[Nagiosplug-devel] [ nagiosplug-Bugs-1985230 ] check_snmp does not allow " chars in cmdline

SourceForge.net noreply at sourceforge.net
Fri Feb 20 01:11:26 CET 2009


Bugs item #1985230, was opened at 2008-06-05 09:46
Message generated for change (Comment added) made by tonvoon
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1985230&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Argument proccessing
Group: CVS
Status: Open
Resolution: None
Priority: 7
Private: No
Submitted By: Jan Wagner (cyco_dd)
Assigned to: Nobody/Anonymous (nobody)
Summary: check_snmp does not allow " chars in cmdline

Initial Comment:
The following Bugreport we got against our debian package:

snmpd can be queried for customized "extend"s.
A configured extend like
    extend avail_mem /usr/local/bin/check_avail_mem.pl
can be queried as
    snmpget -c public -v1 ds9 'nsExtendOutput1Line."avail_mem"'
    NET-SNMP-EXTEND-MIB::nsExtendOutput1Line."avail_mem" = STRING: 749764

If you try to query this with check_snmp like
    check_snmp -H $HOSTADDRESS$ -C public -o 'nsExtendOutput1Line."syslog-idletime"'
this results into
    Could not open pipe: /usr/bin/snmpget -t 1 -r 5 -m ALL -v 1 -c public ds9:161 nsExtendOutput1Line."syslog-idletime"

Unfortuantely, check_snmp contains code in popen.c that does not allow any " chars in
the command line and bails out with above error.

I fixed this by commenting out the follwing block:

--- popen.c.old 2008-01-12 14:16:39.000000000 +0100
+++ popen.c     2008-01-12 14:16:54.000000000 +0100
@@ -133,8 +133,10 @@
        strcpy (cmd, cmdstring);

        /* This is not a shell, so we don't handle "???" */
+/*
        if (strstr (cmdstring, "\""))
                return NULL;
+*/

        /* allow single quotes, but only if non-whitesapce doesn't occur on both sides */
        if (strstr (cmdstring, " ' ") || strstr (cmdstring, "'''"))

You can track the bugreport via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=460405

Thanks and kind regards, Jan.

----------------------------------------------------------------------

>Comment By: Ton Voon (tonvoon)
Date: 2009-02-20 00:11

Message:
I don't think this is a valid fix. Preferably check_snmp should be switched
to use the runcmd library instead, which has a function to pass a varg list
for the command to run, thereby avoiding shell quotation. 

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1985230&group_id=29880




More information about the Devel mailing list