summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKarl DeBisschop <kdebisschop@users.sourceforge.net>2003-01-28 07:15:54 +0000
committerKarl DeBisschop <kdebisschop@users.sourceforge.net>2003-01-28 07:15:54 +0000
commit9452b46d955a3e99837214c77ad48dae4a7bf7cd (patch)
tree2af371b9f32448cf4e96b11cc2bd22805454914e
parentb2a2d26d13a130bd0302c941c78b2e0e7c480eda (diff)
downloadmonitoring-plugins-9452b46d955a3e99837214c77ad48dae4a7bf7cd.tar.gz
remove NULL string inits that can lead to segfaults
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@256 f882894a-f735-0410-b71e-b25c423dba1c
-rw-r--r--plugins/check_http.c71
1 files changed, 33 insertions, 38 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c
index be18ce7d..506a1ec7 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -189,16 +189,17 @@ struct timeval tv;
189#define HTTPS_PORT 443 189#define HTTPS_PORT 443
190#define HTTP_EXPECT "HTTP/1." 190#define HTTP_EXPECT "HTTP/1."
191#define HTTP_URL "/" 191#define HTTP_URL "/"
192#define CRLF "\r\n"
192 193
193char timestamp[17] = ""; 194char timestamp[17] = "";
194int specify_port = FALSE; 195int specify_port = FALSE;
195int server_port = HTTP_PORT; 196int server_port = HTTP_PORT;
196char server_port_text[6] = ""; 197char server_port_text[6] = "";
197char server_type[6] = "http"; 198char server_type[6] = "http";
198/*@null@*/ char *server_address = NULL; 199char *server_address = "";
199char *host_name = ""; 200char *host_name = "";
200/*@null@*/ char *server_url = NULL; 201char *server_url = HTTP_URL;
201int server_url_length = 0; 202int server_url_length = 1;
202int server_expect_yn = 0; 203int server_expect_yn = 0;
203char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT; 204char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;
204char string_expect[MAX_INPUT_BUFFER] = ""; 205char string_expect[MAX_INPUT_BUFFER] = "";
@@ -212,8 +213,8 @@ int onredirect = STATE_OK;
212int use_ssl = FALSE; 213int use_ssl = FALSE;
213int verbose = FALSE; 214int verbose = FALSE;
214int sd; 215int sd;
215/*@null@*/ char *http_method = NULL; 216char *http_method = "GET";
216/*@null@*/ char *http_post_data = NULL; 217char *http_post_data = "";
217char buffer[MAX_INPUT_BUFFER]; 218char buffer[MAX_INPUT_BUFFER];
218 219
219void print_usage (void); 220void print_usage (void);
@@ -404,11 +405,11 @@ process_arguments (int argc, char **argv)
404 asprintf (&host_name, "%s", optarg); 405 asprintf (&host_name, "%s", optarg);
405 break; 406 break;
406 case 'I': /* Server IP-address */ 407 case 'I': /* Server IP-address */
407 server_address = strscpy (server_address, optarg); 408 asprintf (&server_address, "%s", optarg);
408 break; 409 break;
409 case 'u': /* Host or server */ 410 case 'u': /* Host or server */
410 server_url = strscpy (server_url, optarg); 411 asprintf (&server_url, "%s", optarg);
411 server_url_length = strlen (optarg); 412 server_url_length = strlen (server_url);
412 break; 413 break;
413 case 'p': /* Host or server */ 414 case 'p': /* Host or server */
414 if (!is_intnonneg (optarg)) 415 if (!is_intnonneg (optarg))
@@ -421,8 +422,8 @@ process_arguments (int argc, char **argv)
421 user_auth[MAX_INPUT_BUFFER - 1] = 0; 422 user_auth[MAX_INPUT_BUFFER - 1] = 0;
422 break; 423 break;
423 case 'P': /* HTTP POST data in URL encoded format */ 424 case 'P': /* HTTP POST data in URL encoded format */
424 http_method = strscpy (http_method, "POST"); 425 asprintf (&http_method, "%s", "POST");
425 http_post_data = strscpy (http_post_data, optarg); 426 asprintf (&http_post_data, "%s", optarg);
426 break; 427 break;
427 case 's': /* string or substring */ 428 case 's': /* string or substring */
428 strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1); 429 strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1);
@@ -464,27 +465,17 @@ process_arguments (int argc, char **argv)
464 465
465 c = optind; 466 c = optind;
466 467
467 if (server_address == NULL) { 468 if (strcmp (server_address, "") == 0 && c < argc)
468 if (c < argc) { 469 asprintf (&server_address, "%s", argv[c++]);
469 server_address = strscpy (NULL, argv[c++]);
470 }
471 else if (strcmp (host_name ,"") == 0) {
472 usage ("check_http: you must specify a server address\n");
473 }
474 }
475 470
476 if (strcmp (host_name ,"") == 0 && c < argc) 471 if (strcmp (host_name, "") == 0 && c < argc)
477 asprintf (&host_name, "%s", argv[c++]); 472 asprintf (&host_name, "%s", argv[c++]);
478 473
479 if (server_address == NULL) 474 if (strcmp (server_address ,"") == 0) {
480 server_address = strscpy (NULL, host_name); 475 if (strcmp (host_name, "") == 0)
481 476 usage ("check_http: you must specify a server address or host name\n");
482 if (http_method == NULL) 477 else
483 http_method = strscpy (http_method, "GET"); 478 asprintf (&server_address, "%s", host_name);
484
485 if (server_url == NULL) {
486 server_url = strscpy (NULL, "/");
487 server_url_length = strlen(HTTP_URL);
488 } 479 }
489 480
490 return TRUE; 481 return TRUE;
@@ -600,7 +591,7 @@ check_http (void)
600 } 591 }
601 592
602 /* either send http POST data */ 593 /* either send http POST data */
603 if (http_post_data) { 594 if (strlen (http_post_data)) {
604 asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n"); 595 asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");
605 if (SSL_write (ssl, buf, strlen (buf)) == -1) { 596 if (SSL_write (ssl, buf, strlen (buf)) == -1) {
