diff options
author | Lorenz Kästle <12514511+RincewindsHat@users.noreply.github.com> | 2024-10-31 15:27:01 +0100 |
---|---|---|
committer | Lorenz Kästle <12514511+RincewindsHat@users.noreply.github.com> | 2024-10-31 15:27:01 +0100 |
commit | fa15fdcf5dc2d40aba2f8520108e552b73b1df2b (patch) | |
tree | d51d62db024b317091f42d9ee540da7371e9d170 /plugins/popen.c | |
parent | 0fd0421052fed1972ecbdfdabecba5a616eaa109 (diff) | |
parent | 87eb2bef1ee2a6a42793437b2f5d63f41b1e1806 (diff) | |
download | monitoring-plugins-fa15fdc.tar.gz |
Merge branch 'master' into fix/check_ssh-variable-stuff
Diffstat (limited to 'plugins/popen.c')
-rw-r--r-- | plugins/popen.c | 283 |
1 files changed, 135 insertions, 148 deletions
diff --git a/plugins/popen.c b/plugins/popen.c index 54e63bc5..2b9824bc 100644 --- a/plugins/popen.c +++ b/plugins/popen.c | |||
@@ -1,42 +1,42 @@ | |||
1 | /***************************************************************************** | 1 | /***************************************************************************** |
2 | * | 2 | * |
3 | * Monitoring Plugins popen | 3 | * Monitoring Plugins popen |
4 | * | 4 | * |
5 | * License: GPL | 5 | * License: GPL |
6 | * Copyright (c) 2005-2007 Monitoring Plugins Development Team | 6 | * Copyright (c) 2005-2024 Monitoring Plugins Development Team |
7 | * | 7 | * |
8 | * Description: | 8 | * Description: |
9 | * | 9 | * |
10 | * A safe alternative to popen | 10 | * A safe alternative to popen |
11 | * | 11 | * |
12 | * Provides spopen and spclose | 12 | * Provides spopen and spclose |
13 | * | 13 | * |
14 | * FILE * spopen(const char *); | 14 | * FILE * spopen(const char *); |
15 | * int spclose(FILE *); | 15 | * int spclose(FILE *); |
16 | * | 16 | * |
17 | * Code taken with little modification from "Advanced Programming for the Unix | 17 | * Code taken with little modification from "Advanced Programming for the Unix |
18 | * Environment" by W. Richard Stevens | 18 | * Environment" by W. Richard Stevens |
19 | * | 19 | * |
20 | * This is considered safe in that no shell is spawned, and the environment | 20 | * This is considered safe in that no shell is spawned, and the environment |
21 | * and path passed to the exec'd program are essentially empty. (popen create | 21 | * and path passed to the exec'd program are essentially empty. (popen create |
22 | * a shell and passes the environment to it). | 22 | * a shell and passes the environment to it). |
23 | * | 23 | * |
24 | * | 24 | * |
25 | * This program is free software: you can redistribute it and/or modify | 25 | * This program is free software: you can redistribute it and/or modify |
26 | * it under the terms of the GNU General Public License as published by | 26 | * it under the terms of the GNU General Public License as published by |
27 | * the Free Software Foundation, either version 3 of the License, or | 27 | * the Free Software Foundation, either version 3 of the License, or |
28 | * (at your option) any later version. | 28 | * (at your option) any later version. |
29 | * | 29 | * |
