Re: [Nagios-devel] Bug in statuswml.cgi with Acknowledging Services

Guest · Post by **Guest** » Wed Aug 13, 2008 1:31 am

--jRHKVT23PllUwdXP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

* Jon Angliss [12.08.2008 23:52]:
> I read the thread, and it looks like the variables are being double
> encoded, which is fine, but the issue here is that a variable being
> fed into url_encode is coming out as a different variable.

Ok, now I see the problem. url_encode() uses a static buffer and calling
it twice in a row overwrites the first result. Half of a fix for this
problem was committed in May introducing a second buffer but the code is
only using the first.

I attached a patch against current CVS using dynamic buffers like
html_encode() does. Lightly tested but works for me.

Regards,
Armin Wolfermann

--jRHKVT23PllUwdXP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="encoded_url_string.diff"

Index: cgiutils.c
===================================================================
RCS file: /cvsroot/nagios/nagios/cgi/cgiutils.c,v
retrieving revision 1.81
diff -u -r1.81 cgiutils.c
--- cgiutils.c 23 Jun 2008 20:47:44 -0000 1.81
+++ cgiutils.c 13 Aug 2008 09:23:08 -0000
@@ -126,7 +126,7 @@
char *my_strtok_buffer=NULL;
char *original_my_strtok_buffer=NULL;

-char encoded_url_string[2][MAX_INPUT_BUFFER]; // 2 to be able use url_encode twice
+char *encoded_url_string=NULL;
char *encoded_html_string=NULL;

#ifdef HAVE_TZNAME
@@ -1330,54 +1330,52 @@

/* encodes a string in proper URL format */
char * url_encode(char *input){
- int len,output_len;
+ int len;
int x,y;
char temp_expansion[4];
- static int i = 0;
- char* str = encoded_url_string;

if(input==NULL)
return '\x0';

len=(int)strlen(input);
- output_len=(int)sizeof(encoded_url_string[0]);

- str[0]='\x0';
+ if((encoded_url_string=(char *)malloc(MAX_INPUT_BUFFER))==NULL)
+ return "";
+
+ strcpy(encoded_url_string,"");

- for(x=0,y=0;x='0' && (char)input[x]='A' && (char)input[x]=(char)'a' && (char)input[x]<=(char)'z') || (char)input[x]==(char)'.' || (char)input[x]==(char)'-' || (char)input[x]==(char)'_'){
- str[y]=input[x];
- y++;
+ encoded_url_string[y++]=input[x];
}

/* spaces are pluses */
else if((char)input[x]<=(char)' '){
- str[y]='+';
- y++;
+ encoded_url_string[y++]='+';
}

/* anything else gets represented by its hex value */
else{
- str[y]='\x0';
- if((int)strlen(str)<(output_len-3)){
+ encoded_url_string[y]='\x0';
+ if((int)strlen(encoded_url_string)<MAX_INPUT_BUFFER-3){
sprintf(temp_expansion,"%%%02X",(unsigned int)input[x]);
- strcat(str,temp_expansion);
- y+=3;
+ strcat(encoded_url_string,temp_expansion);
+ y+=strlen(temp_expansion);
}
}
}

- str[sizeof(encoded_url_string[0])-1]='\x0';
+ encoded_url_string[y++]='\x0';

- return str;
+ return encoded_url_string;
}

--jRHKVT23PllUwdXP--

This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]