summaryrefslogtreecommitdiffstats
path: root/plugins/check_apt.c
diff options
context:
space:
mode:
authorAlex Bradley <a.bradley@alumni.cs.ubc.ca>2012-10-02 23:22:54 -0700
committerAlex Bradley <a.bradley@alumni.cs.ubc.ca>2012-10-02 23:22:54 -0700
commit7918f5868c08909050aa083eeb819d110f2d160d (patch)
treea6c62fb81ddbd1ebfb2b983b9ffaebf0792c3c33 /plugins/check_apt.c
parent05c4c9bfc649ba8f66e470667824200c2cda5314 (diff)
downloadmonitoring-plugins-7918f5868c08909050aa083eeb819d110f2d160d.tar.gz
Don't prepend "^Inst" or append a space to the "include", "exclude", or
"critical" regular expressions. Instead, check for lines beginning with "Inst" using strncmp and apply the regular expressions only when such lines are found. Fixes Debian bug #522812, along the lines suggested by the bug submitter, Justin T Pryzby.
Diffstat (limited to 'plugins/check_apt.c')
-rw-r--r--plugins/check_apt.c35
1 files changed, 18 insertions, 17 deletions
diff --git a/plugins/check_apt.c b/plugins/check_apt.c
index 7efa596b..26499aef 100644
--- a/plugins/check_apt.c
+++ b/plugins/check_apt.c
@@ -49,6 +49,8 @@ typedef enum { UPGRADE, DIST_UPGRADE, NO_UPGRADE } upgrade_type;
49#ifndef PATH_TO_APTGET 49#ifndef PATH_TO_APTGET
50# define PATH_TO_APTGET "/usr/bin/apt-get" 50# define PATH_TO_APTGET "/usr/bin/apt-get"
51#endif /* PATH_TO_APTGET */ 51#endif /* PATH_TO_APTGET */
52/* String found at the beginning of the apt output lines we're interested in */
53#define PKGINST_PREFIX "Inst "
52/* the RE that catches security updates */ 54/* the RE that catches security updates */
53#define SECURITY_RE "^[^\\(]*\\([^ ]* (Debian-Security:|Ubuntu:[^/]*/[^-]*-security)" 55#define SECURITY_RE "^[^\\(]*\\([^ ]* (Debian-Security:|Ubuntu:[^/]*/[^-]*-security)"
54 56
@@ -211,22 +213,18 @@ int run_upgrade(int *pkgcount, int *secpkgcount){
211 struct output chld_out, chld_err; 213 struct output chld_out, chld_err;
212 regex_t ireg, ereg, sreg; 214 regex_t ireg, ereg, sreg;
213 char *cmdline=NULL, rerrbuf[64]; 215 char *cmdline=NULL, rerrbuf[64];
214 const char *include_ptr=NULL, *crit_ptr=NULL;
215 216
216 if(upgrade==NO_UPGRADE) return STATE_OK; 217 if(upgrade==NO_UPGRADE) return STATE_OK;
217 218
218 /* compile the regexps */ 219 /* compile the regexps */
219 if(do_include!=NULL) include_ptr=do_include; 220 if (do_include != NULL) {
220 else include_ptr="^Inst"; 221 regres=regcomp(&ireg, do_include, REG_EXTENDED);
221 if(do_critical!=NULL) crit_ptr=do_critical; 222 if (regres!=0) {
222 else crit_ptr=SECURITY_RE; 223 regerror(regres, &ireg, rerrbuf, 64);
223 224 die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), progname, rerrbuf);
224 regres=regcomp(&ireg, include_ptr, REG_EXTENDED); 225 }
225 if(regres!=0) {
226 regerror(regres, &ireg, rerrbuf, 64);
227 die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), progname, rerrbuf);
228 } 226 }
229 227
230 if(do_exclude!=NULL){ 228 if(do_exclude!=NULL){
231 regres=regcomp(&ereg, do_exclude, REG_EXTENDED); 229 regres=regcomp(&ereg, do_exclude, REG_EXTENDED);
232 if(regres!=0) { 230 if(regres!=0) {
@@ -235,6 +233,8 @@ int run_upgrade(int *pkgcount, int *secpkgcount){
235 progname, rerrbuf); 233 progname, rerrbuf);
236 } 234 }
237 } 235 }
236
237 const char *crit_ptr = (do_critical != NULL) ? do_critical : SECURITY_RE;
238 regres=regcomp(&sreg, crit_ptr, REG_EXTENDED); 238 regres=regcomp(&sreg, crit_ptr, REG_EXTENDED);
239 if(regres!=0) { 239 if(regres!=0) {
240 regerror(regres, &ereg, rerrbuf, 64); 240 regerror(regres, &ereg, rerrbuf, 64);
@@ -269,7 +269,8 @@ int run_upgrade(int *pkgcount, int *secpkgcount){
269 printf("%s\n", chld_out.line[i]); 269 printf("%s\n", chld_out.line[i]);
270 } 270 }
271 /* if it is a package we care about */ 271 /* if it is a package we care about */
272 if(regexec(&ireg, chld_out.line[i], 0, NULL, 0)==0){ 272 if (strncmp(PKGINST_PREFIX, chld_out.line[i], strlen(PKGINST_PREFIX)) == 0 &&
273 (do_include == NULL || regexec(&ireg, chld_out.line[i], 0, NULL, 0) == 0)) {
273 /* if we're not excluding, or it's not in the 274 /* if we're not excluding, or it's not in the
274 * list of stuff to exclude */ 275 * list of stuff to exclude */
275 if(do_exclude==NULL || 276 if(do_exclude==NULL ||
@@ -298,7 +299,7 @@ int run_upgrade(int *pkgcount, int *secpkgcount){
298 } 299 }
299 } 300 }
300 } 301 }
301 regfree(&ireg); 302 if (do_include != NULL) regfree(&ireg);
302 regfree(&sreg); 303 regfree(&sreg);
303 if(do_exclude!=NULL) regfree(&ereg); 304 if(do_exclude!=NULL) regfree(&ereg);
304 free(cmdline); 305 free(cmdline);
@@ -348,15 +349,15 @@ char* add_to_regexp(char *expr, const char *next){
348 char *re=NULL; 349 char *re=NULL;
349 350
350 if(expr==NULL){ 351 if(expr==NULL){
351 re=malloc(sizeof(char)*(strlen("^Inst () ")+strlen(next)+1)); 352 re=malloc(sizeof(char)*(strlen("()")+strlen(next)+1));
352 if(!re) die(STATE_UNKNOWN, "malloc failed!\n"); 353 if(!re) die(STATE_UNKNOWN, "malloc failed!\n");
353 sprintf(re, "^Inst (%s) ", next); 354 sprintf(re, "(%s)", next);
354 } else { 355 } else {
355 /* resize it, adding an extra char for the new '|' separator */ 356 /* resize it, adding an extra char for the new '|' separator */
356 re=realloc(expr, sizeof(char)*strlen(expr)+1+strlen(next)+1); 357 re=realloc(expr, sizeof(char)*(strlen(expr)+1+strlen(next)+1));
357 if(!re) die(STATE_UNKNOWN, "realloc failed!\n"); 358 if(!re) die(STATE_UNKNOWN, "realloc failed!\n");
358 /* append it starting at ')' in the old re */ 359 /* append it starting at ')' in the old re */
359 sprintf((char*)(re+strlen(re)-2), "|%s) ", next); 360 sprintf((char*)(re+strlen(re)-1), "|%s)", next);
360 } 361 }
361 362
362 return re; 363 return re;