30 | * This program is distributed in the hope that it will be useful, | 30 | * This program is distributed in the hope that it will be useful, |
31 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | 31 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
32 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 32 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
33 | * GNU General Public License for more details. | 33 | * GNU General Public License for more details. |
34 | * | 34 | * |
35 | * You should have received a copy of the GNU General Public License | 35 | * You should have received a copy of the GNU General Public License |
36 | * along with this program. If not, see <http://www.gnu.org/licenses/>. | 36 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
37 | * | 37 | * |
38 | * | 38 | * |
39 | *****************************************************************************/ | 39 | *****************************************************************************/ |
40 | 40 | ||
41 | #include "./common.h" | 41 | #include "./common.h" |
42 | #include "./utils.h" | 42 | #include "./utils.h" |
@@ -47,63 +47,52 @@ extern pid_t *childpid; | |||
47 | extern int *child_stderr_array; | 47 | extern int *child_stderr_array; |
48 | extern FILE *child_process; | 48 | extern FILE *child_process; |
49 | 49 | ||
50 | FILE *spopen (const char *); | 50 | FILE *spopen(const char * /*cmdstring*/); |
51 | int spclose (FILE *); | 51 | int spclose(FILE * /*fp*/); |
52 | #ifdef REDHAT_SPOPEN_ERROR | 52 | #ifdef REDHAT_SPOPEN_ERROR |
53 | void popen_sigchld_handler (int); | 53 | void popen_sigchld_handler(int); |
54 | #endif | 54 | #endif |
55 | void popen_timeout_alarm_handler (int); | 55 | void popen_timeout_alarm_handler(int /*signo*/); |
56 | 56 | ||
57 | #include <stdarg.h> /* ANSI C header file */ | 57 | #include <stdarg.h> /* ANSI C header file */ |
58 | #include <fcntl.h> | 58 | #include <fcntl.h> |
59 | 59 | ||
60 | #include <limits.h> | 60 | #include <limits.h> |
61 | #include <sys/resource.h> | 61 | #include <sys/resource.h> |
62 | 62 | ||
63 | #ifdef HAVE_SYS_WAIT_H | 63 | #ifdef HAVE_SYS_WAIT_H |
64 | #include <sys/wait.h> | 64 | # include <sys/wait.h> |
65 | #endif | 65 | #endif |
66 | 66 | ||
67 | #ifndef WEXITSTATUS | 67 | #ifndef WEXITSTATUS |
68 | # define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8) | 68 | # define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8) |
69 | #endif | 69 | #endif |
70 | 70 | ||
71 | #ifndef WIFEXITED | 71 | #ifndef WIFEXITED |
72 | # define WIFEXITED(stat_val) (((stat_val) & 255) == 0) | 72 | # define WIFEXITED(stat_val) (((stat_val)&255) == 0) |
73 | #endif | 73 | #endif |
74 | 74 | ||
75 | /* 4.3BSD Reno <signal.h> doesn't define SIG_ERR */ | 75 | /* 4.3BSD Reno <signal.h> doesn't define SIG_ERR */ |
76 | #if defined(SIG_IGN) && !defined(SIG_ERR) | 76 | #if defined(SIG_IGN) && !defined(SIG_ERR) |
77 | #define SIG_ERR ((Sigfunc *)-1) | 77 | # define SIG_ERR ((Sigfunc *)-1) |
78 | #endif | 78 | #endif |
79 | 79 | ||
80 | 80 | char *pname = NULL; /* caller can set this from argv[0] */ | |
