summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHolger Weiss <holger@zedat.fu-berlin.de>2014-12-02 10:54:55 +0100
committerHolger Weiss <holger@zedat.fu-berlin.de>2014-12-02 10:54:55 +0100
commitff542df44c26170afbe63a1da712264c91114e0c (patch)
tree81dd62e8885f3b3aba0824efe38abc0ffef1b7cb
parentaa1844e49b33eaf057778c828afecb095b1a2226 (diff)
parent063bc4e71d168e59437068fc386c9c3e9e25f4c6 (diff)
downloadmonitoring-plugins-ff542df.tar.gz
Merge branch 'maint'
* maint: NEWS: Modify list of changes for 2.1.1 release Prepare release THANKS.in: Add new authors NEWS: Updating all the fixes check_tcp: fix help description regarding escape option check_ntp: Nul-terminate jitter data Revert "plugins/check_ntp.c - Verify struct from response" check_real: fix null termination check_ntp: fix null termination check_apt: fix memset Conflicts: NEWS
-rw-r--r--NEWS8
-rwxr-xr-xNP-VERSION-GEN2
-rw-r--r--THANKS.in1
-rw-r--r--configure.ac2
-rw-r--r--plugins/check_apt.c2
-rw-r--r--plugins/check_ntp.c25
-rw-r--r--plugins/check_real.c2
-rw-r--r--plugins/check_tcp.c2
8 files changed, 27 insertions, 17 deletions
diff --git a/NEWS b/NEWS
index 572d615d..70ee6591 100644
--- a/NEWS
+++ b/NEWS
@@ -17,6 +17,14 @@ This file documents the major additions and syntax changes between releases.
17 changed to comply with the development guidelines 17 changed to comply with the development guidelines
18 check_ssh not returns CRITICAL for protocal/version errors 18 check_ssh not returns CRITICAL for protocal/version errors
19 19
202.1.1 2nd December 2014
21 FIXES
22 Fix check_ntp's jitter checking
23 Fix check_ntp's handling of invalid server responses
24 Fix check_apt's handling of invalid regular expressions
25 Fix check_real's server response processing
26 Fix backslash escaping in check_tcp's --help output
27
202.1 15th October 2014 282.1 15th October 2014
21 ENHANCEMENTS 29 ENHANCEMENTS
22 New check_hpjd -p option for port specification (abrist) 30 New check_hpjd -p option for port specification (abrist)
diff --git a/NP-VERSION-GEN b/NP-VERSION-GEN
index 1878eb9c..12efad72 100755
--- a/NP-VERSION-GEN
+++ b/NP-VERSION-GEN
@@ -6,7 +6,7 @@
6SRC_ROOT=`dirname $0` 6SRC_ROOT=`dirname $0`
7 7
8NPVF=NP-VERSION-FILE 8NPVF=NP-VERSION-FILE
9DEF_VER=2.1.git 9DEF_VER=2.1.1.git
10 10
11LF=' 11LF='
12' 12'
diff --git a/THANKS.in b/THANKS.in
index eefe583c..6c9e1fe4 100644
--- a/THANKS.in
+++ b/THANKS.in
@@ -333,3 +333,4 @@ Frederic Krueger
333Simon Meggle 333Simon Meggle
334Jonas Genannt 334Jonas Genannt
335Nick Peelman 335Nick Peelman
336Sebastian Herbszt
diff --git a/configure.ac b/configure.ac
index 59875e5a..a6c9e79a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,6 +1,6 @@
1dnl Process this file with autoconf to produce a configure script. 1dnl Process this file with autoconf to produce a configure script.
