diff options
author | Karl DeBisschop <kdebisschop@users.sourceforge.net> | 2003-01-28 07:15:54 (GMT) |
---|---|---|
committer | Karl DeBisschop <kdebisschop@users.sourceforge.net> | 2003-01-28 07:15:54 (GMT) |
commit | 9452b46d955a3e99837214c77ad48dae4a7bf7cd (patch) | |
tree | 2af371b9f32448cf4e96b11cc2bd22805454914e /plugins | |
parent | b2a2d26d13a130bd0302c941c78b2e0e7c480eda (diff) | |
download | monitoring-plugins-9452b46d955a3e99837214c77ad48dae4a7bf7cd.tar.gz |
remove NULL string inits that can lead to segfaults
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@256 f882894a-f735-0410-b71e-b25c423dba1c
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/check_http.c | 71 |
1 files changed, 33 insertions, 38 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c index be18ce7..506a1ec 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c | |||
@@ -189,16 +189,17 @@ struct timeval tv; | |||
189 | #define HTTPS_PORT 443 | 189 | #define HTTPS_PORT 443 |
190 | #define HTTP_EXPECT "HTTP/1." | 190 | #define HTTP_EXPECT "HTTP/1." |
191 | #define HTTP_URL "/" | 191 | #define HTTP_URL "/" |
192 | #define CRLF "\r\n" | ||
192 | 193 | ||
193 | char timestamp[17] = ""; | 194 | char timestamp[17] = ""; |
194 | int specify_port = FALSE; | 195 | int specify_port = FALSE; |
195 | int server_port = HTTP_PORT; | 196 | int server_port = HTTP_PORT; |
196 | char server_port_text[6] = ""; | 197 | char server_port_text[6] = ""; |
197 | char server_type[6] = "http"; | 198 | char server_type[6] = "http"; |
198 | /*@null@*/ char *server_address = NULL; | 199 | char *server_address = ""; |
199 | char *host_name = ""; | 200 | char *host_name = ""; |
200 | /*@null@*/ char *server_url = NULL; | 201 | char *server_url = HTTP_URL; |
201 | int server_url_length = 0; | 202 | int server_url_length = 1; |
202 | int server_expect_yn = 0; | 203 | int server_expect_yn = 0; |
203 | char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT; | 204 | char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT; |
204 | char string_expect[MAX_INPUT_BUFFER] = ""; | 205 | char string_expect[MAX_INPUT_BUFFER] = ""; |
@@ -212,8 +213,8 @@ int onredirect = STATE_OK; | |||
212 | int use_ssl = FALSE; | 213 | int use_ssl = FALSE; |
213 | int verbose = FALSE; | 214 | int verbose = FALSE; |
214 | int sd; | 215 | int sd; |
215 | /*@null@*/ char *http_method = NULL; | 216 | char *http_method = "GET"; |
216 | /*@null@*/ char *http_post_data = NULL; | 217 | char *http_post_data = ""; |
217 | char buffer[MAX_INPUT_BUFFER]; | 218 | char buffer[MAX_INPUT_BUFFER]; |
218 | 219 | ||
219 | void print_usage (void); | 220 | void print_usage (void); |
@@ -404,11 +405,11 @@ process_arguments (int argc, char **argv) | |||
404 | asprintf (&host_name, "%s", optarg); | 405 | asprintf (&host_name, "%s", optarg); |
405 | break; | 406 | break; |
406 | case 'I': /* Server IP-address */ | 407 | case 'I': /* Server IP-address */ |
407 | server_address = strscpy (server_address, optarg); | 408 | asprintf (&server_address, "%s", optarg); |
408 | break; | 409 | break; |
409 | case 'u': /* Host or server */ | 410 | case 'u': /* Host or server */ |
410 | server_url = strscpy (server_url, optarg); | 411 | asprintf (&server_url, "%s", optarg); |
411 | server_url_length = strlen (optarg); | 412 | server_url_length = strlen (server_url); |
412 | break; | 413 | break; |
413 | case 'p': /* Host or server */ | 414 | case 'p': /* Host or server */ |
414 | if (!is_intnonneg (optarg)) | 415 | if (!is_intnonneg (optarg)) |
@@ -421,8 +422,8 @@ process_arguments (int argc, char **argv) | |||
421 | user_auth[MAX_INPUT_BUFFER - 1] = 0; | 422 | user_auth[MAX_INPUT_BUFFER - 1] = 0; |
422 | break; | 423 | break; |
423 | case 'P': /* HTTP POST data in URL encoded format */ | 424 | case 'P': /* HTTP POST data in URL encoded format */ |
424 | http_method = strscpy (http_method, "POST"); | 425 | asprintf (&http_method, "%s", "POST"); |
425 | http_post_data = strscpy (http_post_data, optarg); | 426 | asprintf (&http_post_data, "%s", optarg); |