81 | char *pname = NULL; /* caller can set this from argv[0] */ | ||
82 | 81 | ||
83 | #ifdef REDHAT_SPOPEN_ERROR | 82 | #ifdef REDHAT_SPOPEN_ERROR |
84 | static volatile int childtermd = 0; | 83 | static volatile int childtermd = 0; |
85 | #endif | 84 | #endif |
86 | 85 | ||
87 | FILE * | 86 | FILE *spopen(const char *cmdstring) { |
88 | spopen (const char *cmdstring) | 87 | #ifdef RLIMIT_CORE |
89 | { | ||
90 | char *env[2]; | ||
91 | char *cmd = NULL; | ||
92 | char **argv = NULL; | ||
93 | char *str, *tmp; | ||
94 | int argc; | ||
95 | |||
96 | int i = 0, pfd[2], pfderr[2]; | ||
97 | pid_t pid; | ||
98 | |||
99 | #ifdef RLIMIT_CORE | ||
100 | /* do not leave core files */ | 88 | /* do not leave core files */ |
101 | struct rlimit limit; | 89 | struct rlimit limit; |
102 | getrlimit (RLIMIT_CORE, &limit); | 90 | getrlimit(RLIMIT_CORE, &limit); |
103 | limit.rlim_cur = 0; | 91 | limit.rlim_cur = 0; |
104 | setrlimit (RLIMIT_CORE, &limit); | 92 | setrlimit(RLIMIT_CORE, &limit); |
105 | #endif | 93 | #endif |
106 | 94 | ||
95 | char *env[2]; | ||
107 | env[0] = strdup("LC_ALL=C"); | 96 | env[0] = strdup("LC_ALL=C"); |
108 | env[1] = NULL; | 97 | env[1] = NULL; |
109 | 98 | ||
@@ -111,184 +100,182 @@ spopen (const char *cmdstring) | |||
111 | if (cmdstring == NULL) | 100 | if (cmdstring == NULL) |
112 | return (NULL); | 101 | return (NULL); |
113 | 102 | ||
103 | char *cmd = NULL; | ||
114 | /* make copy of command string so strtok() doesn't silently modify it */ | 104 | /* make copy of command string so strtok() doesn't silently modify it */ |
115 | /* (the calling program may want to access it later) */ | 105 | /* (the calling program may want to access it later) */ |
116 | cmd = malloc (strlen (cmdstring) + 1); | 106 | cmd = malloc(strlen(cmdstring) + 1); |
117 | if (cmd == NULL) | 107 | if (cmd == NULL) |
118 | return NULL; | 108 | return NULL; |
119 | strcpy (cmd, cmdstring); | 109 | strcpy(cmd, cmdstring); |
120 | 110 | ||
121 | /* This is not a shell, so we don't handle "???" */ | 111 | /* This is not a shell, so we don't handle "???" */ |
122 | if (strstr (cmdstring, "\"")) | 112 | if (strstr(cmdstring, "\"")) |
123 | return NULL; | 113 | return NULL; |
124 | 114 | ||
125 | /* allow single quotes, but only if non-whitesapce doesn't occur on both sides */ | 115 | /* allow single quotes, but only if non-whitesapce doesn't occur on both sides */ |
126 | if (strstr (cmdstring, " ' ") || strstr (cmdstring, "'''")) | 116 | if (strstr(cmdstring, " ' ") || strstr(cmdstring, "'''")) |
127 | return NULL; | 117 | return NULL; |
128 | 118 | ||
119 | int argc; | ||
120 | char **argv = NULL; | ||
129 | /* there cannot be more args than characters */ | 121 | /* there cannot be more args than characters */ |
130 | argc = strlen (cmdstring) + 1; /* add 1 for NULL termination */ | 122 | argc = strlen(cmdstring) + 1; /* add 1 for NULL termination */ |
131 | argv = malloc (sizeof(char*)*argc); | 123 | argv = malloc(sizeof(char *) * argc); |
132 | 124 | ||
133 | if (argv == NULL) { | 125 | if (argv == NULL) { |
