[Nagiosplug-checkins] CVS: nagiosplug/plugins check_http.c,1.17,1.18

Karl DeBisschop kdebisschop at users.sourceforge.net
Mon Jan 27 23:16:10 CET 2003


Update of /cvsroot/nagiosplug/nagiosplug/plugins
In directory sc8-pr-cvs1:/tmp/cvs-serv29903

Modified Files:
	check_http.c 
Log Message:
remove NULL string inits that can lead to segfaults

Index: check_http.c
===================================================================
RCS file: /cvsroot/nagiosplug/nagiosplug/plugins/check_http.c,v
retrieving revision 1.17
retrieving revision 1.18
diff -C2 -r1.17 -r1.18
*** check_http.c	27 Jan 2003 11:53:25 -0000	1.17
--- check_http.c	28 Jan 2003 07:15:54 -0000	1.18
***************
*** 190,193 ****
--- 190,194 ----
  #define HTTP_EXPECT "HTTP/1."
  #define HTTP_URL "/"
+ #define CRLF "\r\n"
  
  char timestamp[17] = "";
***************
*** 196,203 ****
  char server_port_text[6] = "";
  char server_type[6] = "http";
! /*@null@*/ char *server_address = NULL; 
  char *host_name = "";
! /*@null@*/ char *server_url = NULL;
! int server_url_length = 0;
  int server_expect_yn = 0;
  char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;
--- 197,204 ----
  char server_port_text[6] = "";
  char server_type[6] = "http";
! char *server_address = ""; 
  char *host_name = "";
! char *server_url = HTTP_URL;
! int server_url_length = 1;
  int server_expect_yn = 0;
  char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;
***************
*** 213,218 ****
  int verbose = FALSE;
  int sd;
! /*@null@*/ char *http_method = NULL;
! /*@null@*/ char *http_post_data = NULL;
  char buffer[MAX_INPUT_BUFFER];
  
--- 214,219 ----
  int verbose = FALSE;
  int sd;
! char *http_method = "GET";
! char *http_post_data = "";
  char buffer[MAX_INPUT_BUFFER];
  
***************
*** 405,413 ****
  			break;
  		case 'I': /* Server IP-address */
!  			server_address = strscpy (server_address, optarg);
  			break;
  		case 'u': /* Host or server */
! 			server_url = strscpy (server_url, optarg);
! 			server_url_length = strlen (optarg);
  			break;
  		case 'p': /* Host or server */
--- 406,414 ----
  			break;
  		case 'I': /* Server IP-address */
!  			asprintf (&server_address, "%s", optarg);
  			break;
  		case 'u': /* Host or server */
! 			asprintf (&server_url, "%s", optarg);
! 			server_url_length = strlen (server_url);
  			break;
  		case 'p': /* Host or server */
***************
*** 422,427 ****
  			break;
  		case 'P': /* HTTP POST data in URL encoded format */
! 			http_method = strscpy (http_method, "POST");
! 			http_post_data = strscpy (http_post_data, optarg);
  			break;
  		case 's': /* string or substring */
--- 423,428 ----
  			break;
  		case 'P': /* HTTP POST data in URL encoded format */
! 			asprintf (&http_method, "%s", "POST");
! 			asprintf (&http_post_data, "%s", optarg);
  			break;
  		case 's': /* string or substring */
***************
*** 465,489 ****
  	c = optind;
  
! 	if (server_address == NULL) {
! 		if (c < argc) {
! 			server_address = strscpy (NULL, argv[c++]);
! 		}
! 		else if (strcmp (host_name ,"") == 0) {
! 			usage ("check_http: you must specify a server address\n");
! 		}
! 	}
  
! 	if (strcmp (host_name ,"") == 0 && c < argc)
   		asprintf (&host_name, "%s", argv[c++]);
  
! 	if (server_address == NULL)
! 		server_address = strscpy (NULL, host_name);
! 
! 	if (http_method == NULL)
! 		http_method = strscpy (http_method, "GET");
! 
! 	if (server_url == NULL) {
! 		server_url = strscpy (NULL, "/");
! 		server_url_length = strlen(HTTP_URL);
  	}
  
--- 466,480 ----
  	c = optind;
  
! 	if (strcmp (server_address, "") == 0 && c < argc)
! 			asprintf (&server_address, "%s", argv[c++]);
  
! 	if (strcmp (host_name, "") == 0 && c < argc)
   		asprintf (&host_name, "%s", argv[c++]);
  
! 	if (strcmp (server_address ,"") == 0) {
! 		if (strcmp (host_name, "") == 0)
! 			usage ("check_http: you must specify a server address or host name\n");
! 		else
! 			asprintf (&server_address, "%s", host_name);
  	}
  
***************
*** 601,605 ****
  
  		/* either send http POST data */
! 		if (http_post_data) {
  			asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");
  			if (SSL_write (ssl, buf, strlen (buf)) == -1) {
--- 592,596 ----
  