426 | break; | 427 | break; |
427 | case 's': /* string or substring */ | 428 | case 's': /* string or substring */ |
428 | strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1); | 429 | strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1); |
@@ -464,27 +465,17 @@ process_arguments (int argc, char **argv) | |||
464 | 465 | ||
465 | c = optind; | 466 | c = optind; |
466 | 467 | ||
467 | if (server_address == NULL) { | 468 | if (strcmp (server_address, "") == 0 && c < argc) |
468 | if (c < argc) { | 469 | asprintf (&server_address, "%s", argv[c++]); |
469 | server_address = strscpy (NULL, argv[c++]); | ||
470 | } | ||
471 | else if (strcmp (host_name ,"") == 0) { | ||
472 | usage ("check_http: you must specify a server address\n"); | ||
473 | } | ||
474 | } | ||
475 | 470 | ||
476 | if (strcmp (host_name ,"") == 0 && c < argc) | 471 | if (strcmp (host_name, "") == 0 && c < argc) |
477 | asprintf (&host_name, "%s", argv[c++]); | 472 | asprintf (&host_name, "%s", argv[c++]); |
478 | 473 | ||
479 | if (server_address == NULL) | 474 | if (strcmp (server_address ,"") == 0) { |
480 | server_address = strscpy (NULL, host_name); | 475 | if (strcmp (host_name, "") == 0) |
481 | 476 | usage ("check_http: you must specify a server address or host name\n"); | |
482 | if (http_method == NULL) | 477 | else |
483 | http_method = strscpy (http_method, "GET"); | 478 | asprintf (&server_address, "%s", host_name); |
484 | |||
485 | if (server_url == NULL) { | ||
486 | server_url = strscpy (NULL, "/"); | ||
487 | server_url_length = strlen(HTTP_URL); | ||
488 | } | 479 | } |
489 | 480 | ||
490 | return TRUE; | 481 | return TRUE; |
@@ -600,7 +591,7 @@ check_http (void) | |||
600 | } | 591 | } |
601 | 592 | ||
602 | /* either send http POST data */ | 593 | /* either send http POST data */ |
603 | if (http_post_data) { | 594 | if (strlen (http_post_data)) { |
604 | asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n"); | 595 | asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n"); |
605 | if (SSL_write (ssl, buf, strlen (buf)) == -1) { | 596 | if (SSL_write (ssl, buf, strlen (buf)) == -1) { |
606 | ERR_print_errors_fp (stderr); | 597 | ERR_print_errors_fp (stderr); |
@@ -611,11 +602,15 @@ check_http (void) | |||
611 | ERR_print_errors_fp (stderr); | 602 | ERR_print_errors_fp (stderr); |
612 | return STATE_CRITICAL; | 603 | return STATE_CRITICAL; |
613 | } | 604 | } |
614 | http_post_data = strscat (http_post_data, "\r\n"); | ||
615 | if (SSL_write (ssl, http_post_data, strlen (http_post_data)) == -1) { | 605 | if (SSL_write (ssl, http_post_data, strlen (http_post_data)) == -1) { |
616 | ERR_print_errors_fp (stderr); | 606 | ERR_print_errors_fp (stderr); |
617 | return STATE_CRITICAL; | 607 | return STATE_CRITICAL; |
618 | } | 608 | } |
609 | asprintf (&buf, CRLF); | ||
610 | if (SSL_write (ssl, buf, strlen (buf)) == -1) { | ||
611 | ERR_print_errors_fp (stderr); | ||
612 | return STATE_CRITICAL; | ||
613 | } | ||
619 | } | 614 | } |
620 | else { | 615 | else { |
621 | /* or just a newline so the server knows we're done with the request */ | 616 | /* or just a newline so the server knows we're done with the request */ |
@@ -655,13 +650,13 @@ check_http (void) | |||
655 | 650 | ||
656 | /* either send http POST data */ | 651 | /* either send http POST data */ |
657 | /* written by Chris Henesy <lurker@shadowtech.org> */ | 652 | /* written by Chris Henesy <lurker@shadowtech.org> */ |
658 | if (http_post_data) { | 653 | if (strlen (http_post_data)) { |
659 | asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n"); | 654 | asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n"); |
660 | send (sd, buf, strlen (buf), 0); | 655 | send (sd, buf, strlen (buf), 0); |
661 | asprintf (&buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); | 656 | asprintf (&buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); |
662 | send (sd, buf, strlen (buf), 0); | 657 | send (sd, buf, strlen (buf), 0); |
663 | http_post_data = strscat (http_post_data, "\r\n"); | ||
