diff options
| author | Holger Weiss <holger@zedat.fu-berlin.de> | 2010-04-11 10:54:44 +0200 | 
|---|---|---|
| committer | Holger Weiss <holger@zedat.fu-berlin.de> | 2010-04-11 10:54:44 +0200 | 
| commit | 614e9dec5e3f4059c8eb5e4ea11bf92e66c3c76f (patch) | |
| tree | fa00fc25d49101ab071f252aecdfdc0411b43149 /plugins-scripts | |
| parent | de7191e3424e02ba278a39b86e8b1906a25d0362 (diff) | |
| download | monitoring-plugins-614e9dec5e3f4059c8eb5e4ea11bf92e66c3c76f.tar.gz | |
Fix Debian bug #478942: Fragile argument passing
Fix some problems regarding the way check_disk_smb passes command line
arguments to smbclient(1).
| It runs:
|
| 	$res = qx/$smbclient "\/\/$host\/$share" $pass -W $workgroup \
| 	       -U $user $smbclientoptions -I $address -c ls/;
|
| [...]
|
| The documentation says that if the password is not passed, it
| defaults to "".  That is not true above, as $pass expands to
| nothing which leaves no argument at all (instead of an empty
| argument) so is different from providing with an empty password
| or with the -N option.
|
| Also, if the password starts with "-", you're in trouble, that's
| why -U $user%$pass may be prefered.
|
| Also, the doc says that if $user is not provided, then it
| defaults to "guest" but the problem is that if it is provided
| but empty, it is changed to "guest" as well, which prevents us
| from querying hosts that don't do user authentication.
[ http://bugs.debian.org/478942 ]
(Fixed by Stephane Chazelas, forwarded by Jan Wagner.)
Diffstat (limited to 'plugins-scripts')
| -rwxr-xr-x | plugins-scripts/check_disk_smb.pl | 61 | 
1 files changed, 36 insertions, 25 deletions
| diff --git a/plugins-scripts/check_disk_smb.pl b/plugins-scripts/check_disk_smb.pl index ca593d46..7c81fc26 100755 --- a/plugins-scripts/check_disk_smb.pl +++ b/plugins-scripts/check_disk_smb.pl | |||
| @@ -58,9 +58,7 @@ if ($opt_V) { | |||
| 58 | 58 | ||
| 59 | if ($opt_h) {print_help(); exit $ERRORS{'OK'};} | 59 | if ($opt_h) {print_help(); exit $ERRORS{'OK'};} | 
| 60 | 60 | ||
| 61 | my $smbclient= "$utils::PATH_TO_SMBCLIENT " ; | 61 | my $smbclient = $utils::PATH_TO_SMBCLIENT; | 
| 62 | my $smbclientoptions= $opt_P ? "-p $opt_P " : ""; | ||
| 63 | |||
| 64 | 62 | ||
| 65 | # Options checking | 63 | # Options checking | 
| 66 | 64 | ||
| @@ -72,13 +70,12 @@ my $host = $1 if ($opt_H =~ /^([-_.A-Za-z0-9 ]+\$?)$/); | |||
| 72 | my $share = $1 if ($opt_s =~ /^([-_.A-Za-z0-9]+\$?)$/); | 70 | my $share = $1 if ($opt_s =~ /^([-_.A-Za-z0-9]+\$?)$/); | 
| 73 | ($share) || usage("Invalid share: $opt_s\n"); | 71 | ($share) || usage("Invalid share: $opt_s\n"); | 
| 74 | 72 | ||
| 75 | ($opt_u) || ($opt_u = shift @ARGV) || ($opt_u = "guest"); | 73 | defined($opt_u) || ($opt_u = shift @ARGV) || ($opt_u = "guest"); | 
| 76 | my $user = $1 if ($opt_u =~ /^([-_.A-Za-z0-9\\]+)$/); | 74 | my $user = $1 if ($opt_u =~ /^([-_.A-Za-z0-9\\]*)$/); | 
| 77 | ($user) || usage("Invalid user: $opt_u\n"); | 75 | defined($user) || usage("Invalid user: $opt_u\n"); | 
| 78 | 76 | ||
| 79 | ($opt_p) || ($opt_p = shift @ARGV) || ($opt_p = ""); | 77 | defined($opt_p) || ($opt_p = shift @ARGV) || ($opt_p = ""); | 
| 80 | my $pass = $1 if ($opt_p =~ /(.*)/); | 78 | my $pass = $1 if ($opt_p =~ /(.*)/); | 
| 81 | $pass = "-N" if ($opt_p eq ""); | ||
| 82 | 79 | ||
| 83 | ($opt_w) || ($opt_w = shift @ARGV) || ($opt_w = 85); | 80 | ($opt_w) || ($opt_w = shift @ARGV) || ($opt_w = 85); | 