  		/* either send http POST data */
! 		if (strlen (http_post_data)) {
  			asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");
  			if (SSL_write (ssl, buf, strlen (buf)) == -1) {
***************
*** 612,620 ****
  				return STATE_CRITICAL;
  			}
- 			http_post_data = strscat (http_post_data, "\r\n");
  			if (SSL_write (ssl, http_post_data, strlen (http_post_data)) == -1) {
  				ERR_print_errors_fp (stderr);
  				return STATE_CRITICAL;
  			}
  		}
  		else {
--- 603,615 ----
  				return STATE_CRITICAL;
  			}
  			if (SSL_write (ssl, http_post_data, strlen (http_post_data)) == -1) {
  				ERR_print_errors_fp (stderr);
  				return STATE_CRITICAL;
  			}
+ 			asprintf (&buf, CRLF);
+ 			if (SSL_write (ssl, buf, strlen (buf)) == -1) {
+ 				ERR_print_errors_fp (stderr);
+ 				return STATE_CRITICAL;
+ 			}
  		}
  		else {
***************
*** 656,666 ****
  		/* either send http POST data */
  		/* written by Chris Henesy <lurker at shadowtech.org> */
! 		if (http_post_data) {
  			asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");
  			send (sd, buf, strlen (buf), 0);
  			asprintf (&buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
  			send (sd, buf, strlen (buf), 0);
- 			http_post_data = strscat (http_post_data, "\r\n");
  			send (sd, http_post_data, strlen (http_post_data), 0);
  		}
  		else {
--- 651,661 ----
  		/* either send http POST data */
  		/* written by Chris Henesy <lurker at shadowtech.org> */
! 		if (strlen (http_post_data)) {
  			asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");
  			send (sd, buf, strlen (buf), 0);
  			asprintf (&buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
  			send (sd, buf, strlen (buf), 0);
  			send (sd, http_post_data, strlen (http_post_data), 0);
+ 			send (sd, CRLF, strlen (CRLF), 0);
  		}
  		else {
***************
*** 774,778 ****
  			if (onredirect == STATE_DEPENDENT) {
  
! 				orig_url = strscpy(NULL, server_url);
  				pos = header;
  				while (pos) {
--- 769,773 ----
  			if (onredirect == STATE_DEPENDENT) {
  
! 				asprintf (&orig_url, "%s", server_url);
  				pos = header;
  				while (pos) {
***************
*** 789,793 ****
  					}
  					if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) {
! 						host_name = strscpy (host_name, server_address);
  						use_ssl = server_type_check (server_type);
  						server_port = atoi (server_port_text);
--- 784,788 ----
  					}
  					if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) {
! 						asprintf (&host_name, "%s", server_address);
  						use_ssl = server_type_check (server_type);
  						server_port = atoi (server_port_text);
***************
*** 795,799 ****
  					}
  					else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PATH, server_type, server_address, server_url) == 3 ) { 
! 						host_name = strscpy (host_name, server_address);
  						use_ssl = server_type_check (server_type);
  						server_port = server_port_check (use_ssl);
--- 790,794 ----
  					}
  					else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PATH, server_type, server_address, server_url) == 3 ) { 
! 						asprintf (&host_name, "%s", server_address);
  						use_ssl = server_type_check (server_type);
  						server_port = server_port_check (use_ssl);
***************
*** 801,805 ****
  					}
  					else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT, server_type, server_address, server_port_text) == 3) {
! 						host_name = strscpy (host_name, server_address);
  						strcpy (server_url, "/");
  						use_ssl = server_type_check (server_type);
--- 796,800 ----
  					}
  					else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT, server_type, server_address, server_port_text) == 3) {
! 						asprintf (&host_name, "%s", server_address);
  						strcpy (server_url, "/");
  						use_ssl = server_type_check (server_type);
***************
*** 808,812 ****
  					}
  					else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST, server_type, server_address) == 2) {
! 						host_name = strscpy (host_name, server_address);
  						strcpy (server_url, "/");
  						use_ssl = server_type_check (server_type);
--- 803,807 ----
  					}
  					else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST, server_type, server_address) == 2) {
! 						asprintf (&host_name, "%s", server_address);
  						strcpy (server_url, "/");
  						use_ssl = server_type_check (server_type);
***************
*** 913,917 ****
  	SSL_METHOD *meth;
  
! 	randbuff = strscpy (NULL, "qwertyuiopasdfghjkl");
  	RAND_seed (randbuff, strlen (randbuff));
  	/* Initialize SSL context */
--- 908,912 ----
  	SSL_METHOD *meth;
  
! 	asprintf (randbuff, "%s", "qwertyuiopasdfghjkl");
  	RAND_seed (randbuff, strlen (randbuff));
  	/* Initialize SSL context */





More information about the Commits mailing list