nagios-plugins/SOURCES/nagios-plugins-stringop-tru...

diff --git a/lib/parse_ini.c b/lib/parse_ini.c
index fb5601c0..450100ad 100644
--- a/lib/parse_ini.c
+++ b/lib/parse_ini.c
@@ -324,11 +324,13 @@ static int add_option(FILE *f, np_arg_list **optlst){
 	optnew->arg=malloc(cfg_len+1);
 	/* 1-character params needs only one dash */
 	if(opt_len==1) {
-		strncpy(&optnew->arg[read_pos], "-", 1);
-		read_pos+=1;
+		optnew->arg[read_pos]='-';
+		++read_pos;
 	} else {
-		strncpy(&optnew->arg[read_pos], "--", 2);
-		read_pos+=2;
+		optnew->arg[read_pos]='-';
+		++read_pos;
+		optnew->arg[read_pos]='-';
+		++read_pos;
 	}
 	strncpy(&optnew->arg[read_pos], optptr, opt_len); read_pos+=opt_len;
 	if(value) {
diff --git a/lib/utils_base.c b/lib/utils_base.c
index 846d161e..cf443e71 100644
--- a/lib/utils_base.c
+++ b/lib/utils_base.c
@@ -332,6 +332,7 @@ int np_warn_if_not_root(void) {
 char *np_extract_value(const char *varlist, const char *name, char sep) {
 	char *tmp=NULL, *value=NULL;
 	int i;
+	size_t varlistlen;
 
 	while (1) {
 		/* Strip any leading space */
@@ -356,10 +357,11 @@ char *np_extract_value(const char *varlist, const char *name, char sep) {
 					value[tmp-varlist] = '\0';
 				} else {
 					/* Value is delimited by a \0 */
-					if (!strlen(varlist)) continue;
-					value = (char *)calloc(1, strlen(varlist) + 1);
-					strncpy(value, varlist, strlen(varlist));
-					value[strlen(varlist)] = '\0';
+					varlistlen = strlen(varlist);
+					if (!varlistlen) continue;
+					value = (char *)calloc(1, varlistlen + 1);
+					strncpy(value, varlist, varlistlen);
+					value[varlistlen] = '\0';
 				}
 				break;
 			}
diff --git a/plugins/check_disk.c b/plugins/check_disk.c
index c813ad65..c882554d 100755
--- a/plugins/check_disk.c
+++ b/plugins/check_disk.c
@@ -488,11 +488,11 @@ main (int argc, char **argv)
           const char *free_pct_str = &human_disk_entry->free_pct_str[0];
           const char *disk_result_str = state_text(human_disk_entry->disk_result);
           const char *avail_bytes_str = human_readable(human_disk_entry->avail_bytes, &human_buf[0], human_opts, 1, 1);
-          strncpy(&human_disk_entry->avail_bytes_str[0], avail_bytes_str, sizeof(human_disk_entry->avail_bytes_str));
+          strncpy(human_disk_entry->avail_bytes_str, avail_bytes_str, sizeof(human_disk_entry->avail_bytes_str - 1));
           const char *total_bytes_str = human_readable(human_disk_entry->total_bytes, &human_buf[0], human_opts, 1, 1);
-          strncpy(&human_disk_entry->total_bytes_str[0], total_bytes_str, sizeof(human_disk_entry->total_bytes_str));
+          strncpy(human_disk_entry->total_bytes_str, total_bytes_str, sizeof(human_disk_entry->total_bytes_str - 1));
 
-          strncpy(&human_disk_entry->disk_result_str[0], disk_result_str, sizeof(human_disk_entry->disk_result_str));
+          strncpy(human_disk_entry->disk_result_str, disk_result_str, sizeof(human_disk_entry->disk_result_str - 1));
           if (human_column_widths.free_pct < strlen(free_pct_str))       human_column_widths.free_pct = strlen(free_pct_str);
           if (human_column_widths.avail_bytes < strlen(avail_bytes_str)) human_column_widths.avail_bytes = strlen(avail_bytes_str);
           if (human_column_widths.total_bytes < strlen(total_bytes_str)) human_column_widths.total_bytes = strlen(total_bytes_str);
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index d5923a6a..43edd392 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -583,7 +583,7 @@ process_arguments (int argc, char **argv)
 					     _("Could not realloc() units [%d]\n"), ncommands);
 			}
 			commands[ncommands] = (char *) malloc (sizeof(char) * 255);
-			strncpy (commands[ncommands], optarg, 255);
+			strncpy (commands[ncommands], optarg, 254);
 			ncommands++;
 			break;
 		case 'R':									/* server responses */
@@ -595,7 +595,7 @@ process_arguments (int argc, char **argv)
 					     _("Could not realloc() units [%d]\n"), nresponses);
 			}
 			responses[nresponses] = (char *) malloc (sizeof(char) * 255);
-			strncpy (responses[nresponses], optarg, 255);
+			strncpy (responses[nresponses], optarg, 254);
 			nresponses++;
 			break;
 		case 'c':									/* critical time threshold */
initial package creation Signed-off-by: Toshaan Bharvani <toshaan@powerel.org> 1 year ago			`diff --git a/lib/parse_ini.c b/lib/parse_ini.c`
			`index fb5601c0..450100ad 100644`
			`--- a/lib/parse_ini.c`
			`+++ b/lib/parse_ini.c`
			`@@ -324,11 +324,13 @@ static int add_option(FILE f, np_arg_list *optlst){`
			`optnew->arg=malloc(cfg_len+1);`
			`/* 1-character params needs only one dash */`
			`if(opt_len==1) {`
			`- strncpy(&optnew->arg[read_pos], "-", 1);`
			`- read_pos+=1;`
			`+ optnew->arg[read_pos]='-';`
			`+ ++read_pos;`
			`} else {`
			`- strncpy(&optnew->arg[read_pos], "--", 2);`
			`- read_pos+=2;`
			`+ optnew->arg[read_pos]='-';`
			`+ ++read_pos;`
			`+ optnew->arg[read_pos]='-';`
			`+ ++read_pos;`
			`}`
			`strncpy(&optnew->arg[read_pos], optptr, opt_len); read_pos+=opt_len;`
			`if(value) {`
			`diff --git a/lib/utils_base.c b/lib/utils_base.c`
			`index 846d161e..cf443e71 100644`
			`--- a/lib/utils_base.c`
			`+++ b/lib/utils_base.c`
			`@@ -332,6 +332,7 @@ int np_warn_if_not_root(void) {`
			`char np_extract_value(const char varlist, const char *name, char sep) {`
			`char tmp=NULL, value=NULL;`
			`int i;`
			`+ size_t varlistlen;`