134 | printf ("%s\n", _("Could not malloc argv array in popen()")); | 126 | printf("%s\n", _("Could not malloc argv array in popen()")); |
135 | return NULL; | 127 | return NULL; |
136 | } | 128 | } |
137 | 129 | ||
130 | int i = 0; | ||
131 | char *str; | ||
138 | /* loop to get arguments to command */ | 132 | /* loop to get arguments to command */ |
139 | while (cmd) { | 133 | while (cmd) { |
140 | str = cmd; | 134 | str = cmd; |
141 | str += strspn (str, " \t\r\n"); /* trim any leading whitespace */ | 135 | str += strspn(str, " \t\r\n"); /* trim any leading whitespace */ |
142 | 136 | ||
143 | if (i >= argc - 2) { | 137 | if (i >= argc - 2) { |
144 | printf ("%s\n",_("CRITICAL - You need more args!!!")); | 138 | printf("%s\n", _("CRITICAL - You need more args!!!")); |
145 | return (NULL); | 139 | return (NULL); |
146 | } | 140 | } |
147 | 141 | ||
148 | if (strstr (str, "'") == str) { /* handle SIMPLE quoted strings */ | 142 | if (strstr(str, "'") == str) { /* handle SIMPLE quoted strings */ |
149 | str++; | 143 | str++; |
150 | if (!strstr (str, "'")) | 144 | if (!strstr(str, "'")) |
151 | return NULL; /* balanced? */ | 145 | return NULL; /* balanced? */ |
152 | cmd = 1 + strstr (str, "'"); | 146 | cmd = 1 + strstr(str, "'"); |
153 | str[strcspn (str, "'")] = 0; | 147 | str[strcspn(str, "'")] = 0; |
154 | } | 148 | } else if (strcspn(str, "'") < strcspn(str, " \t\r\n")) { |
155 | else if (strcspn(str,"'") < strcspn (str, " \t\r\n")) { | 149 | /* handle --option='foo bar' strings */ |
156 | /* handle --option='foo bar' strings */ | 150 | char *tmp = str + strcspn(str, "'") + 1; |
157 | tmp = str + strcspn(str, "'") + 1; | 151 | if (!strstr(tmp, "'")) |
158 | if (!strstr (tmp, "'")) | 152 | return NULL; /* balanced? */ |
159 | return NULL; /* balanced? */ | 153 | tmp += strcspn(tmp, "'") + 1; |
160 | tmp += strcspn(tmp,"'") + 1; | ||
161 | *tmp = 0; | 154 | *tmp = 0; |
162 | cmd = tmp + 1; | 155 | cmd = tmp + 1; |
163 | } else { | 156 | } else { |
164 | if (strpbrk (str, " \t\r\n")) { | 157 | if (strpbrk(str, " \t\r\n")) { |
165 | cmd = 1 + strpbrk (str, " \t\r\n"); | 158 | cmd = 1 + strpbrk(str, " \t\r\n"); |
166 | str[strcspn (str, " \t\r\n")] = 0; | 159 | str[strcspn(str, " \t\r\n")] = 0; |
167 | } | 160 | } else { |
168 | else { | ||
169 | cmd = NULL; | 161 | cmd = NULL; |
170 | } | 162 | } |
171 | } | 163 | } |
172 | 164 | ||
173 | if (cmd && strlen (cmd) == strspn (cmd, " \t\r\n")) | 165 | if (cmd && strlen(cmd) == strspn(cmd, " \t\r\n")) |
174 | cmd = NULL; | 166 | cmd = NULL; |
175 | 167 | ||
176 | argv[i++] = str; | 168 | argv[i++] = str; |
177 | |||
178 | } | 169 | } |
179 | argv[i] = NULL; | 170 | argv[i] = NULL; |
180 | 171 | ||
181 | long maxfd = mp_open_max(); | 172 | long maxfd = mp_open_max(); |
182 | 173 | ||
183 | if (childpid == NULL) { /* first time through */ | 174 | if (childpid == NULL) { /* first time through */ |
184 | if ((childpid = calloc ((size_t)maxfd, sizeof (pid_t))) == NULL) | 175 | if ((childpid = calloc((size_t)maxfd, sizeof(pid_t))) == NULL) |
185 | return (NULL); | 176 | return (NULL); |
186 | } | 177 | } |