| 84 | my $warn = $1 if ($opt_w =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/); | 81 | my $warn = $1 if ($opt_w =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/); | 
| @@ -88,6 +85,24 @@ my $warn = $1 if ($opt_w =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/); | |||
| 88 | my $crit = $1 if ($opt_c =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/); | 85 | my $crit = $1 if ($opt_c =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/); | 
| 89 | ($crit) || usage("Invalid critical threshold: $opt_c\n"); | 86 | ($crit) || usage("Invalid critical threshold: $opt_c\n"); | 
| 90 | 87 | ||
| 88 | # Execute the given command line and return anything it writes to STDOUT and/or | ||
| 89 | # STDERR. (This might be useful for other plugins, too, so it should possibly | ||
| 90 | # be moved to utils.pm.) | ||
| 91 | sub output_and_error_of { | ||
| 92 | local *CMD; | ||
| 93 | local $/ = undef; | ||
| 94 | my $pid = open CMD, "-|"; | ||
| 95 | if (defined($pid)) { | ||
| 96 | if ($pid) { | ||
| 97 | return <CMD>; | ||
| 98 | } else { | ||
| 99 | open STDERR, ">&STDOUT" and exec @_; | ||
| 100 | exit(1); | ||
| 101 | } | ||
| 102 | } | ||
| 103 | return undef; | ||
| 104 | } | ||
| 105 | |||
| 91 | # split the type from the unit value | 106 | # split the type from the unit value | 
| 92 | #Check $warn and $crit for type (%/M/G) and set up for tests | 107 | #Check $warn and $crit for type (%/M/G) and set up for tests | 
| 93 | #P = Percent, K = KBytes | 108 | #P = Percent, K = KBytes | 
| @@ -162,23 +177,19 @@ alarm($TIMEOUT); | |||
| 162 | 177 | ||
| 163 | # Execute an "ls" on the share using smbclient program | 178 | # Execute an "ls" on the share using smbclient program | 
| 164 | # get the results into $res | 179 | # get the results into $res | 
| 165 | if (defined($workgroup)) { | 180 | my @cmd = ( | 
| 166 | if (defined($address)) { | 181 | $smbclient, | 
| 167 | print "$smbclient " . "\/\/$host\/$share" ." $pass -W $workgroup -U $user $smbclientoptions -I $address -c ls\n" if ($verbose); | 182 | "//$host/$share", | 
| 168 | $res = qx/$smbclient "\/\/$host\/$share" $pass -W $workgroup -U $user $smbclientoptions -I $address -c ls/; | 183 | "-U", "$user%$pass", | 
| 169 | } else { | 184 | defined($workgroup) ? ("-W", $workgroup) : (), | 
| 170 | print "$smbclient " . "\/\/$host\/$share" ." $pass -W $workgroup -U $user $smbclientoptions -c ls\n" if ($verbose); | 185 | defined($address) ? ("-I", $address) : (), | 
| 171 | $res = qx/$smbclient "\/\/$host\/$share" $pass -W $workgroup -U $user $smbclientoptions -c ls/; | 186 | defined($opt_P) ? ("-p", $opt_P) : (), | 
| 172 | } | 187 | "-c", "ls" | 
| 173 | } else { | 188 | ); | 
| 174 | if (defined($address)) { | 189 | |
| 175 | print "$smbclient " . "\/\/$host\/$share" ." $pass -U $user $smbclientoptions -I $address -c ls\n" if ($verbose); | 190 | print join(" ", @cmd) . "\n" if ($verbose); | 
| 176 | $res = qx/$smbclient "\/\/$host\/$share" $pass -U $user $smbclientoptions -I $address -c ls/; | 191 | $res = output_and_error_of(@cmd) or exit $ERRORS{"UNKNOWN"}; | 
| 177 | } else { | 192 | |
| 178 | print "$smbclient " . "\/\/$host\/$share" ." $pass -U $user $smbclientoptions -c ls\n" if ($verbose); | ||
| 179 | $res = qx/$smbclient "\/\/$host\/$share" $pass -U $user $smbclientoptions -c ls/; | ||
| 180 | } | ||
| 181 | } | ||
| 182 | #Turn off alarm | 193 | #Turn off alarm | 
| 183 | alarm(0); | 194 | alarm(0); | 
| 184 | 195 | ||
