src/rrd_fetch_libdbi.c: fix Coverity CID#13678 Copy into fixed size buffer (buffer...

author Marek Schimara <Marek.Schimara@bull.net>

Fri, 17 Jun 2016 07:37:46 +0000 (09:37 +0200)

committer Marek Schimara <Marek.Schimara@bull.net>

Thu, 23 Jun 2016 14:32:33 +0000 (16:32 +0200)
author Marek Schimara <Marek.Schimara@bull.net>
Fri, 17 Jun 2016 07:37:46 +0000 (09:37 +0200)
committer Marek Schimara <Marek.Schimara@bull.net>
Thu, 23 Jun 2016 14:32:33 +0000 (16:32 +0200)
diff --git a/src/rrd_fetch_libdbi.c b/src/rrd_fetch_libdbi.c

index b0ca2a664b5609d287950c14113c60ecd0f1e2c5..fc183c7fe4050c088361266fc7bf55979f50a6e9 100644 (file)
--- a/src/rrd_fetch_libdbi.c
+++ b/src/rrd_fetch_libdbi.c
@@ -527,7 +527,11 @@ rrd_fetch_fn_libdbi(
      } else if (*sqlargs==0) { /* ignore empty */
      } else { /* else add to where string */
        if (where[0]) {strcat(where," AND ");}
-      strcat(where,sqlargs);
+      if (strlen(where) + strlen(sqlargs) >= sizeof(where)) {
+        rrd_set_error("argument too long (exceeded %d characters)", sizeof(where) - 1);
+        return -1;
+      }
+      strncat(where,sqlargs, sizeof(where) - strlen(sqlargs) - 1);
      }
      /* and continue loop with next pointer */
      sqlargs=nextptr;
author	Marek Schimara <Marek.Schimara@bull.net>
	Fri, 17 Jun 2016 07:37:46 +0000 (09:37 +0200)
committer	Marek Schimara <Marek.Schimara@bull.net>
	Thu, 23 Jun 2016 14:32:33 +0000 (16:32 +0200)