Don't prepend "^Inst" or append a space to the "include", "exclude", or

"critical" regular expressions. Instead, check for lines beginning with "Inst" using strncmp and apply the regular expressions only when such lines are found. Fixes Debian bug #522812, along the lines suggested by the bug submitter, Justin T Pryzby.
author: Alex Bradley <a.bradley@alumni.cs.ubc.ca> 2012-10-03 06:22:54 (GMT)
committer: Alex Bradley <a.bradley@alumni.cs.ubc.ca> 2012-10-03 06:22:54 (GMT)
commit: 7918f5868c08909050aa083eeb819d110f2d160d (patch)
tree: a6c62fb81ddbd1ebfb2b983b9ffaebf0792c3c33 /plugins/check_apt.c
parent: 05c4c9bfc649ba8f66e470667824200c2cda5314 (diff)
download: monitoring-plugins-7918f5868c08909050aa083eeb819d110f2d160d.tar.gz
1 files changed, 18 insertions, 17 deletions
diff --git a/plugins/check_apt.c b/plugins/check_apt.c
index 7efa596..26499ae 100644
--- a/plugins/check_apt.c
+++ b/plugins/check_apt.c
@@ -49,6 +49,8 @@ typedef enum { UPGRADE, DIST_UPGRADE, NO_UPGRADE } upgrade_type;
 #ifndef PATH_TO_APTGET
 # define PATH_TO_APTGET "/usr/bin/apt-get"
 #endif /* PATH_TO_APTGET */
+/* String found at the beginning of the apt output lines we're interested in */
+#define PKGINST_PREFIX "Inst "
 /* the RE that catches security updates */
 #define SECURITY_RE "^[^\\(]*\\([^ ]* (Debian-Security:|Ubuntu:[^/]*/[^-]*-security)"
@@ -211,22 +213,18 @@ int run_upgrade(int *pkgcount, int *secpkgcount){
        struct output chld_out, chld_err;
        regex_t ireg, ereg, sreg;
        char *cmdline=NULL, rerrbuf[64];
-        const char *include_ptr=NULL, *crit_ptr=NULL;
        if(upgrade==NO_UPGRADE) return STATE_OK;
        /* compile the regexps */
-        if(do_include!=NULL) include_ptr=do_include;
+        if (do_include != NULL) {
-        else include_ptr="^Inst";
+                regres=regcomp(&ireg, do_include, REG_EXTENDED);
-        if(do_critical!=NULL) crit_ptr=do_critical;
+                if (regres!=0) {
-        else crit_ptr=SECURITY_RE;
+                        regerror(regres, &ireg, rerrbuf, 64);
+                        die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), progname, rerrbuf);
-        regres=regcomp(&ireg, include_ptr, REG_EXTENDED);
+                }
-        if(regres!=0) {
-                regerror(regres, &ireg, rerrbuf, 64);
-                die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), progname, rerrbuf);
        }
+   
        if(do_exclude!=NULL){
                regres=regcomp(&ereg, do_exclude, REG_EXTENDED);
                if(regres!=0) {
@@ -235,6 +233,8 @@ int run_upgrade(int *pkgcount, int *secpkgcount){
                            progname, rerrbuf);
                }
        }
+   
+        const char *crit_ptr = (do_critical != NULL) ? do_critical : SECURITY_RE;
        regres=regcomp(&sreg, crit_ptr, REG_EXTENDED);
        if(regres!=0) {
                regerror(regres, &ereg, rerrbuf, 64);
@@ -269,7 +269,8 @@ int run_upgrade(int *pkgcount, int *secpkgcount){
                        printf("%s\n", chld_out.line[i]);
                }
                /* if it is a package we care about */
-                if(regexec(&ireg, chld_out.line[i], 0, NULL, 0)==0){
+                if (strncmp(PKGINST_PREFIX, chld_out.line[i], strlen(PKGINST_PREFIX)) == 0 &&
