[Nagiosplug-devel] [ nagiosplug-Bugs-1894850 ] check_ping: incorrectly parses ping6 output

SourceForge.net noreply at sourceforge.net
Tue Jun 12 01:27:23 CEST 2012

Previous message: [Nagiosplug-devel] [ nagiosplug-Bugs-3503921 ] check_dhcp.c incorrectly setting source ip address as siaddr
Next message: [Nagiosplug-devel] check_http: new force http 1.0 option
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Bugs item #1894850, was opened at 2008-02-16 01:57
Message generated for change (Comment added) made by hweiss
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1894850&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Parsing problem
Group: Release (specify)
>Status: Closed
>Resolution: Accepted
Priority: 5
Private: No
Submitted By: Matej Vela (vela)
Assigned to: Holger Weiss (hweiss)
Summary: check_ping: incorrectly parses ping6 output

Initial Comment:
Plugin Version:
    1.4.11, HEAD
Plugin Name:
    check_ping
Plugin Commandline showing issues:
    check_ping -H [invalid-ipv6-address] -w 5000,100% -c 5000,100% -p 1
Operating System:
    Debian GNU/Linux 4.0 (etch)

Debian's ping6 may produce output in the following format:

    3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 2009ms

There's a corresponding pattern in check_ping.c:450:

    "%*d packets transmitted, %*d received, +%*d errors, %d%% packet loss"

but the pattern in check_ping.c:448 matches first:

    "%*d packets transmitted, %*d received, %d%% loss, time"

because sscanf interprets "+3" as a match for "%d".  Although the rest
of the pattern doesn't match, the number of successful assignments
(and thus the return value of sscanf) is still 1.

A simple way to make sure the whole pattern matches is to add a "%n"
specifier at the end, which will assign the number of characters
matched by that point.  (The same trick is used in check_http.c.)
There seems to be some confusion whether "%n" affects the return value
of sscanf, so it's safer to check the assigned number of characters.

Patch attached.


----------------------------------------------------------------------

>Comment By: Holger Weiss (hweiss)
Date: 2012-06-11 16:27

Message:
The patch might seem straightforward, and indeed it makes the sscanf(3)
calls behave as (obviously) intended by the original author.  It's not much
of a surprise that it works for those who are using the same ping6(1)
implementation and therefore suffered from the same issue.  However,
fiddling around with check_ping's parsing code has the potential to easily
break a very large number of installations which use other ping
implementations, so it's good to be careful.

Anyway, this patch is now in Git and will be included with the next
release.  Thanks!

----------------------------------------------------------------------

Comment By: Matija Nalis (mnalis)
Date: 2010-10-16 16:49

Message:
cyco_dd - the patch really isn't that complicated, it just makes C
sscanf(3) behave like the one who wrote it intended (like string matching
in perl for example). I've also made more detailed explanation with
real-life examples at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514588#36 if you're
interested.

It's also been running for more than a year and a half without any ill
effects on CARNet (Croatian Academic and Research Network) while monitoring
hundreds of servers, and all the people who tried the patch (both at
sourceforge.net tracker and at debian bug tracker) report it works as
intended.

If you have any specific issues or further need for patch clarifications,
just ask and I'll answer them. Thanks.

----------------------------------------------------------------------

Comment By: Jan Wagner (cyco_dd)
Date: 2010-10-16 15:53

Message:
things maybe less trivial, as it look at the first view?

----------------------------------------------------------------------

Comment By: WebComPas (webcompas)
Date: 2010-10-15 06:09

Message:
I also need "check_ping" to work correctly with ping6 on debian. The
attached fix seems to work, so where is the problem to include this patch?

----------------------------------------------------------------------

Comment By: Matija Nalis (mnalis)
Date: 2010-08-12 07:17

Message:
Any chance of this fix being implemented? It's been sitting here for years
now :-(
BTW, it has also been reported at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514588 if more info is
needed

----------------------------------------------------------------------

Comment By: Matija Nalis (mnalis)
Date: 2009-02-09 02:27

Message:
has there been any luck with integrating this patch to nagios-plugins ?
It does not seem to be getting any activity.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1894850&group_id=29880

Previous message: [Nagiosplug-devel] [ nagiosplug-Bugs-3503921 ] check_dhcp.c incorrectly setting source ip address as siaddr
Next message: [Nagiosplug-devel] check_http: new force http 1.0 option
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Devel mailing list