diff options
| author | Sven Nierlein <sven@nierlein.de> | 2021-03-11 12:33:16 (GMT) |
|---|---|---|
| committer | Sven Nierlein <sven@nierlein.de> | 2021-03-11 12:33:16 (GMT) |
| commit | 5cfc93d995cfd5cc7d1a469f3c1276c4884da2a2 (patch) | |
| tree | ee6ce79d0a5807dd8eb60c4bfa13cccc5ae0ba0c | |
| parent | 05d7f70d4553e19ea5eb27ec5c97098f014550df (diff) | |
| download | monitoring-plugins-5cfc93d.tar.gz | |
fix check_curl crash if http header contains leading spacesrefs/pull/1666/head
check_curl crashes when a (broken) http server returns invalid http header with
leading spaces or double colons. This PR adds a fix and a test case for this.
Signed-off-by: Sven Nierlein <sven@nierlein.de>
| -rw-r--r-- | plugins/check_curl.c | 2 | ||||
| -rwxr-xr-x | plugins/tests/check_curl.t | 16 |
2 files changed, 14 insertions, 4 deletions
diff --git a/plugins/check_curl.c b/plugins/check_curl.c index 2d69b31..ef96218 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c | |||
| @@ -2037,7 +2037,7 @@ get_header_value (const struct phr_header* headers, const size_t nof_headers, co | |||
| 2037 | { | 2037 | { |
| 2038 | int i; | 2038 | int i; |
| 2039 | for( i = 0; i < nof_headers; i++ ) { | 2039 | for( i = 0; i < nof_headers; i++ ) { |
| 2040 | if( strncasecmp( header, headers[i].name, max( headers[i].name_len, 4 ) ) == 0 ) { | 2040 | if(headers[i].name != NULL && strncasecmp( header, headers[i].name, max( headers[i].name_len, 4 ) ) == 0 ) { |
| 2041 | return strndup( headers[i].value, headers[i].value_len ); | 2041 | return strndup( headers[i].value, headers[i].value_len ); |
| 2042 | } | 2042 | } |
| 2043 | } | 2043 | } |
diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t index 1afbe4b..0caad23 100755 --- a/plugins/tests/check_curl.t +++ b/plugins/tests/check_curl.t | |||
| @@ -21,7 +21,7 @@ use FindBin qw($Bin); | |||
| 21 | 21 | ||
| 22 | $ENV{'LC_TIME'} = "C"; | 22 | $ENV{'LC_TIME'} = "C"; |
| 23 | 23 | ||
| 24 | my $common_tests = 70; | 24 | my $common_tests = 72; |
| 25 | my $ssl_only_tests = 8; | 25 | my $ssl_only_tests = 8; |
| 26 | # Check that all dependent modules are available | 26 | # Check that all dependent modules are available |
| 27 | eval "use HTTP::Daemon 6.01;"; | 27 | eval "use HTTP::Daemon 6.01;"; |
| @@ -188,6 +188,12 @@ sub run_server { | |||
| 188 | $c->send_basic_header; | 188 | $c->send_basic_header; |
| 189 | $c->send_header('foo'); | 189 | $c->send_header('foo'); |
| 190 | $c->send_crlf; | 190 | $c->send_crlf; |
| 191 | } elsif ($r->url->path eq "/header_broken_check") { | ||
| 192 | $c->send_basic_header; | ||
| 193 | $c->send_header('foo'); | ||
| 194 | print $c "Test1:: broken\n"; | ||
| 195 | print $c " Test2: leading whitespace\n"; | ||
| 196 | $c->send_crlf; | ||
| 191 | } elsif ($r->url->path eq "/virtual_port") { | 197 | } elsif ($r->url->path eq "/virtual_port") { |
| 192 | # return sent Host header | 198 | # return sent Host header |
| 193 | $c->send_basic_header; | 199 | $c->send_basic_header; |
| @@ -247,7 +253,7 @@ my $cmd; | |||
| 247 | # advanced checks with virtual hostname and virtual port | 253 | # advanced checks with virtual hostname and virtual port |
| 248 | SKIP: { | 254 | SKIP: { |
| 249 | skip "libcurl version is smaller than $required_version", 6 unless $use_advanced_checks; | 255 | skip "libcurl version is smaller than $required_version", 6 unless $use_advanced_checks; |
| 250 | 256 | ||
| 251 | # http without virtual port | 257 | # http without virtual port |
| 252 | $cmd = "./$plugin -H $virtual_host -I 127.0.0.1 -p $port_http -u /virtual_port -r ^$virtual_host:$port_http\$"; | 258 | $cmd = "./$plugin -H $virtual_host -I 127.0.0.1 -p $port_http -u /virtual_port -r ^$virtual_host:$port_http\$"; |
| 253 | $result = NPTest->testCmd( $cmd ); | 259 | $result = NPTest->testCmd( $cmd ); |
| @@ -259,7 +265,7 @@ SKIP: { | |||
| 259 | $result = NPTest->testCmd( $cmd ); | 265 | $result = NPTest->testCmd( $cmd ); |
| 260 | is( $result->return_code, 0, $cmd); | 266 | is( $result->return_code, 0, $cmd); |
| 261 | like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); | 267 | like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); |
| 262 | 268 | ||
| 263 | # http with virtual port (80) | 269 | # http with virtual port (80) |
| 264 | $cmd = "./$plugin -H $virtual_host:80 -I 127.0.0.1 -p $port_http -u /virtual_port -r ^$virtual_host\$"; | 270 | $cmd = "./$plugin -H $virtual_host:80 -I 127.0.0.1 -p $port_http -u /virtual_port -r ^$virtual_host\$"; |
| 265 | $result = NPTest->testCmd( $cmd ); | 271 | $result = NPTest->testCmd( $cmd ); |
| @@ -321,6 +327,10 @@ sub run_common_tests { | |||
| 321 | is( $result->return_code, 2, "Missing header string check"); | 327 | is( $result->return_code, 2, "Missing header string check"); |
| 322 | like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - header 'bar' not found on 'https?://127\.0\.0\.1:\d+/header_check'%, "Shows search string and location"); | 328 | like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - header 'bar' not found on 'https?://127\.0\.0\.1:\d+/header_check'%, "Shows search string and location"); |
| 323 | 329 | ||
| 330 | $result = NPTest->testCmd( "$command -u /header_broken_check" ); | ||
| 331 | is( $result->return_code, 0, "header_check search for string"); | ||
| 332 | like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 138 bytes in [\d\.]+ second/', "Output correct" ); | ||
| 333 | |||
| 324 | my $cmd; | 334 | my $cmd; |
| 325 | $cmd = "$command -u /slow"; | 335 | $cmd = "$command -u /slow"; |
| 326 | $result = NPTest->testCmd( $cmd ); | 336 | $result = NPTest->testCmd( $cmd ); |