[Nagiosplug-devel] [ nagiosplug-Bugs-3593304 ] check_http injecting garbage into content, breaking --string

SourceForge.net noreply at sourceforge.net
Thu Dec 6 21:48:29 CET 2012

Bugs item #3593304, was opened at 2012-12-06 12:48
Message generated for change (Tracker Item Submitted) made by jwhitlock
You can respond by visiting: 

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: v1.4.14
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: John Whitlock (jwhitlock)
Assigned to: Nobody/Anonymous (nobody)
Summary: check_http injecting garbage into content, breaking --string

Initial Comment:
Plugin Version (-V output):  check_http v1.4.16-61-g1845c (nagios-plugins 1.4.16)
Plugin Name:  check_http
Plugin Commandline showing issues: ./check_http -H 'www.consumeraffairs.com' -u '/' -v | head -n 20
Operating System: OS X 10.8.2, Ubuntu 12.04.1 LTS
Architecture: x86_64
Compiler: gcc 4.2.1, ubuntu package

When running check_http against our server, it appears to inject garbage (with newlines) into the content.  Here's the output of my example run:

GET / HTTP/1.1
User-Agent: check_http/v1.4.16-61-g1845c (nagios-plugins 1.4.16)
Connection: close
Host: www.consumeraffairs.com

http://www.consumeraffairs.com:80/ is 30933 characters
**** HEADER ****
Server: nginx/1.1.19
Vary: Cookie
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Dec 2012 20:32:29 GMT
Transfer-Encoding: chunked
Connection: close
Set-Cookie: X-Mapping-fjhppofk=0F06A766EC4682365170E5AA67F0FDDA; path=/
Set-Cookie: X-Mapping-fjhppofk=0F06A766EC4682365170E5AA67F0FDDA; path=/
**** CONTENT ****
<!doctype html><!--[if lt IE 7 ]><html lang="en" class="no-js ie6"> ... (trimmed) ...

The '1f66' does not appear in the actual response, as verified with the browser, curl, wget, etc.  It appears it injects something like '1000', '2000', every few thousand characters, and a final '0' at the end.  I don't see these results against other hosts - ours appears to be 'lucky'.  We're running on nginx in Rackspace and using their load balancer service, but it reproduces running against a webserver on my laptop.

I ran in gdb, and it looks like the calls to `while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) {` are injecting the garbage into the buffer, so it is somewhere in the read code.  Changing the buffer size or max read size appears to have no effect.  valgrind finds no reads of uninitialized memory.

It was breaking expected string checks, which is why we noticed it.  I'm turning off the expected string tests, so we'll just check 200 and timeouts.


You can respond by visiting: 

More information about the Devel mailing list