2AC_PREREQ(2.59) 2AC_PREREQ(2.59)
3AC_INIT(monitoring-plugins,2.1) 3AC_INIT(monitoring-plugins,2.1.1)
4AC_CONFIG_SRCDIR(NPTest.pm) 4AC_CONFIG_SRCDIR(NPTest.pm)
5AC_CONFIG_FILES([gl/Makefile]) 5AC_CONFIG_FILES([gl/Makefile])
6AC_CONFIG_AUX_DIR(build-aux) 6AC_CONFIG_AUX_DIR(build-aux)
diff --git a/plugins/check_apt.c b/plugins/check_apt.c
index 07622c2f..8747f904 100644
--- a/plugins/check_apt.c
+++ b/plugins/check_apt.c
@@ -224,7 +224,7 @@ int run_upgrade(int *pkgcount, int *secpkgcount){
224 char *cmdline=NULL, rerrbuf[64]; 224 char *cmdline=NULL, rerrbuf[64];
225 225
226 /* initialize ereg as it is possible it is printed while uninitialized */ 226 /* initialize ereg as it is possible it is printed while uninitialized */
227 memset(&ereg, "\0", sizeof(ereg.buffer)); 227 memset(&ereg, '\0', sizeof(ereg.buffer));
228 228
229 if(upgrade==NO_UPGRADE) return STATE_OK; 229 if(upgrade==NO_UPGRADE) return STATE_OK;
230 230
diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c
index 09a923eb..a7d278de 100644
--- a/plugins/check_ntp.c
+++ b/plugins/check_ntp.c
@@ -517,14 +517,13 @@ setup_control_request(ntp_control_message *p, uint8_t opcode, uint16_t seq){
517double jitter_request(const char *host, int *status){ 517double jitter_request(const char *host, int *status){
518 int conn=-1, i, npeers=0, num_candidates=0, syncsource_found=0; 518 int conn=-1, i, npeers=0, num_candidates=0, syncsource_found=0;
519 int run=0, min_peer_sel=PEER_INCLUDED, num_selected=0, num_valid=0; 519 int run=0, min_peer_sel=PEER_INCLUDED, num_selected=0, num_valid=0;
520 int peers_size=0, peer_offset=0, bytes_read=0; 520 int peers_size=0, peer_offset=0;
521 ntp_assoc_status_pair *peers=NULL; 521 ntp_assoc_status_pair *peers=NULL;
522 ntp_control_message req; 522 ntp_control_message req;
523 const char *getvar = "jitter"; 523 const char *getvar = "jitter";
524 double rval = 0.0, jitter = -1.0; 524 double rval = 0.0, jitter = -1.0;
525 char *startofvalue=NULL, *nptr=NULL; 525 char *startofvalue=NULL, *nptr=NULL;
526 void *tmp; 526 void *tmp;
527 int ntp_cm_ints = sizeof(uint16_t) * 5 + sizeof(uint8_t) * 2;
528 527
529 /* Long-winded explanation: 528 /* Long-winded explanation:
530 * Getting the jitter requires a number of steps: 529 * Getting the jitter requires a number of steps:
@@ -591,6 +590,9 @@ double jitter_request(const char *host, int *status){
591 for (i = 0; i < npeers; i++){ 590 for (i = 0; i < npeers; i++){
592 /* Only query this server if it is the current sync source */ 591 /* Only query this server if it is the current sync source */
593 if (PEER_SEL(peers[i].status) >= min_peer_sel){ 592 if (PEER_SEL(peers[i].status) >= min_peer_sel){
593 char jitter_data[MAX_CM_SIZE+1];
594 size_t jitter_data_count;
595
594 num_selected++; 596 num_selected++;
595 setup_control_request(&req, OP_READVAR, 2); 597 setup_control_request(&req, OP_READVAR, 2);
596 req.assoc = peers[i].assoc; 598 req.assoc = peers[i].assoc;
@@ -609,15 +611,7 @@ double jitter_request(const char *host, int *status){
609 611
610 req.count = htons(MAX_CM_SIZE); 612 req.count = htons(MAX_CM_SIZE);
611 DBG(printf("recieving READVAR response...\n")); 613 DBG(printf("recieving READVAR response...\n"));