187 | 178 | ||
188 | if (child_stderr_array == NULL) { /* first time through */ | 179 | if (child_stderr_array == NULL) { /* first time through */ |
189 | if ((child_stderr_array = calloc ((size_t)maxfd, sizeof (int))) == NULL) | 180 | if ((child_stderr_array = calloc((size_t)maxfd, sizeof(int))) == NULL) |
190 | return (NULL); | 181 | return (NULL); |
191 | } | 182 | } |
192 | 183 | ||
193 | if (pipe (pfd) < 0) | 184 | int pfd[2]; |
194 | return (NULL); /* errno set by pipe() */ | 185 | if (pipe(pfd) < 0) |
186 | return (NULL); /* errno set by pipe() */ | ||
195 | 187 | ||
196 | if (pipe (pfderr) < 0) | 188 | int pfderr[2]; |
197 | return (NULL); /* errno set by pipe() */ | 189 | if (pipe(pfderr) < 0) |
190 | return (NULL); /* errno set by pipe() */ | ||
198 | 191 | ||
199 | #ifdef REDHAT_SPOPEN_ERROR | 192 | #ifdef REDHAT_SPOPEN_ERROR |
200 | if (signal (SIGCHLD, popen_sigchld_handler) == SIG_ERR) { | 193 | if (signal(SIGCHLD, popen_sigchld_handler) == SIG_ERR) { |
201 | usage4 (_("Cannot catch SIGCHLD")); | 194 | usage4(_("Cannot catch SIGCHLD")); |
202 | } | 195 | } |
203 | #endif | 196 | #endif |
204 | 197 | ||
205 | if ((pid = fork ()) < 0) | 198 | pid_t pid; |
206 | return (NULL); /* errno set by fork() */ | 199 | if ((pid = fork()) < 0) |
207 | else if (pid == 0) { /* child */ | 200 | return (NULL); /* errno set by fork() */ |
208 | close (pfd[0]); | 201 | |
202 | if (pid == 0) { /* child */ | ||
203 | close(pfd[0]); | ||
209 | if (pfd[1] != STDOUT_FILENO) { | 204 | if (pfd[1] != STDOUT_FILENO) { |
210 | dup2 (pfd[1], STDOUT_FILENO); | 205 | dup2(pfd[1], STDOUT_FILENO); |
211 | close (pfd[1]); | 206 | close(pfd[1]); |
212 | } | 207 | } |
213 | close (pfderr[0]); | 208 | close(pfderr[0]); |
214 | if (pfderr[1] != STDERR_FILENO) { | 209 | if (pfderr[1] != STDERR_FILENO) { |
215 | dup2 (pfderr[1], STDERR_FILENO); | 210 | dup2(pfderr[1], STDERR_FILENO); |
216 | close (pfderr[1]); | 211 | close(pfderr[1]); |
217 | } | 212 | } |
218 | /* close all descriptors in childpid[] */ | 213 | /* close all descriptors in childpid[] */ |
219 | for (i = 0; i < maxfd; i++) | 214 | for (i = 0; i < maxfd; i++) |
220 | if (childpid[i] > 0) | 215 | if (childpid[i] > 0) |
221 | close (i); | 216 | close(i); |
222 | 217 | ||
223 | execve (argv[0], argv, env); | 218 | execve(argv[0], argv, env); |
224 | _exit (0); | 219 | _exit(0); |
225 | } | 220 | } |
226 | 221 | ||
227 | close (pfd[1]); /* parent */ | 222 | close(pfd[1]); /* parent */ |
228 | if ((child_process = fdopen (pfd[0], "r")) == NULL) | 223 | if ((child_process = fdopen(pfd[0], "r")) == NULL) |
229 | return (NULL); | 224 | return (NULL); |
230 | close (pfderr[1]); | 225 | close(pfderr[1]); |
231 | 226 | ||
232 | childpid[fileno (child_process)] = pid; /* remember child pid for this fd */ | 227 | childpid[fileno(child_process)] = pid; /* remember child pid for this fd */ |
233 | child_stderr_array[fileno (child_process)] = pfderr[0]; /* remember STDERR */ | 228 | child_stderr_array[fileno(child_process)] = pfderr[0]; /* remember STDERR */ |
234 | return (child_process); | 229 | return (child_process); |
