summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHolger Weiss <holger@zedat.fu-berlin.de>2010-04-11 10:54:44 +0200
committerHolger Weiss <holger@zedat.fu-berlin.de>2010-04-11 10:54:44 +0200
commit614e9dec5e3f4059c8eb5e4ea11bf92e66c3c76f (patch)
treefa00fc25d49101ab071f252aecdfdc0411b43149
parentde7191e3424e02ba278a39b86e8b1906a25d0362 (diff)
downloadmonitoring-plugins-614e9dec5e3f4059c8eb5e4ea11bf92e66c3c76f.tar.gz
Fix Debian bug #478942: Fragile argument passing
Fix some problems regarding the way check_disk_smb passes command line arguments to smbclient(1). | It runs: | | $res = qx/$smbclient "\/\/$host\/$share" $pass -W $workgroup \ | -U $user $smbclientoptions -I $address -c ls/; | | [...] | | The documentation says that if the password is not passed, it | defaults to "". That is not true above, as $pass expands to | nothing which leaves no argument at all (instead of an empty | argument) so is different from providing with an empty password | or with the -N option. | | Also, if the password starts with "-", you're in trouble, that's | why -U $user%$pass may be prefered. | | Also, the doc says that if $user is not provided, then it | defaults to "guest" but the problem is that if it is provided | but empty, it is changed to "guest" as well, which prevents us | from querying hosts that don't do user authentication. [ http://bugs.debian.org/478942 ] (Fixed by Stephane Chazelas, forwarded by Jan Wagner.)
-rwxr-xr-xplugins-scripts/check_disk_smb.pl61
1 files changed, 36 insertions, 25 deletions
diff --git a/plugins-scripts/check_disk_smb.pl b/plugins-scripts/check_disk_smb.pl
index ca593d46..7c81fc26 100755
--- a/plugins-scripts/check_disk_smb.pl
+++ b/plugins-scripts/check_disk_smb.pl
@@ -58,9 +58,7 @@ if ($opt_V) {
58 58
59if ($opt_h) {print_help(); exit $ERRORS{'OK'};} 59if ($opt_h) {print_help(); exit $ERRORS{'OK'};}
60 60
61my $smbclient= "$utils::PATH_TO_SMBCLIENT " ; 61my $smbclient = $utils::PATH_TO_SMBCLIENT;
62my $smbclientoptions= $opt_P ? "-p $opt_P " : "";
63
64 62
65# Options checking 63# Options checking
66 64
@@ -72,13 +70,12 @@ my $host = $1 if ($opt_H =~ /^([-_.A-Za-z0-9 ]+\$?)$/);
72my $share = $1 if ($opt_s =~ /^([-_.A-Za-z0-9]+\$?)$/); 70my $share = $1 if ($opt_s =~ /^([-_.A-Za-z0-9]+\$?)$/);
73($share) || usage("Invalid share: $opt_s\n"); 71($share) || usage("Invalid share: $opt_s\n");
74 72
75($opt_u) || ($opt_u = shift @ARGV) || ($opt_u = "guest"); 73defined($opt_u) || ($opt_u = shift @ARGV) || ($opt_u = "guest");
76my $user = $1 if ($opt_u =~ /^([-_.A-Za-z0-9\\]+)$/); 74my $user = $1 if ($opt_u =~ /^([-_.A-Za-z0-9\\]*)$/);
77($user) || usage("Invalid user: $opt_u\n"); 75defined($user) || usage("Invalid user: $opt_u\n");
78 76
79($opt_p) || ($opt_p = shift @ARGV) || ($opt_p = ""); 77defined($opt_p) || ($opt_p = shift @ARGV) || ($opt_p = "");
80my $pass = $1 if ($opt_p =~ /(.*)/); 78my $pass = $1 if ($opt_p =~ /(.*)/);
81$pass = "-N" if ($opt_p eq "");
82 79
83($opt_w) || ($opt_w = shift @ARGV) || ($opt_w = 85); 80($opt_w) || ($opt_w = shift @ARGV) || ($opt_w = 85);
84my $warn = $1 if ($opt_w =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/); 81my $warn = $1 if ($opt_w =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/);
@@ -88,6 +85,24 @@ my $warn = $1 if ($opt_w =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/);
88my $crit = $1 if ($opt_c =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/); 85my $crit = $1 if ($opt_c =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/);
89($crit) || usage("Invalid critical threshold: $opt_c\n"); 86($crit) || usage("Invalid critical threshold: $opt_c\n");
90 87
88# Execute the given command line and return anything it writes to STDOUT and/or
89# STDERR. (This might be useful for other plugins, too, so it should possibly
90# be moved to utils.pm.)
91sub output_and_error_of {
92 local *CMD;
93 local $/ = undef;
94 my $pid = open CMD, "-|";
95 if (defined($pid)) {
96 if ($pid) {
97 return <CMD>;
98 } else {
99 open STDERR, ">&STDOUT" and exec @_;
100 exit(1);
101 }
102 }
103 return undef;
104}
105
91# split the type from the unit value 106# split the type from the unit value
92#Check $warn and $crit for type (%/M/G) and set up for tests 107#Check $warn and $crit for type (%/M/G) and set up for tests
93#P = Percent, K = KBytes 108#P = Percent, K = KBytes
@@ -162,23 +177,19 @@ alarm($TIMEOUT);
162 177
163# Execute an "ls" on the share using smbclient program 178# Execute an "ls" on the share using smbclient program
164# get the results into $res 179# get the results into $res
165if (defined($workgroup)) { 180my @cmd = (
166 if (defined($address)) { 181 $smbclient,
167 print "$smbclient " . "\/\/$host\/$share" ." $pass -W $workgroup -U $user $smbclientoptions -I $address -c ls\n" if ($verbose); 182 "//$host/$share",
168 $res = qx/$smbclient "\/\/$host\/$share" $pass -W $workgroup -U $user $smbclientoptions -I $address -c ls/; 183 "-U", "$user%$pass",
169 } else { 184 defined($workgroup) ? ("-W", $workgroup) : (),
170 print "$smbclient " . "\/\/$host\/$share" ." $pass -W $workgroup -U $user $smbclientoptions -c ls\n" if ($verbose); 185 defined($address) ? ("-I", $address) : (),
171 $res = qx/$smbclient "\/\/$host\/$share" $pass -W $workgroup -U $user $smbclientoptions -c ls/; 186 defined($opt_P) ? ("-p", $opt_P) : (),
172 } 187 "-c", "ls"
173} else { 188);
174 if (defined($address)) { 189
175 print "$smbclient " . "\/\/$host\/$share" ." $pass -U $user $smbclientoptions -I $address -c ls\n" if ($verbose); 190print join(" ", @cmd) . "\n" if ($verbose);
176 $res = qx/$smbclient "\/\/$host\/$share" $pass -U $user $smbclientoptions -I $address -c ls/; 191$res = output_and_error_of(@cmd) or exit $ERRORS{"UNKNOWN"};
177 } else { 192
178 print "$smbclient " . "\/\/$host\/$share" ." $pass -U $user $smbclientoptions -c ls\n" if ($verbose);
179 $res = qx/$smbclient "\/\/$host\/$share" $pass -U $user $smbclientoptions -c ls/;
180 }
181}
182#Turn off alarm 193#Turn off alarm
183alarm(0); 194alarm(0);
184 195