			`while (1) {`
			`/* Strip any leading space */`
			`@@ -356,10 +357,11 @@ char np_extract_value(const char varlist, const char *name, char sep) {`
			`value[tmp-varlist] = '\0';`
			`} else {`
			`/* Value is delimited by a \0 */`
			`- if (!strlen(varlist)) continue;`
			`- value = (char *)calloc(1, strlen(varlist) + 1);`
			`- strncpy(value, varlist, strlen(varlist));`
			`- value[strlen(varlist)] = '\0';`
			`+ varlistlen = strlen(varlist);`
			`+ if (!varlistlen) continue;`
			`+ value = (char *)calloc(1, varlistlen + 1);`
			`+ strncpy(value, varlist, varlistlen);`
			`+ value[varlistlen] = '\0';`
			`}`
			`break;`
			`}`
			`diff --git a/plugins/check_disk.c b/plugins/check_disk.c`
			`index c813ad65..c882554d 100755`
			`--- a/plugins/check_disk.c`
			`+++ b/plugins/check_disk.c`
			`@@ -488,11 +488,11 @@ main (int argc, char **argv)`
			`const char *free_pct_str = &human_disk_entry->free_pct_str[0];`
			`const char *disk_result_str = state_text(human_disk_entry->disk_result);`
			`const char *avail_bytes_str = human_readable(human_disk_entry->avail_bytes, &human_buf[0], human_opts, 1, 1);`
			`- strncpy(&human_disk_entry->avail_bytes_str[0], avail_bytes_str, sizeof(human_disk_entry->avail_bytes_str));`
			`+ strncpy(human_disk_entry->avail_bytes_str, avail_bytes_str, sizeof(human_disk_entry->avail_bytes_str - 1));`
			`const char *total_bytes_str = human_readable(human_disk_entry->total_bytes, &human_buf[0], human_opts, 1, 1);`
			`- strncpy(&human_disk_entry->total_bytes_str[0], total_bytes_str, sizeof(human_disk_entry->total_bytes_str));`
			`+ strncpy(human_disk_entry->total_bytes_str, total_bytes_str, sizeof(human_disk_entry->total_bytes_str - 1));`

			`- strncpy(&human_disk_entry->disk_result_str[0], disk_result_str, sizeof(human_disk_entry->disk_result_str));`
			`+ strncpy(human_disk_entry->disk_result_str, disk_result_str, sizeof(human_disk_entry->disk_result_str - 1));`
			`if (human_column_widths.free_pct < strlen(free_pct_str)) human_column_widths.free_pct = strlen(free_pct_str);`
			`if (human_column_widths.avail_bytes < strlen(avail_bytes_str)) human_column_widths.avail_bytes = strlen(avail_bytes_str);`
			`if (human_column_widths.total_bytes < strlen(total_bytes_str)) human_column_widths.total_bytes = strlen(total_bytes_str);`
			`diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c`
			`index d5923a6a..43edd392 100644`
			`--- a/plugins/check_smtp.c`
			`+++ b/plugins/check_smtp.c`
			`@@ -583,7 +583,7 @@ process_arguments (int argc, char **argv)`
			`_("Could not realloc() units [%d]\n"), ncommands);`
			`}`
			`commands[ncommands] = (char ) malloc (sizeof(char) 255);`
			`- strncpy (commands[ncommands], optarg, 255);`
			`+ strncpy (commands[ncommands], optarg, 254);`
			`ncommands++;`
			`break;`
			`case 'R': /* server responses */`
			`@@ -595,7 +595,7 @@ process_arguments (int argc, char **argv)`
			`_("Could not realloc() units [%d]\n"), nresponses);`
			`}`
			`responses[nresponses] = (char ) malloc (sizeof(char) 255);`
			`- strncpy (responses[nresponses], optarg, 255);`
			`+ strncpy (responses[nresponses], optarg, 254);`
			`nresponses++;`
			`break;`
			`case 'c': /* critical time threshold */`