Module monitormgmt.c, function processMonitorMsg - Possible extra characters

[GoogleCodeExporter]

Module monitormgmt.c, function processMonitorMsg:
The following code allows for extra characters within the message:
// zero out the next message we are going to fill in.
        memset(monitorMsg[monMsgIndex], 0, sizeof(monitorMsg[monMsgIndex]));
 // Make sure to nullterminate the message.
        m->monMsg[MAX_MONITOR_MSG_LENGTH - 1] = '\0';
If the  message is shorter than the max length, there will be characters 
between the message trailer and the null terminator.  It appears that the 
message gets initialized in the memset line, but there could be extra 
characters.  Recommend the null be inserted after the last actual character.
NOTE: I am not sure where the actual message gets inserted into the  monitorMsg 
– possibly in the m->monMsg line?

Original issue reported on code.google.com by prhamm...@gmail.com on 24 Nov 2012 at 8:03

[GoogleCodeExporter]

While the message from the monitor may have the garbage characters as stated, 
it will encounter an error while tokenizing the monitor message and hence this 
is not an issue.  Also the token values are checked for validation,
ravi. 

Original comment by ravt...@gmail.com on 25 Nov 2012 at 7:21

• Changed state: Invalid