664 | send (sd, http_post_data, strlen (http_post_data), 0); | 658 | send (sd, http_post_data, strlen (http_post_data), 0); |
659 | send (sd, CRLF, strlen (CRLF), 0); | ||
665 | } | 660 | } |
666 | else { | 661 | else { |
667 | /* or just a newline so the server knows we're done with the request */ | 662 | /* or just a newline so the server knows we're done with the request */ |
@@ -773,7 +768,7 @@ check_http (void) | |||
773 | strstr (status_line, "304")) { | 768 | strstr (status_line, "304")) { |
774 | if (onredirect == STATE_DEPENDENT) { | 769 | if (onredirect == STATE_DEPENDENT) { |
775 | 770 | ||
776 | orig_url = strscpy(NULL, server_url); | 771 | asprintf (&orig_url, "%s", server_url); |
777 | pos = header; | 772 | pos = header; |
778 | while (pos) { | 773 | while (pos) { |
779 | server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH); | 774 | server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH); |
@@ -788,26 +783,26 @@ check_http (void) | |||
788 | server_url_length = strcspn (pos, "\r\n"); | 783 | server_url_length = strcspn (pos, "\r\n"); |
789 | } | 784 | } |
790 | if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) { | 785 | if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) { |
791 | host_name = strscpy (host_name, server_address); | 786 | asprintf (&host_name, "%s", server_address); |
792 | use_ssl = server_type_check (server_type); | 787 | use_ssl = server_type_check (server_type); |
793 | server_port = atoi (server_port_text); | 788 | server_port = atoi (server_port_text); |
794 | check_http (); | 789 | check_http (); |
795 | } | 790 | } |
796 | else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PATH, server_type, server_address, server_url) == 3 ) { | 791 | else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PATH, server_type, server_address, server_url) == 3 ) { |
797 | host_name = strscpy (host_name, server_address); | 792 | asprintf (&host_name, "%s", server_address); |
798 | use_ssl = server_type_check (server_type); | 793 | use_ssl = server_type_check (server_type); |
799 | server_port = server_port_check (use_ssl); | 794 | server_port = server_port_check (use_ssl); |
800 | check_http (); | 795 | check_http (); |
801 | } | 796 | } |
802 | else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT, server_type, server_address, server_port_text) == 3) { | 797 | else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT, server_type, server_address, server_port_text) == 3) { |
803 | host_name = strscpy (host_name, server_address); | 798 | asprintf (&host_name, "%s", server_address); |
804 | strcpy (server_url, "/"); | 799 | strcpy (server_url, "/"); |
805 | use_ssl = server_type_check (server_type); | 800 | use_ssl = server_type_check (server_type); |
806 | server_port = atoi (server_port_text); | 801 | server_port = atoi (server_port_text); |
807 | check_http (); | 802 | check_http (); |
808 | } | 803 | } |
809 | else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST, server_type, server_address) == 2) { | 804 | else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST, server_type, server_address) == 2) { |
810 | host_name = strscpy (host_name, server_address); | 805 | asprintf (&host_name, "%s", server_address); |
811 | strcpy (server_url, "/"); | 806 | strcpy (server_url, "/"); |
812 | use_ssl = server_type_check (server_type); | 807 | use_ssl = server_type_check (server_type); |
813 | server_port = server_port_check (use_ssl); | 808 | server_port = server_port_check (use_ssl); |
@@ -912,7 +907,7 @@ int connect_SSL (void) | |||
912 | { | 907 | { |
913 | SSL_METHOD *meth; | 908 | SSL_METHOD *meth; |
914 | 909 | ||
915 | randbuff = strscpy (NULL, "qwertyuiopasdfghjkl"); | 910 | asprintf (randbuff, "%s", "qwertyuiopasdfghjkl"); |
916 | RAND_seed (randbuff, strlen (randbuff)); | 911 | RAND_seed (randbuff, strlen (randbuff)); |
917 | /* Initialize SSL context */ | 912 | /* Initialize SSL context */ |
918 | SSLeay_add_ssl_algorithms (); | 913 | SSLeay_add_ssl_algorithms (); |