+                    (do_include == NULL || regexec(&ireg, chld_out.line[i], 0, NULL, 0) == 0)) {
                        /* if we're not excluding, or it's not in the
                         * list of stuff to exclude */
                        if(do_exclude==NULL ||
@@ -298,7 +299,7 @@ int run_upgrade(int *pkgcount, int *secpkgcount){
                        }
                }
        }
-        regfree(&ireg);
+        if (do_include != NULL) regfree(&ireg);
        regfree(&sreg);
        if(do_exclude!=NULL) regfree(&ereg);
        free(cmdline);
@@ -348,15 +349,15 @@ char* add_to_regexp(char *expr, const char *next){
        char *re=NULL;
        if(expr==NULL){
-                re=malloc(sizeof(char)*(strlen("^Inst () ")+strlen(next)+1));
+                re=malloc(sizeof(char)*(strlen("()")+strlen(next)+1));
                if(!re) die(STATE_UNKNOWN, "malloc failed!\n");
-                sprintf(re, "^Inst (%s) ", next);
+                sprintf(re, "(%s)", next);
        } else {
                /* resize it, adding an extra char for the new '|' separator */
-                re=realloc(expr, sizeof(char)*strlen(expr)+1+strlen(next)+1);
+                re=realloc(expr, sizeof(char)*(strlen(expr)+1+strlen(next)+1));
                if(!re) die(STATE_UNKNOWN, "realloc failed!\n");
                /* append it starting at ')' in the old re */
-                sprintf((char*)(re+strlen(re)-2), "|%s) ", next);
+                sprintf((char*)(re+strlen(re)-1), "|%s)", next);
        }
        return re;
author	Alex Bradley <a.bradley@alumni.cs.ubc.ca>	2012-10-03 06:22:54 (GMT)
committer	Alex Bradley <a.bradley@alumni.cs.ubc.ca>	2012-10-03 06:22:54 (GMT)
commit	7918f5868c08909050aa083eeb819d110f2d160d (patch)
tree	a6c62fb81ddbd1ebfb2b983b9ffaebf0792c3c33 /plugins/check_apt.c
parent	05c4c9bfc649ba8f66e470667824200c2cda5314 (diff)
download	monitoring-plugins-7918f5868c08909050aa083eeb819d110f2d160d.tar.gz

diff --git a/plugins/check_apt.c b/plugins/check_apt.c index 7efa596..26499ae 100644 --- a/plugins/check_apt.c +++ b/plugins/check_apt.c
@@ -49,6 +49,8 @@ typedef enum { UPGRADE, DIST_UPGRADE, NO_UPGRADE } upgrade_type;
49	#ifndef PATH_TO_APTGET	49	#ifndef PATH_TO_APTGET
50	# define PATH_TO_APTGET "/usr/bin/apt-get"	50	# define PATH_TO_APTGET "/usr/bin/apt-get"
51	#endif /* PATH_TO_APTGET */	51	#endif /* PATH_TO_APTGET */
		52	/* String found at the beginning of the apt output lines we're interested in */
		53	#define PKGINST_PREFIX "Inst "
52	/* the RE that catches security updates */	54	/* the RE that catches security updates */
53	#define SECURITY_RE "^[^\\(]\\([^ ] (Debian-Security:\|Ubuntu:[^/]/[^-]-security)"	55	#define SECURITY_RE "^[^\\(]\\([^ ] (Debian-Security:\|Ubuntu:[^/]/[^-]-security)"
54		56
@@ -211,22 +213,18 @@ int run_upgrade(int pkgcount, int secpkgcount){
211	struct output chld_out, chld_err;	213	struct output chld_out, chld_err;
212	regex_t ireg, ereg, sreg;	214	regex_t ireg, ereg, sreg;
213	char *cmdline=NULL, rerrbuf[64];	215	char *cmdline=NULL, rerrbuf[64];
214	const char include_ptr=NULL, crit_ptr=NULL;
215		216
216	if(upgrade==NO_UPGRADE) return STATE_OK;	217	if(upgrade==NO_UPGRADE) return STATE_OK;
217		218
218	/* compile the regexps */	219	/* compile the regexps */
219	if(do_include!=NULL) include_ptr=do_include;	220	if (do_include != NULL) {
