From b7fc2eb15aa02da234e9fd2f4ab021bfff6c00c2 Mon Sep 17 00:00:00 2001 From: Sebastian Herbszt Date: Wed, 26 Nov 2014 23:51:00 +0100 Subject: check_apt: fix memset Fix memset introduced by commit 9ce7369 ("plugins/check_apt.c - Print uninitialized ereg"). Signed-off-by: Sebastian Herbszt diff --git a/plugins/check_apt.c b/plugins/check_apt.c index 07622c2..8747f90 100644 --- a/plugins/check_apt.c +++ b/plugins/check_apt.c @@ -224,7 +224,7 @@ int run_upgrade(int *pkgcount, int *secpkgcount){ char *cmdline=NULL, rerrbuf[64]; /* initialize ereg as it is possible it is printed while uninitialized */ - memset(&ereg, "\0", sizeof(ereg.buffer)); + memset(&ereg, '\0', sizeof(ereg.buffer)); if(upgrade==NO_UPGRADE) return STATE_OK; -- cgit v0.10-9-g596f From a4a1b37be0ff96492d13e87ce59c82482d961f56 Mon Sep 17 00:00:00 2001 From: Sebastian Herbszt Date: Wed, 26 Nov 2014 23:54:49 +0100 Subject: check_ntp: fix null termination Fix null termination introduced by commit a04df3e ("plugins/check_ntp.c - Verify struct from response"). Signed-off-by: Sebastian Herbszt diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c index 09a923e..546802a 100644 --- a/plugins/check_ntp.c +++ b/plugins/check_ntp.c @@ -616,7 +616,7 @@ double jitter_request(const char *host, int *status){ if (bytes_read != ntp_cm_ints + req.count) die(STATE_UNKNOWN, _("Invalid NTP response: %d bytes read does not equal %d plus %d data segment"), bytes_read, ntp_cm_ints, req.count); /* else null terminate */ - strncpy(req.data[req.count], "\0", 1); + req.data[req.count] = '\0'; DBG(print_ntp_control_message(&req)); -- cgit v0.10-9-g596f From 30f0eeed578a1606eb53e135c1c5417d61d56295 Mon Sep 17 00:00:00 2001 From: Sebastian Herbszt Date: Thu, 27 Nov 2014 00:03:23 +0100 Subject: check_real: fix null termination Fix null termination introduced by commit b61f51a ("plugins/check_real.c - recv string null terminate"). Signed-off-by: Sebastian Herbszt diff --git a/plugins/check_real.c b/plugins/check_real.c index 36f6413..1816bf5 100644 --- a/plugins/check_real.c +++ b/plugins/check_real.c @@ -178,7 +178,7 @@ main (int argc, char **argv) /* watch for the REAL connection string */ result = recv (sd, buffer, MAX_INPUT_BUFFER - 1, 0); - buffer[result] = "\0"; /* null terminate recieved buffer */ + buffer[result] = '\0'; /* null terminate recieved buffer */ /* return a CRITICAL status if we couldn't read any data */ if (result == -1) { -- cgit v0.10-9-g596f From 5871123e0a5f520f810b2cfe03cef16c4c5a1aee Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Sun, 30 Nov 2014 23:39:59 +0100 Subject: Revert "plugins/check_ntp.c - Verify struct from response" This reverts commit a04df3e1b67dc5eab3adc202cc89901f801cdeaa. The "fix" was bogus in many ways and broke jitter checking. Conflicts: plugins/check_ntp.c diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c index 546802a..0a7640a 100644 --- a/plugins/check_ntp.c +++ b/plugins/check_ntp.c @@ -517,14 +517,13 @@ setup_control_request(ntp_control_message *p, uint8_t opcode, uint16_t seq){ double jitter_request(const char *host, int *status){ int conn=-1, i, npeers=0, num_candidates=0, syncsource_found=0; int run=0, min_peer_sel=PEER_INCLUDED, num_selected=0, num_valid=0; - int peers_size=0, peer_offset=0, bytes_read=0; + int peers_size=0, peer_offset=0; ntp_assoc_status_pair *peers=NULL; ntp_control_message req; const char *getvar = "jitter"; double rval = 0.0, jitter = -1.0; char *startofvalue=NULL, *nptr=NULL; void *tmp; - int ntp_cm_ints = sizeof(uint16_t) * 5 + sizeof(uint8_t) * 2; /* Long-winded explanation: * Getting the jitter requires a number of steps: @@ -609,15 +608,7 @@ double jitter_request(const char *host, int *status){ req.count = htons(MAX_CM_SIZE); DBG(printf("recieving READVAR response...\n")); - - /* cov-66524 - req.data not null terminated before usage. Also covers verifying struct was returned correctly*/ - if ((bytes_read = read(conn, &req, SIZEOF_NTPCM(req))) == -1) - die(STATE_UNKNOWN, _("Cannot read from socket: %s"), strerror(errno)); - if (bytes_read != ntp_cm_ints + req.count) - die(STATE_UNKNOWN, _("Invalid NTP response: %d bytes read does not equal %d plus %d data segment"), bytes_read, ntp_cm_ints, req.count); - /* else null terminate */ - req.data[req.count] = '\0'; - + read(conn, &req, SIZEOF_NTPCM(req)); DBG(print_ntp_control_message(&req)); if(req.op&REM_ERROR && strstr(getvar, "jitter")) { -- cgit v0.10-9-g596f From 99b3bfe488a856df059e933c796590eea0baae8d Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 1 Dec 2014 01:07:53 +0100 Subject: check_ntp: Nul-terminate jitter data Make sure the jitter response is nul-terminated before parsing the data using string