diff options
| author | RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> | 2021-12-03 01:06:46 +0100 |
|---|---|---|
| committer | RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> | 2022-03-15 21:02:27 +0100 |
| commit | c842543e03cb629bed7459c5b9d48d30eae63087 (patch) | |
| tree | 2d76830b31e276dad2cb7c4569268e5ae50d7e8a | |
| parent | 5943528121033579033c5a372df6c5e91b22e723 (diff) | |
| download | monitoring-plugins-c842543e03cb629bed7459c5b9d48d30eae63087.tar.gz | |
Fix different overflows
| -rw-r--r-- | plugins-root/check_icmp.c | 41 |
1 files changed, 30 insertions, 11 deletions
diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c index f97b0ed7..df0d3c13 100644 --- a/plugins-root/check_icmp.c +++ b/plugins-root/check_icmp.c | |||
| @@ -207,7 +207,7 @@ static int add_target(char *); | |||
| 207 | static int add_target_ip(char *, struct sockaddr_storage *); | 207 | static int add_target_ip(char *, struct sockaddr_storage *); |
| 208 | static int handle_random_icmp(unsigned char *, struct sockaddr_storage *); | 208 | static int handle_random_icmp(unsigned char *, struct sockaddr_storage *); |
| 209 | static void parse_address(struct sockaddr_storage *, char *, int); | 209 | static void parse_address(struct sockaddr_storage *, char *, int); |
| 210 | static unsigned short icmp_checksum(unsigned short *, int); | 210 | static unsigned short icmp_checksum(uint16_t *, size_t); |
| 211 | static void finish(int); | 211 | static void finish(int); |
| 212 | static void crash(const char *, ...); | 212 | static void crash(const char *, ...); |
| 213 | 213 | ||
| @@ -779,7 +779,7 @@ static int | |||
| 779 | wait_for_reply(int sock, u_int t) | 779 | wait_for_reply(int sock, u_int t) |
| 780 | { | 780 | { |
| 781 | int n, hlen; | 781 | int n, hlen; |
| 782 | static unsigned char buf[4096]; | 782 | static unsigned char buf[65536]; |
| 783 | struct sockaddr_storage resp_addr; | 783 | struct sockaddr_storage resp_addr; |
| 784 | union ip_hdr *ip; | 784 | union ip_hdr *ip; |
| 785 | union icmp_packet packet; | 785 | union icmp_packet packet; |
| @@ -916,9 +916,27 @@ wait_for_reply(int sock, u_int t) | |||
| 916 | if(debug) { | 916 | if(debug) { |
| 917 | char address[INET6_ADDRSTRLEN]; | 917 | char address[INET6_ADDRSTRLEN]; |
| 918 | parse_address(&resp_addr, address, sizeof(address)); | 918 | parse_address(&resp_addr, address, sizeof(address)); |
| 919 | printf("%0.3f ms rtt from %s, outgoing ttl: %u, incoming ttl: %u, max: %0.3f, min: %0.3f\n", | 919 | |
| 920 | (float)tdiff / 1000, address, | 920 | switch(address_family) { |
| 921 | ttl, ip->ip.ip_ttl, (float)host->rtmax / 1000, (float)host->rtmin / 1000); | 921 | case AF_INET: { |
| 922 | printf("%0.3f ms rtt from %s, outgoing ttl: %u, incoming ttl: %u, max: %0.3f, min: %0.3f\n", | ||
| 923 | (float)tdiff / 1000, | ||
| 924 | address, | ||
| 925 | ttl, | ||
| 926 | ip->ip.ip_ttl, | ||
| 927 | (float)host->rtmax / 1000, | ||
| 928 | (float)host->rtmin / 1000); | ||
| 929 | break; | ||
| 930 | }; | ||
| 931 | case AF_INET6: { | ||
| 932 | printf("%0.3f ms rtt from %s, outgoing ttl: %u, max: %0.3f, min: %0.3f\n", | ||
| 933 | (float)tdiff / 1000, | ||
| 934 | address, | ||
| 935 | ttl, | ||
| 936 | (float)host->rtmax / 1000, | ||
| 937 | (float)host->rtmin / 1000); | ||
| 938 | }; | ||
| 939 | } | ||
| 922 | } | 940 | } |
| 923 | 941 | ||
| 924 | /* if we're in hostcheck mode, exit with limited printouts */ | 942 | /* if we're in hostcheck mode, exit with limited printouts */ |
| @@ -980,7 +998,7 @@ send_icmp_ping(int sock, struct rta_host *host) | |||
| 980 | icp->icmp_cksum = 0; | 998 | icp->icmp_cksum = 0; |
| 981 | icp->icmp_id = htons(pid); | 999 | icp->icmp_id = htons(pid); |
| 982 | icp->icmp_seq = htons(host->id++); | 1000 | icp->icmp_seq = htons(host->id++); |
| 983 | icp->icmp_cksum = icmp_checksum((unsigned short*)buf, icmp_pkt_size); | 1001 | icp->icmp_cksum = icmp_checksum((uint16_t*)buf, (size_t)icmp_pkt_size); |
| 984 | 1002 | ||
| 985 | if (debug > 2) | 1003 | if (debug > 2) |
| 986 | printf("Sending ICMP echo-request of len %lu, id %u, seq %u, cksum 0x%X to host %s\n", | 1004 | printf("Sending ICMP echo-request of len %lu, id %u, seq %u, cksum 0x%X to host %s\n", |
| @@ -1517,18 +1535,19 @@ get_threshold(char *str, threshold *th) | |||
| 1517 | } | 1535 | } |
| 1518 | 1536 | ||
| 1519 | unsigned short | 1537 | unsigned short |
| 1520 | icmp_checksum(unsigned short *p, int n) | 1538 | icmp_checksum(uint16_t *p, size_t n) |
| 1521 | { | 1539 | { |
| 1522 | unsigned short cksum; | 1540 | unsigned short cksum; |
| 1523 | long sum = 0; | 1541 | long sum = 0; |
| 1524 | 1542 | ||
| 1525 | while(n > 2) { | 1543 | /* sizeof(uint16_t) == 2 */ |
| 1526 | sum += *p++; | 1544 | while(n >= 2) { |
| 1527 | n -= sizeof(unsigned short); | 1545 | sum += *(p++); |
| 1546 | n -= 2; | ||
| 1528 | } | 1547 | } |
| 1529 | 1548 | ||
| 1530 | /* mop up the occasional odd byte */ | 1549 | /* mop up the occasional odd byte */ |
| 1531 | if(n == 1) sum += (unsigned char)*p; | 1550 | if(n == 1) sum += *((uint8_t *)p -1); |
| 1532 | 1551 | ||
| 1533 | sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */ | 1552 | sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */ |
| 1534 | sum += (sum >> 16); /* add carry */ | 1553 | sum += (sum >> 16); /* add carry */ |