diff options
author | Holger Weiss <holger@zedat.fu-berlin.de> | 2010-04-11 10:54:44 +0200 |
---|---|---|
committer | Holger Weiss <holger@zedat.fu-berlin.de> | 2010-04-11 10:54:44 +0200 |
commit | 614e9dec5e3f4059c8eb5e4ea11bf92e66c3c76f (patch) | |
tree | fa00fc25d49101ab071f252aecdfdc0411b43149 /plugins-scripts | |
parent | de7191e3424e02ba278a39b86e8b1906a25d0362 (diff) | |
download | monitoring-plugins-614e9dec5e3f4059c8eb5e4ea11bf92e66c3c76f.tar.gz |
Fix Debian bug #478942: Fragile argument passing
Fix some problems regarding the way check_disk_smb passes command line
arguments to smbclient(1).
| It runs:
|
| $res = qx/$smbclient "\/\/$host\/$share" $pass -W $workgroup \
| -U $user $smbclientoptions -I $address -c ls/;
|
| [...]
|
| The documentation says that if the password is not passed, it
| defaults to "". That is not true above, as $pass expands to
| nothing which leaves no argument at all (instead of an empty
| argument) so is different from providing with an empty password
| or with the -N option.
|
| Also, if the password starts with "-", you're in trouble, that's
| why -U $user%$pass may be prefered.
|
| Also, the doc says that if $user is not provided, then it
| defaults to "guest" but the problem is that if it is provided
| but empty, it is changed to "guest" as well, which prevents us
| from querying hosts that don't do user authentication.
[ http://bugs.debian.org/478942 ]
(Fixed by Stephane Chazelas, forwarded by Jan Wagner.)
Diffstat (limited to 'plugins-scripts')
-rwxr-xr-x | plugins-scripts/check_disk_smb.pl | 61 |
1 files changed, 36 insertions, 25 deletions
diff --git a/plugins-scripts/check_disk_smb.pl b/plugins-scripts/check_disk_smb.pl index ca593d46..7c81fc26 100755 --- a/plugins-scripts/check_disk_smb.pl +++ b/plugins-scripts/check_disk_smb.pl | |||
@@ -58,9 +58,7 @@ if ($opt_V) { | |||
58 | 58 | ||
59 | if ($opt_h) {print_help(); exit $ERRORS{'OK'};} | 59 | if ($opt_h) {print_help(); exit $ERRORS{'OK'};} |
60 | 60 | ||
61 | my $smbclient= "$utils::PATH_TO_SMBCLIENT " ; | 61 | my $smbclient = $utils::PATH_TO_SMBCLIENT; |
62 | my $smbclientoptions= $opt_P ? "-p $opt_P " : ""; | ||
63 | |||
64 | 62 | ||
65 | # Options checking | 63 | # Options checking |
66 | 64 | ||
@@ -72,13 +70,12 @@ my $host = $1 if ($opt_H =~ /^([-_.A-Za-z0-9 ]+\$?)$/); | |||
72 | my $share = $1 if ($opt_s =~ /^([-_.A-Za-z0-9]+\$?)$/); | 70 | my $share = $1 if ($opt_s =~ /^([-_.A-Za-z0-9]+\$?)$/); |
73 | ($share) || usage("Invalid share: $opt_s\n"); | 71 | ($share) || usage("Invalid share: $opt_s\n"); |
74 | 72 | ||
75 | ($opt_u) || ($opt_u = shift @ARGV) || ($opt_u = "guest"); | 73 | defined($opt_u) || ($opt_u = shift @ARGV) || ($opt_u = "guest"); |
76 | my $user = $1 if ($opt_u =~ /^([-_.A-Za-z0-9\\]+)$/); | 74 | my $user = $1 if ($opt_u =~ /^([-_.A-Za-z0-9\\]*)$/); |
77 | ($user) || usage("Invalid user: $opt_u\n"); | 75 | defined($user) || usage("Invalid user: $opt_u\n"); |
78 | 76 | ||
79 | ($opt_p) || ($opt_p = shift @ARGV) || ($opt_p = ""); | 77 | defined($opt_p) || ($opt_p = shift @ARGV) || ($opt_p = ""); |
80 | my $pass = $1 if ($opt_p =~ /(.*)/); | 78 | my $pass = $1 if ($opt_p =~ /(.*)/); |
81 | $pass = "-N" if ($opt_p eq ""); | ||
82 | 79 | ||
83 | ($opt_w) || ($opt_w = shift @ARGV) || ($opt_w = 85); | 80 | ($opt_w) || ($opt_w = shift @ARGV) || ($opt_w = 85); |