functions. diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c index 0a7640a..a7d278d 100644 --- a/plugins/check_ntp.c +++ b/plugins/check_ntp.c @@ -590,6 +590,9 @@ double jitter_request(const char *host, int *status){ for (i = 0; i < npeers; i++){ /* Only query this server if it is the current sync source */ if (PEER_SEL(peers[i].status) >= min_peer_sel){ + char jitter_data[MAX_CM_SIZE+1]; + size_t jitter_data_count; + num_selected++; setup_control_request(&req, OP_READVAR, 2); req.assoc = peers[i].assoc; @@ -623,7 +626,14 @@ double jitter_request(const char *host, int *status){ if(verbose) { printf("parsing jitter from peer %.2x: ", ntohs(peers[i].assoc)); } - startofvalue = strchr(req.data, '='); + if((jitter_data_count = ntohs(req.count)) >= sizeof(jitter_data)){ + die(STATE_UNKNOWN, + _("jitter response too large (%lu bytes)\n"), + (unsigned long)jitter_data_count); + } + memcpy(jitter_data, req.data, jitter_data_count); + jitter_data[jitter_data_count] = '\0'; + startofvalue = strchr(jitter_data, '='); if(startofvalue != NULL) { startofvalue++; jitter = strtod(startofvalue, &nptr); -- cgit v0.10-9-g596f From 22dfca20fd83da319ec23160e0092a602b6c1eea Mon Sep 17 00:00:00 2001 From: Sebastian Herbszt Date: Sun, 30 Nov 2014 23:57:47 +0100 Subject: check_tcp: fix help description regarding escape option The help description should print '\\' for backslash not just '\'. Signed-off-by: Sebastian Herbszt diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index fc0adba..63f9fd9 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c @@ -643,7 +643,7 @@ print_help (void) printf (UT_IPv46); printf (" %s\n", "-E, --escape"); - printf (" %s\n", _("Can use \\n, \\r, \\t or \\ in send or quit string. Must come before send or quit option")); + printf (" %s\n", _("Can use \\n, \\r, \\t or \\\\ in send or quit string. Must come before send or quit option")); printf (" %s\n", _("Default: nothing added to send, \\r\\n added to end of quit")); printf (" %s\n", "-s, --send=STRING"); printf (" %s\n", _("String to send to the server")); -- cgit v0.10-9-g596f From 4182119245d05673c2df0b6c10bf6858d1a69ad6 Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Mon, 1 Dec 2014 10:01:35 +0100 Subject: NEWS: Updating all the fixes diff --git a/NEWS b/NEWS index 16d66e3..0478620 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,12 @@ This file documents the major additions and syntax changes between releases. +2.1.1 2nd December 2014 + FIXES + Fix check_apt memset + Fix check_real null termination + Fix check_tcp help description escaping + Fix check_ntp jitter response processing + 2.1 15th October 2014 ENHANCEMENTS New check_hpjd -p option for port specification (abrist) -- cgit v0.10-9-g596f From dea9bc113e6042b6a2f2f36fb67a0e55bcbec13a Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Mon, 1 Dec 2014 10:05:21 +0100 Subject: THANKS.in: Add new authors diff --git a/THANKS.in b/THANKS.in index eefe583..6c9e1fe 100644 --- a/THANKS.in +++ b/THANKS.in @@ -333,3 +333,4 @@ Frederic Krueger Simon Meggle Jonas Genannt Nick Peelman +Sebastian Herbszt -- cgit v0.10-9-g596f From f2fe51604ee47b70c3b4510fc9408c1cc77407b0 Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Mon, 1 Dec 2014 10:11:03 +0100 Subject: Prepare release diff --git a/NP-VERSION-GEN b/NP-VERSION-GEN index 1878eb9..12efad7 100755 --- a/NP-VERSION-GEN +++ b/NP-VERSION-GEN @@ -6,7 +6,7 @@ SRC_ROOT=`dirname $0` NPVF=NP-VERSION-FILE -DEF_VER=2.1.git +DEF_VER=2.1.1.git LF=' ' diff --git a/configure.ac b/configure.ac index 92d9ebf..2429e99 100644 --- a/configure.ac +++ b/configure.ac @@ -1,6 +1,6 @@ dnl Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) -AC_INIT(monitoring-plugins,2.1) +AC_INIT(monitoring-plugins,2.1.1) AC_CONFIG_SRCDIR(NPTest.pm) AC_CONFIG_FILES([gl/Makefile]) AC_CONFIG_AUX_DIR(build-aux) -- cgit v0.10-9-g596f From 063bc4e71d168e59437068fc386c9c3e9e25f4c6 Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Tue, 2 Dec 2014 00:42:28 +0100 Subject: NEWS: Modify list of changes for 2.1.1 release Make the list of changes slightly more descriptive. diff --git a/NEWS b/NEWS index 0478620..c999e51 100644 --- a/NEWS +++ b/NEWS @@ -1,11 +1,12 @@ This file documents the major additions and syntax changes between releases. 2.1.1 2nd December 2014 - FIXES - Fix check_apt memset - Fix check_real null termination - Fix check_tcp help description escaping - Fix check_ntp jitter response processing + FIXES + Fix check_ntp's jitter checking + Fix check_ntp's handling of invalid server responses + Fix check_apt's handling of invalid regular expressions + Fix check_real's server response processing + Fix backslash escaping in check_tcp's --help output 2.1 15th October 2014 ENHANCEMENTS -- cgit v0.10-9-g596f