235 | } | 230 | } |
236 | 231 | ||
237 | int | 232 | int spclose(FILE *fp) { |
238 | spclose (FILE * fp) | ||
239 | { | ||
240 | int fd, status; | ||
241 | pid_t pid; | ||
242 | |||
243 | if (childpid == NULL) | 233 | if (childpid == NULL) |
244 | return (1); /* popen() has never been called */ | 234 | return (1); /* popen() has never been called */ |
245 | 235 | ||
246 | fd = fileno (fp); | 236 | pid_t pid; |
237 | int fd = fileno(fp); | ||
247 | if ((pid = childpid[fd]) == 0) | 238 | if ((pid = childpid[fd]) == 0) |
248 | return (1); /* fp wasn't opened by popen() */ | 239 | return (1); /* fp wasn't opened by popen() */ |
249 | 240 | ||
250 | childpid[fd] = 0; | 241 | childpid[fd] = 0; |
251 | if (fclose (fp) == EOF) | 242 | if (fclose(fp) == EOF) |
252 | return (1); | 243 | return (1); |
253 | 244 | ||
254 | #ifdef REDHAT_SPOPEN_ERROR | 245 | #ifdef REDHAT_SPOPEN_ERROR |
255 | while (!childtermd); /* wait until SIGCHLD */ | 246 | while (!childtermd) |
247 | ; /* wait until SIGCHLD */ | ||
256 | #endif | 248 | #endif |
257 | 249 | ||
258 | while (waitpid (pid, &status, 0) < 0) | 250 | int status; |
251 | while (waitpid(pid, &status, 0) < 0) | ||
259 | if (errno != EINTR) | 252 | if (errno != EINTR) |
260 | return (1); /* error other than EINTR from waitpid() */ | 253 | return (1); /* error other than EINTR from waitpid() */ |
261 | 254 | ||
262 | if (WIFEXITED (status)) | 255 | if (WIFEXITED(status)) |
263 | return (WEXITSTATUS (status)); /* return child's termination status */ | 256 | return (WEXITSTATUS(status)); /* return child's termination status */ |
264 | 257 | ||
265 | return (1); | 258 | return (1); |
266 | } | 259 | } |
267 | 260 | ||
268 | #ifdef REDHAT_SPOPEN_ERROR | 261 | #ifdef REDHAT_SPOPEN_ERROR |
269 | void | 262 | void popen_sigchld_handler(int signo) { |
270 | popen_sigchld_handler (int signo) | ||
271 | { | ||
272 | if (signo == SIGCHLD) | 263 | if (signo == SIGCHLD) |
273 | childtermd = 1; | 264 | childtermd = 1; |
274 | } | 265 | } |
275 | #endif | 266 | #endif |
276 | 267 | ||
277 | void | 268 | void popen_timeout_alarm_handler(int signo) { |
278 | popen_timeout_alarm_handler (int signo) | ||
279 | { | ||
280 | int fh; | ||
281 | if (signo == SIGALRM) { | 269 | if (signo == SIGALRM) { |
282 | if (child_process != NULL) { | 270 | if (child_process != NULL) { |
283 | fh=fileno (child_process); | 271 | int fh = fileno(child_process); |
284 | if(fh >= 0){ | 272 | if (fh >= 0) { |
285 | kill (childpid[fh], SIGKILL); | 273 | kill(childpid[fh], SIGKILL); |
286 | } | 274 | } |
287 | printf (_("CRITICAL - Plugin timed out after %d seconds\n"), | 275 | printf(_("CRITICAL - Plugin timed out after %d seconds\n"), timeout_interval); |
288 | timeout_interval); | ||
289 | } else { | 276 | } else { |
290 | printf ("%s\n", _("CRITICAL - popen timeout received, but no child process")); | 277 | printf("%s\n", _("CRITICAL - popen timeout received, but no child process")); |
291 | } | 278 | } |
292 | exit (STATE_CRITICAL); | 279 | exit(STATE_CRITICAL); |
293 | } | 280 | } |
294 | } | 281 | } |