220	else include_ptr="^Inst";	221	regres=regcomp(&ireg, do_include, REG_EXTENDED);
221	if(do_critical!=NULL) crit_ptr=do_critical;	222	if (regres!=0) {
222	else crit_ptr=SECURITY_RE;	223	regerror(regres, &ireg, rerrbuf, 64);
223		224	die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), progname, rerrbuf);
224	regres=regcomp(&ireg, include_ptr, REG_EXTENDED);	225	}
225	if(regres!=0) {
226	regerror(regres, &ireg, rerrbuf, 64);
227	die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), progname, rerrbuf);
228	}	226	}
229		227
230	if(do_exclude!=NULL){	228	if(do_exclude!=NULL){
231	regres=regcomp(&ereg, do_exclude, REG_EXTENDED);	229	regres=regcomp(&ereg, do_exclude, REG_EXTENDED);
232	if(regres!=0) {	230	if(regres!=0) {
@@ -235,6 +233,8 @@ int run_upgrade(int pkgcount, int secpkgcount){
235	progname, rerrbuf);	233	progname, rerrbuf);
236	}	234	}
237	}	235	}
		236
		237	const char *crit_ptr = (do_critical != NULL) ? do_critical : SECURITY_RE;
238	regres=regcomp(&sreg, crit_ptr, REG_EXTENDED);	238	regres=regcomp(&sreg, crit_ptr, REG_EXTENDED);
239	if(regres!=0) {	239	if(regres!=0) {
240	regerror(regres, &ereg, rerrbuf, 64);	240	regerror(regres, &ereg, rerrbuf, 64);
@@ -269,7 +269,8 @@ int run_upgrade(int pkgcount, int secpkgcount){
269	printf("%s\n", chld_out.line[i]);	269	printf("%s\n", chld_out.line[i]);
270	}	270	}
271	/* if it is a package we care about */	271	/* if it is a package we care about */
272	if(regexec(&ireg, chld_out.line[i], 0, NULL, 0)==0){	272	if (strncmp(PKGINST_PREFIX, chld_out.line[i], strlen(PKGINST_PREFIX)) == 0 &&
		273	(do_include == NULL \|\| regexec(&ireg, chld_out.line[i], 0, NULL, 0) == 0)) {
273	/* if we're not excluding, or it's not in the	274	/* if we're not excluding, or it's not in the
274	* list of stuff to exclude */	275	* list of stuff to exclude */
275	if(do_exclude==NULL \|\|	276	if(do_exclude==NULL \|\|
@@ -298,7 +299,7 @@ int run_upgrade(int pkgcount, int secpkgcount){
298	}	299	}
299	}	300	}
300	}	301	}
301	regfree(&ireg);	302	if (do_include != NULL) regfree(&ireg);
302	regfree(&sreg);	303	regfree(&sreg);
303	if(do_exclude!=NULL) regfree(&ereg);	304	if(do_exclude!=NULL) regfree(&ereg);
304	free(cmdline);	305	free(cmdline);
@@ -348,15 +349,15 @@ char* add_to_regexp(char expr, const char next){
348	char *re=NULL;	349	char *re=NULL;
349		350
350	if(expr==NULL){	351	if(expr==NULL){
351	re=malloc(sizeof(char)*(strlen("^Inst () ")+strlen(next)+1));	352	re=malloc(sizeof(char)*(strlen("()")+strlen(next)+1));
352	if(!re) die(STATE_UNKNOWN, "malloc failed!\n");	353	if(!re) die(STATE_UNKNOWN, "malloc failed!\n");
353	sprintf(re, "^Inst (%s) ", next);	354	sprintf(re, "(%s)", next);
354	} else {	355	} else {
355	/* resize it, adding an extra char for the new '\|' separator */	356	/* resize it, adding an extra char for the new '\|' separator */
356	re=realloc(expr, sizeof(char)*strlen(expr)+1+strlen(next)+1);	357	re=realloc(expr, sizeof(char)*(strlen(expr)+1+strlen(next)+1));
357	if(!re) die(STATE_UNKNOWN, "realloc failed!\n");	358	if(!re) die(STATE_UNKNOWN, "realloc failed!\n");
358	/* append it starting at ')' in the old re */	359	/* append it starting at ')' in the old re */
359	sprintf((char*)(re+strlen(re)-2), "\|%s) ", next);	360	sprintf((char*)(re+strlen(re)-1), "\|%s)", next);
360	}	361	}
361		362
362	return re;	363	return re;