In <user-27452f8c0884@xymon.invalid> <user-47f84fd3870a@xymon.invalid> writes:
In the source code of report.c and snapshot.c (in the map ./web) there
is a declaration in the main function: "char htmldelim[20];". In the
same main function we can find: " sprintf(htmldelim, "xymonrep-%u-%u",
(int)getpid(), (unsigned int)getcurrenttime(NULL));"
Because the size of "char htmldelim[20];" is not sufficient enough
(requires around 25 or so) this process will crash.
Thank You! Very nice catch - good to have this done before the
4.3.0 release.
There is also a potential crash that can be induced by feeding the
report CGI a long "style" setting. I've fixed that as well in a
commit just now.
Regards,
Henrik