diff -Naur --ignore-all-space nagios/cgi/history.c nagios-CVE-2012-6096/cgi/history.c --- nagios/cgi/history.c 2011-07-26 02:16:13.000000000 +0200 +++ nagios-CVE-2012-6096/cgi/history.c 2013-01-29 21:01:16.332104728 +0100 @@ -805,16 +805,22 @@ else if(display_type == DISPLAY_HOSTS) { if(history_type == HOST_HISTORY || history_type == SERVICE_HISTORY) { - sprintf(match1, " HOST ALERT: %s;", host_name); - sprintf(match2, " SERVICE ALERT: %s;", host_name); + snprintf(match1, sizeof( match1), + " HOST ALERT: %s;", host_name); + snprintf(match2, sizeof( match2), + " SERVICE ALERT: %s;", host_name); } else if(history_type == HOST_FLAPPING_HISTORY || history_type == SERVICE_FLAPPING_HISTORY) { - sprintf(match1, " HOST FLAPPING ALERT: %s;", host_name); - sprintf(match2, " SERVICE FLAPPING ALERT: %s;", host_name); + snprintf(match1, sizeof( match1), + " HOST FLAPPING ALERT: %s;", host_name); + snprintf(match2, sizeof( match2), + " SERVICE FLAPPING ALERT: %s;", host_name); } else if(history_type == HOST_DOWNTIME_HISTORY || history_type == SERVICE_DOWNTIME_HISTORY) { - sprintf(match1, " HOST DOWNTIME ALERT: %s;", host_name); - sprintf(match2, " SERVICE DOWNTIME ALERT: %s;", host_name); + snprintf(match1, sizeof( match1), + " HOST DOWNTIME ALERT: %s;", host_name); + snprintf(match2, sizeof( match2), + " SERVICE DOWNTIME ALERT: %s;", host_name); } if(show_all_hosts == TRUE) @@ -853,11 +859,11 @@ else if(display_type == DISPLAY_SERVICES) { if(history_type == SERVICE_HISTORY) - sprintf(match1, " SERVICE ALERT: %s;%s;", host_name, svc_description); + snprintf(match1, sizeof( match1), " SERVICE ALERT: %s;%s;", host_name, svc_description); else if(history_type == SERVICE_FLAPPING_HISTORY) - sprintf(match1, " SERVICE FLAPPING ALERT: %s;%s;", host_name, svc_description); + snprintf(match1, sizeof( match1), " SERVICE FLAPPING ALERT: %s;%s;", host_name, svc_description); else if(history_type == SERVICE_DOWNTIME_HISTORY) - sprintf(match1, " SERVICE DOWNTIME ALERT: %s;%s;", host_name, svc_description); + snprintf(match1, sizeof( match1), " SERVICE DOWNTIME ALERT: %s;%s;", host_name, svc_description); if(strstr(temp_buffer, match1) && (history_type == SERVICE_HISTORY || history_type == SERVICE_FLAPPING_HISTORY || history_type == SERVICE_DOWNTIME_HISTORY)) display_line = TRUE;