84 | my $warn = $1 if ($opt_w =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/); | 81 | my $warn = $1 if ($opt_w =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/); |
@@ -88,6 +85,24 @@ my $warn = $1 if ($opt_w =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/); | |||
88 | my $crit = $1 if ($opt_c =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/); | 85 | my $crit = $1 if ($opt_c =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/); |
89 | ($crit) || usage("Invalid critical threshold: $opt_c\n"); | 86 | ($crit) || usage("Invalid critical threshold: $opt_c\n"); |
90 | 87 | ||
88 | # Execute the given command line and return anything it writes to STDOUT and/or | ||
89 | # STDERR. (This might be useful for other plugins, too, so it should possibly | ||
90 | # be moved to utils.pm.) | ||
91 | sub output_and_error_of { | ||
92 | local *CMD; | ||
93 | local $/ = undef; | ||
94 | my $pid = open CMD, "-|"; | ||
95 | if (defined($pid)) { | ||
96 | if ($pid) { | ||
97 | return <CMD>; | ||
98 | } else { | ||
99 | open STDERR, ">&STDOUT" and exec @_; | ||
100 | exit(1); | ||
101 | } | ||
102 | } | ||
103 | return undef; | ||
104 | } | ||
105 | |||
91 | # split the type from the unit value | 106 | # split the type from the unit value |
92 | #Check $warn and $crit for type (%/M/G) and set up for tests | 107 | #Check $warn and $crit for type (%/M/G) and set up for tests |
93 | #P = Percent, K = KBytes | 108 | #P = Percent, K = KBytes |
@@ -162,23 +177,19 @@ alarm($TIMEOUT); | |||
162 | 177 | ||
163 | # Execute an "ls" on the share using smbclient program | 178 | # Execute an "ls" on the share using smbclient program |
164 | # get the results into $res | 179 | # get the results into $res |
165 | if (defined($workgroup)) { | 180 | my @cmd = ( |
166 | if (defined($address)) { | 181 | $smbclient, |
167 | print "$smbclient " . "\/\/$host\/$share" ." $pass -W $workgroup -U $user $smbclientoptions -I $address -c ls\n" if ($verbose); | 182 | "//$host/$share", |
168 | $res = qx/$smbclient "\/\/$host\/$share" $pass -W $workgroup -U $user $smbclientoptions -I $address -c ls/; | 183 | "-U", "$user%$pass", |
169 | } else { | 184 | defined($workgroup) ? ("-W", $workgroup) : (), |
170 | print "$smbclient " . "\/\/$host\/$share" ." $pass -W $workgroup -U $user $smbclientoptions -c ls\n" if ($verbose); | 185 | defined($address) ? ("-I", $address) : (), |
171 | $res = qx/$smbclient "\/\/$host\/$share" $pass -W $workgroup -U $user $smbclientoptions -c ls/; | 186 | defined($opt_P) ? ("-p", $opt_P) : (), |
172 | } | 187 | "-c", "ls" |
173 | } else { | 188 | ); |
174 | if (defined($address)) { | 189 | |
175 | print "$smbclient " . "\/\/$host\/$share" ." $pass -U $user $smbclientoptions -I $address -c ls\n" if ($verbose); | 190 | print join(" ", @cmd) . "\n" if ($verbose); |
176 | $res = qx/$smbclient "\/\/$host\/$share" $pass -U $user $smbclientoptions -I $address -c ls/; | 191 | $res = output_and_error_of(@cmd) or exit $ERRORS{"UNKNOWN"}; |
177 | } else { | 192 | |
178 | print "$smbclient " . "\/\/$host\/$share" ." $pass -U $user $smbclientoptions -c ls\n" if ($verbose); | ||
179 | $res = qx/$smbclient "\/\/$host\/$share" $pass -U $user $smbclientoptions -c ls/; | ||
180 | } | ||
181 | } | ||
182 | #Turn off alarm | 193 | #Turn off alarm |
183 | alarm(0); | 194 | alarm(0); |
184 | 195 | ||