNTIME_HISTORY)
-					sprintf(match1, " SERVICE DOWNTIME ALERT: %s;%s;", host_name, svc_description);
+					snprintf(match1, sizeof( match1), " SERVICE DOWNTIME ALERT: %s;%s;", host_name, svc_description);
 
 				if(strstr(temp_buffer, match1) && (history_type == SERVICE_HISTORY || history_type == SERVICE_FLAPPING_HISTORY || history_type == SERVICE_DOWNTIME_HISTORY))
 					display_line = TRUE;