612 614 read(conn, &req, SIZEOF_NTPCM(req));
613 /* cov-66524 - req.data not null terminated before usage. Also covers verifying struct was returned correctly*/
614 if ((bytes_read = read(conn, &req, SIZEOF_NTPCM(req))) == -1)
615 die(STATE_UNKNOWN, _("Cannot read from socket: %s"), strerror(errno));
616 if (bytes_read != ntp_cm_ints + req.count)
617 die(STATE_UNKNOWN, _("Invalid NTP response: %d bytes read does not equal %d plus %d data segment"), bytes_read, ntp_cm_ints, req.count);
618 /* else null terminate */
619 strncpy(req.data[req.count], "\0", 1);
620
621 DBG(print_ntp_control_message(&req)); 615 DBG(print_ntp_control_message(&req));
622 616
623 if(req.op&REM_ERROR && strstr(getvar, "jitter")) { 617 if(req.op&REM_ERROR && strstr(getvar, "jitter")) {
@@ -632,7 +626,14 @@ double jitter_request(const char *host, int *status){
632 if(verbose) { 626 if(verbose) {
633 printf("parsing jitter from peer %.2x: ", ntohs(peers[i].assoc)); 627 printf("parsing jitter from peer %.2x: ", ntohs(peers[i].assoc));
634 } 628 }
635 startofvalue = strchr(req.data, '='); 629 if((jitter_data_count = ntohs(req.count)) >= sizeof(jitter_data)){
630 die(STATE_UNKNOWN,
631 _("jitter response too large (%lu bytes)\n"),
632 (unsigned long)jitter_data_count);
633 }
634 memcpy(jitter_data, req.data, jitter_data_count);
635 jitter_data[jitter_data_count] = '\0';
636 startofvalue = strchr(jitter_data, '=');
636 if(startofvalue != NULL) { 637 if(startofvalue != NULL) {
637 startofvalue++; 638 startofvalue++;
638 jitter = strtod(startofvalue, &nptr); 639 jitter = strtod(startofvalue, &nptr);
diff --git a/plugins/check_real.c b/plugins/check_real.c
index e7ab9d04..00bd4d20 100644
--- a/plugins/check_real.c
+++ b/plugins/check_real.c
@@ -178,7 +178,7 @@ main (int argc, char **argv)
178 178
179 /* watch for the REAL connection string */ 179 /* watch for the REAL connection string */
180 result = recv (sd, buffer, MAX_INPUT_BUFFER - 1, 0); 180 result = recv (sd, buffer, MAX_INPUT_BUFFER - 1, 0);
181 buffer[result] = "\0"; /* null terminate recieved buffer */ 181 buffer[result] = '\0'; /* null terminate recieved buffer */
182 182
183 /* return a CRITICAL status if we couldn't read any data */ 183 /* return a CRITICAL status if we couldn't read any data */
184 if (result == -1) { 184 if (result == -1) {
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c
index fc0adba0..63f9fd9c 100644
--- a/plugins/check_tcp.c
+++ b/plugins/check_tcp.c
@@ -643,7 +643,7 @@ print_help (void)
643 printf (UT_IPv46); 643 printf (UT_IPv46);
644 644
645 printf (" %s\n", "-E, --escape"); 645 printf (" %s\n", "-E, --escape");
646 printf (" %s\n", _("Can use \\n, \\r, \\t or \\ in send or quit string. Must come before send or quit option")); 646 printf (" %s\n", _("Can use \\n, \\r, \\t or \\\\ in send or quit string. Must come before send or quit option"));
647 printf (" %s\n", _("Default: nothing added to send, \\r\\n added to end of quit")); 647 printf (" %s\n", _("Default: nothing added to send, \\r\\n added to end of quit"));
648 printf (" %s\n", "-s, --send=STRING"); 648 printf (" %s\n", "-s, --send=STRING");
649 printf (" %s\n", _("String to send to the server")); 649 printf (" %s\n", _("String to send to the server"));