606 ERR_print_errors_fp (stderr); 597 ERR_print_errors_fp (stderr);
@@ -611,11 +602,15 @@ check_http (void)
611 ERR_print_errors_fp (stderr); 602 ERR_print_errors_fp (stderr);
612 return STATE_CRITICAL; 603 return STATE_CRITICAL;
613 } 604 }
614 http_post_data = strscat (http_post_data, "\r\n");
615 if (SSL_write (ssl, http_post_data, strlen (http_post_data)) == -1) { 605 if (SSL_write (ssl, http_post_data, strlen (http_post_data)) == -1) {
616 ERR_print_errors_fp (stderr); 606 ERR_print_errors_fp (stderr);
617 return STATE_CRITICAL; 607 return STATE_CRITICAL;
618 } 608 }
609 asprintf (&buf, CRLF);
610 if (SSL_write (ssl, buf, strlen (buf)) == -1) {
611 ERR_print_errors_fp (stderr);
612 return STATE_CRITICAL;
613 }
619 } 614 }
620 else { 615 else {
621 /* or just a newline so the server knows we're done with the request */ 616 /* or just a newline so the server knows we're done with the request */
@@ -655,13 +650,13 @@ check_http (void)
655 650
656 /* either send http POST data */ 651 /* either send http POST data */
657 /* written by Chris Henesy <lurker@shadowtech.org> */ 652 /* written by Chris Henesy <lurker@shadowtech.org> */
658 if (http_post_data) { 653 if (strlen (http_post_data)) {
659 asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n"); 654 asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");
660 send (sd, buf, strlen (buf), 0); 655 send (sd, buf, strlen (buf), 0);
661 asprintf (&buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); 656 asprintf (&buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
662 send (sd, buf, strlen (buf), 0); 657 send (sd, buf, strlen (buf), 0);
663 http_post_data = strscat (http_post_data, "\r\n");
664 send (sd, http_post_data, strlen (http_post_data), 0); 658 send (sd, http_post_data, strlen (http_post_data), 0);
659 send (sd, CRLF, strlen (CRLF), 0);
665 } 660 }
666 else { 661 else {
667 /* or just a newline so the server knows we're done with the request */ 662 /* or just a newline so the server knows we're done with the request */
@@ -773,7 +768,7 @@ check_http (void)
773 strstr (status_line, "304")) { 768 strstr (status_line, "304")) {
774 if (onredirect == STATE_DEPENDENT) { 769 if (onredirect == STATE_DEPENDENT) {
775 770
776 orig_url = strscpy(NULL, server_url); 771 asprintf (&orig_url, "%s", server_url);
777 pos = header; 772 pos = header;
778 while (pos) { 773 while (pos) {
779 server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH); 774 server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH);
@@ -788,26 +783,26 @@ check_http (void)
788 server_url_length = strcspn (pos, "\r\n"); 783 server_url_length = strcspn (pos, "\r\n");
789 } 784 }
790 if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) { 785 if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) {
791 host_name = strscpy (host_name, server_address); 786 asprintf (&host_name, "%s", server_address);
792 use_ssl = server_type_check (server_type); 787 use_ssl = server_type_check (server_type);
793 server_port = atoi (server_port_text); 788 server_port = atoi (server_port_text);
794 check_http (); 789 check_http ();
795 } 790 }
796 else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PATH, server_type, server_address, server_url) == 3 ) { 791 else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PATH, server_type, server_address, server_url) == 3 ) {
797 host_name = strscpy (host_name, server_address); 792 asprintf (&host_name, "%s", server_address);
798 use_ssl = server_type_check (server_type); 793 use_ssl = server_type_check (server_type);
799 server_port = server_port_check (use_ssl); 794 server_port = server_port_check (use_ssl);
800 check_http (); 795 check_http ();
801 } 796 }
802 else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT, server_type, server_address, server_port_text) == 3) { 797 else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT, server_type, server_address, server_port_text) == 3) {
803 host_name = strscpy (host_name, server_address); 798 asprintf (&host_name, "%s", server_address);
804 strcpy (server_url, "/"); 799 strcpy (server_url, "/");
805 use_ssl = server_type_check (server_type); 800 use_ssl = server_type_check (server_type);
806 server_port = atoi (server_port_text); 801 server_port = atoi (server_port_text);
807 check_http (); 802 check_http ();
808 } 803 }
809 else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST, server_type, server_address) == 2) { 804 else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST, server_type, server_address) == 2) {
810 host_name = strscpy (host_name, server_address); 805 asprintf (&host_name, "%s", server_address);
811 strcpy (server_url, "/"); 806 strcpy (server_url, "/");
812 use_ssl = server_type_check (server_type); 807 use_ssl = server_type_check (server_type);
813 server_port = server_port_check (use_ssl); 808 server_port = server_port_check (use_ssl);
@@ -912,7 +907,7 @@ int connect_SSL (void)
912{ 907{
913 SSL_METHOD *meth; 908 SSL_METHOD *meth;
914 909
915 randbuff = strscpy (NULL, "qwertyuiopasdfghjkl"); 910 asprintf (randbuff, "%s", "qwertyuiopasdfghjkl");
916 RAND_seed (randbuff, strlen (randbuff)); 911 RAND_seed (randbuff, strlen (randbuff));
917 /* Initialize SSL context */ 912 /* Initialize SSL context */
918 SSLeay_add_ssl_algorithms (); 913 SSLeay_add_ssl_algorithms ();