/*****************************************************************************
*
* Monitoring Plugins popen
*
* License: GPL
* Copyright (c) 2005-2007 Monitoring Plugins Development Team
*
* Description:
*
* A safe alternative to popen
*
* Provides spopen and spclose
*
* FILE * spopen(const char *);
* int spclose(FILE *);
*
* Code taken with little modification from "Advanced Programming for the Unix
* Environment" by W. Richard Stevens
*
* This is considered safe in that no shell is spawned, and the environment
* and path passed to the exec'd program are essentially empty. (popen create
* a shell and passes the environment to it).
*
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see .
*
*
*****************************************************************************/
#include "./common.h"
#include "./utils.h"
#include "../lib/maxfd.h"
/* extern so plugin has pid to kill exec'd process on timeouts */
extern pid_t *childpid;
extern int *child_stderr_array;
extern FILE *child_process;
FILE *spopen (const char *);
int spclose (FILE *);
#ifdef REDHAT_SPOPEN_ERROR
RETSIGTYPE popen_sigchld_handler (int);
#endif
RETSIGTYPE popen_timeout_alarm_handler (int);
#include /* ANSI C header file */
#include
#include
#include
#ifdef HAVE_SYS_WAIT_H
#include
#endif
#ifndef WEXITSTATUS
# define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8)
#endif
#ifndef WIFEXITED
# define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
#endif
/* 4.3BSD Reno doesn't define SIG_ERR */
#if defined(SIG_IGN) && !defined(SIG_ERR)
#define SIG_ERR ((Sigfunc *)-1)
#endif
char *pname = NULL; /* caller can set this from argv[0] */
#ifdef REDHAT_SPOPEN_ERROR
static volatile int childtermd = 0;
#endif
FILE *
spopen (const char *cmdstring)
{
char *env[2];
char *cmd = NULL;
char **argv = NULL;
char *str, *tmp;
int argc;
int i = 0, pfd[2], pfderr[2];
pid_t pid;
#ifdef RLIMIT_CORE
/* do not leave core files */
struct rlimit limit;
getrlimit (RLIMIT_CORE, &limit);
limit.rlim_cur = 0;
setrlimit (RLIMIT_CORE, &limit);
#endif
env[0] = strdup("LC_ALL=C");
env[1] = '\0';
/* if no command was passed, return with no error */
if (cmdstring == NULL)
return (NULL);
/* make copy of command string so strtok() doesn't silently modify it */
/* (the calling program may want to access it later) */
cmd = malloc (strlen (cmdstring) + 1);
if (cmd == NULL)
return NULL;
strcpy (cmd, cmdstring);
/* This is not a shell, so we don't handle "???" */
if (strstr (cmdstring, "\""))
return NULL;
/* allow single quotes, but only if non-whitesapce doesn't occur on both sides */
if (strstr (cmdstring, " ' ") || strstr (cmdstring, "'''"))
return NULL;
/* there cannot be more args than characters */
argc = strlen (cmdstring) + 1; /* add 1 for NULL termination */
argv = malloc (sizeof(char*)*argc);
if (argv == NULL) {
printf ("%s\n", _("Could not malloc argv array in popen()"));
return NULL;
}
/* loop to get arguments to command */
while (cmd) {
str = cmd;
str += strspn (str, " \t\r\n"); /* trim any leading whitespace */
if (i >= argc - 2) {
printf ("%s\n",_("CRITICAL - You need more args!!!"));
return (NULL);
}
if (strstr (str, "'") == str) { /* handle SIMPLE quoted strings */
str++;
if (!strstr (str, "'"))
return NULL; /* balanced? */
cmd = 1 + strstr (str, "'");
str[strcspn (str, "'")] = 0;
}
else if (strcspn(str,"'") < strcspn (str, " \t\r\n")) {
/* handle --option='foo bar' strings */
tmp = str + strcspn(str, "'") + 1;
if (!strstr (tmp, "'"))
return NULL; /* balanced? */
tmp += strcspn(tmp,"'") + 1;
*tmp = 0;
cmd = tmp + 1;
} else {
if (strpbrk (str, " \t\r\n")) {
cmd = 1 + strpbrk (str, " \t\r\n");
str[strcspn (str, " \t\r\n")] = 0;
}
else {
cmd = NULL;
}
}
if (cmd && strlen (cmd) == strspn (cmd, " \t\r\n"))
cmd = NULL;
argv[i++] = str;
}
argv[i] = NULL;
long maxfd = open_max();
if (childpid == NULL) { /* first time through */
if ((childpid = calloc ((size_t)maxfd, sizeof (pid_t))) == NULL)
return (NULL);
}
if (child_stderr_array == NULL) { /* first time through */
if ((child_stderr_array = calloc ((size_t)maxfd, sizeof (int))) == NULL)
return (NULL);
}
if (pipe (pfd) < 0)
return (NULL); /* errno set by pipe() */
if (pipe (pfderr) < 0)
return (NULL); /* errno set by pipe() */
#ifdef REDHAT_SPOPEN_ERROR
if (signal (SIGCHLD, popen_sigchld_handler) == SIG_ERR) {
usage4 (_("Cannot catch SIGCHLD"));
}
#endif
if ((pid = fork ()) < 0)
return (NULL); /* errno set by fork() */
else if (pid == 0) { /* child */
close (pfd[0]);
if (pfd[1] != STDOUT_FILENO) {
dup2 (pfd[1], STDOUT_FILENO);
close (pfd[1]);
}
close (pfderr[0]);
if (pfderr[1] != STDERR_FILENO) {
dup2 (pfderr[1], STDERR_FILENO);
close (pfderr[1]);
}
/* close all descriptors in childpid[] */
for (i = 0; i < maxfd; i++)
if (childpid[i] > 0)
close (i);
execve (argv[0], argv, env);
_exit (0);
}
close (pfd[1]); /* parent */
if ((child_process = fdopen (pfd[0], "r")) == NULL)
return (NULL);
close (pfderr[1]);
childpid[fileno (child_process)] = pid; /* remember child pid for this fd */
child_stderr_array[fileno (child_process)] = pfderr[0]; /* remember STDERR */
return (child_process);
}
int
spclose (FILE * fp)
{
int fd, status;
pid_t pid;
if (childpid == NULL)
return (1); /* popen() has never been called */
fd = fileno (fp);
if ((pid = childpid[fd]) == 0)
return (1); /* fp wasn't opened by popen() */
childpid[fd] = 0;
if (fclose (fp) == EOF)
return (1);
#ifdef REDHAT_SPOPEN_ERROR
while (!childtermd); /* wait until SIGCHLD */
#endif
while (waitpid (pid, &status, 0) < 0)
if (errno != EINTR)
return (1); /* error other than EINTR from waitpid() */
if (WIFEXITED (status))
return (WEXITSTATUS (status)); /* return child's termination status */
return (1);
}
#ifdef REDHAT_SPOPEN_ERROR
RETSIGTYPE
popen_sigchld_handler (int signo)
{
if (signo == SIGCHLD)
childtermd = 1;
}
#endif
RETSIGTYPE
popen_timeout_alarm_handler (int signo)
{
int fh;
if (signo == SIGALRM) {
if (child_process != NULL) {
fh=fileno (child_process);
if(fh >= 0){
kill (childpid[fh], SIGKILL);
}
printf (_("CRITICAL - Plugin timed out after %d seconds\n"),
timeout_interval);
} else {
printf ("%s\n", _("CRITICAL - popen timeout received, but no child process"));
}
exit (STATE_CRITICAL);
}
}