[Nagios-devel] check_dns bug
Posted: Thu Dec 19, 2002 3:27 pm
This is a multi-part message in MIME format.
--------------080803090200010407010403
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
I found a bug in check_dns in the 1.3b2 release. It occurs when you run
"check_dns -H " without specifying a "-s ". It
resuts in a segmentation fault
There is code in check_dns that, after going through the know args,
checks to see if the user has given anything at the commandline without
a tag. For example, if you run:
./check_dns -H -> no -s tag used
it will work because check_dns looks for extra information in the argv
array.
However, before it looks, there is no check to make sure that there is
anything else in the argv array. So when if looks for the
when none is specified, it causes a segmentation fault (argv[c] is
undefined). In the contect-diff patch I have included, I added a check
to make sure that there are more arguments provided before trying to use
them.
Personally, I think it might be a better idea to remove that section
entirely and force people to use the actual tags (-H, -s, etc). It
forces users to stick to the defined nagiosplug standard. Just my opinion.
One last note. I have been doing a lot of work looking at the plugins
lately (I'm actually going to investigate a problem I've have with
check_ifstatus next). If there is anything I can do to help the
nagiosplug project, please let me know. I would love to do whatever is
in my power to help out. Thanks!
-Russell Scibetti
--
Russell Scibetti
Quadrix Solutions, Inc.
http://www.quadrix.com
(732) 235-2335, ext. 7038
--------------080803090200010407010403
Content-Type: text/plain;
name="checkdns_diff.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="checkdns_diff.patch"
*** new_check_dns.c Thu Dec 19 18:19:12 2002
--- old_check_dns.c Thu Dec 19 17:37:50 2002
***************
*** 351,378 ****
}
}
- /* Nice section for those who don't use the -H and -s tags */
c = optind;
! if (c = ADDRESS_LENGTH)
! terminate (STATE_UNKNOWN, "Input buffer overflow\n");
! strcpy (query_address, argv[c++]);
}
!
! if (dns_server[0] == 0) {
! if (is_host (argv[c]) == FALSE) {
! printf ("Invalid name/address: %s\n\n", argv[c]);
! return ERROR;
! }
! if (strlen (argv[c]) >= ADDRESS_LENGTH)
! terminate (STATE_UNKNOWN, "Input buffer overflow\n");
! strcpy (dns_server, argv[c++]);
}
}
return validate_arguments ();
--- 351,375 ----
}
}
c = optind;
! if (query_address[0] == 0) {
! if (is_host (argv[c]) == FALSE) {
! printf ("Invalid name/address: %s\n\n", argv[c]);
! return ERROR;
}
! if (strlen (argv[c]) >= ADDRESS_LENGTH)
! terminate (STATE_UNKNOWN, "Input buffer overflow\n");
! strcpy (query_address, argv[c++]);
! }
!
! if (dns_server[0] == 0) {
! if (is_host (argv[c]) == FALSE) {
! printf ("Invalid name/address: %s\n\n", argv[c]);
! return ERROR;
}
+ if (strlen (argv[c]) >= ADDRESS_LENGTH)
+ terminate (STATE_UNKNOWN, "Input buffer overflow\n");
+ strcpy (dns_server, argv[c++]);
}
return validate_arguments ();
--------------080803090200010407010403--
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]
--------------080803090200010407010403
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
I found a bug in check_dns in the 1.3b2 release. It occurs when you run
"check_dns -H " without specifying a "-s ". It
resuts in a segmentation fault
There is code in check_dns that, after going through the know args,
checks to see if the user has given anything at the commandline without
a tag. For example, if you run:
./check_dns -H -> no -s tag used
it will work because check_dns looks for extra information in the argv
array.
However, before it looks, there is no check to make sure that there is
anything else in the argv array. So when if looks for the
when none is specified, it causes a segmentation fault (argv[c] is
undefined). In the contect-diff patch I have included, I added a check
to make sure that there are more arguments provided before trying to use
them.
Personally, I think it might be a better idea to remove that section
entirely and force people to use the actual tags (-H, -s, etc). It
forces users to stick to the defined nagiosplug standard. Just my opinion.
One last note. I have been doing a lot of work looking at the plugins
lately (I'm actually going to investigate a problem I've have with
check_ifstatus next). If there is anything I can do to help the
nagiosplug project, please let me know. I would love to do whatever is
in my power to help out. Thanks!
-Russell Scibetti
--
Russell Scibetti
Quadrix Solutions, Inc.
http://www.quadrix.com
(732) 235-2335, ext. 7038
--------------080803090200010407010403
Content-Type: text/plain;
name="checkdns_diff.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="checkdns_diff.patch"
*** new_check_dns.c Thu Dec 19 18:19:12 2002
--- old_check_dns.c Thu Dec 19 17:37:50 2002
***************
*** 351,378 ****
}
}
- /* Nice section for those who don't use the -H and -s tags */
c = optind;
! if (c = ADDRESS_LENGTH)
! terminate (STATE_UNKNOWN, "Input buffer overflow\n");
! strcpy (query_address, argv[c++]);
}
!
! if (dns_server[0] == 0) {
! if (is_host (argv[c]) == FALSE) {
! printf ("Invalid name/address: %s\n\n", argv[c]);
! return ERROR;
! }
! if (strlen (argv[c]) >= ADDRESS_LENGTH)
! terminate (STATE_UNKNOWN, "Input buffer overflow\n");
! strcpy (dns_server, argv[c++]);
}
}
return validate_arguments ();
--- 351,375 ----
}
}
c = optind;
! if (query_address[0] == 0) {
! if (is_host (argv[c]) == FALSE) {
! printf ("Invalid name/address: %s\n\n", argv[c]);
! return ERROR;
}
! if (strlen (argv[c]) >= ADDRESS_LENGTH)
! terminate (STATE_UNKNOWN, "Input buffer overflow\n");
! strcpy (query_address, argv[c++]);
! }
!
! if (dns_server[0] == 0) {
! if (is_host (argv[c]) == FALSE) {
! printf ("Invalid name/address: %s\n\n", argv[c]);
! return ERROR;
}
+ if (strlen (argv[c]) >= ADDRESS_LENGTH)
+ terminate (STATE_UNKNOWN, "Input buffer overflow\n");
+ strcpy (dns_server, argv[c++]);
}
return validate_arguments ();
--------------080803090200010407010403--
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]