diff options
-rw-r--r-- | plugins/check_http.c | 61 |
1 files changed, 29 insertions, 32 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c index 1b4bae34..306e4a2e 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c @@ -177,15 +177,14 @@ int errcode; #define HTTP_EXPECT "HTTP/1." #define HTTP_URL "/" -time_t start_time, end_time; char timestamp[10] = ""; int specify_port = FALSE; int server_port = HTTP_PORT; char server_port_text[6] = ""; char server_type[6] = "http"; -char *server_address = NULL; -char *host_name = NULL; -char *server_url = NULL; +/*@null@*/ char *server_address = NULL; +/*@null@*/ char *host_name = NULL; +/*@null@*/ char *server_url = NULL; int server_url_length = 0; int server_expect_yn = 0; char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT; @@ -200,8 +199,8 @@ int onredirect = STATE_OK; int use_ssl = FALSE; int verbose = FALSE; int sd; -char *http_method = NULL; -char *http_post_data = NULL; +/*@null@*/ char *http_method = NULL; +/*@null@*/ char *http_post_data = NULL; char buffer[MAX_INPUT_BUFFER]; void print_usage (void); @@ -223,9 +222,9 @@ main (int argc, char **argv) if (strstr (timestamp, ":")) { if (strstr (server_url, "?")) - sprintf (server_url, "%s&%s", server_url, timestamp); + server_url = ssprintf (server_url, "%s&%s", server_url, timestamp); else - sprintf (server_url, "%s?%s", server_url, timestamp); + server_url = ssprintf (server_url, "%s?%s", server_url, timestamp); } if (display_html == TRUE) @@ -233,9 +232,9 @@ main (int argc, char **argv) host_name, server_port, server_url); /* initialize alarm signal handling, set socket timeout, start timer */ - signal (SIGALRM, socket_timeout_alarm_handler); - alarm (socket_timeout); - time (&start_time); + (void) signal (SIGALRM, socket_timeout_alarm_handler); + (void) alarm (socket_timeout); + (void) time (&start_time); #ifdef HAVE_SSL if (use_ssl && check_cert == TRUE) { @@ -431,8 +430,8 @@ process_arguments (int argc, char **argv) case 'r': /* regex */ #ifdef HAVE_REGEX_H cflags |= REG_EXTENDED | REG_NOSUB | REG_NEWLINE; - strncpy (regexp, optarg, MAX_INPUT_BUFFER - 1); - regexp[MAX_INPUT_BUFFER - 1] = 0; + strncpy (regexp, optarg, MAX_RE_SIZE - 1); + regexp[MAX_RE_SIZE - 1] = 0; errcode = regcomp (&preg, regexp, cflags); if (errcode != 0) { regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); @@ -487,9 +486,7 @@ base64 (char *bin, int len) int i = 0, j = 0; char BASE64_END = '='; - char base64_table[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" - "abcdefghijklmnopqrstuvwxyz" - "0123456789+/"; + char base64_table[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; while (j < len - 2) { buf[i++] = base64_table[bin[j] >> 2]; @@ -552,7 +549,7 @@ check_http (void) return STATE_CRITICAL; } - sprintf (buffer, "%s %s HTTP/1.0\r\n", http_method, server_url); + snprintf (buffer, MAX_INPUT_BUFFER - 1, "%s %s HTTP/1.0\r\n", http_method, server_url); if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { ERR_print_errors_fp (stderr); return STATE_CRITICAL; @@ -560,7 +557,7 @@ check_http (void) /* optionally send the host header info (not clear if it's usable) */ if (strcmp (host_name, "")) { - sprintf (buffer, "Host: %s\r\n", host_name); + snprintf (buffer, MAX_INPUT_BUFFER - 1, "Host: %s\r\n", host_name); if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { ERR_print_errors_fp (stderr); return STATE_CRITICAL; @@ -568,7 +565,7 @@ check_http (void) } /* send user agent */ - sprintf (buffer, "User-Agent: check_http/%s (nagios-plugins %s)\r\n", + snprintf (buffer, MAX_INPUT_BUFFER - 1, "User-Agent: check_http/%s (nagios-plugins %s)\r\n", clean_revstring (REVISION), PACKAGE_VERSION); if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { ERR_print_errors_fp (stderr); @@ -578,7 +575,7 @@ check_http (void) /* optionally send the authentication info */ if (strcmp (user_auth, "")) { auth = base64 (user_auth, strlen (user_auth)); - sprintf (buffer, "Authorization: Basic %s\r\n", auth); + snprintf (buffer, MAX_INPUT_BUFFER - 1, "Authorization: Basic %s\r\n", auth); if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { ERR_print_errors_fp (stderr); return STATE_CRITICAL; @@ -587,12 +584,12 @@ check_http (void) /* optionally send http POST data */ if (http_post_data) { - sprintf (buffer, "Content-Type: application/x-www-form-urlencoded\r\n"); + snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Type: application/x-www-form-urlencoded\r\n"); if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { ERR_print_errors_fp (stderr); return STATE_CRITICAL; } - sprintf (buffer, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); + snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { ERR_print_errors_fp (stderr); return STATE_CRITICAL; @@ -605,7 +602,7 @@ check_http (void) } /* send a newline so the server knows we're done with the request */ - sprintf (buffer, "\r\n\r\n"); + snprintf (buffer, MAX_INPUT_BUFFER - 1, "\r\n\r\n"); if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { ERR_print_errors_fp (stderr); return STATE_CRITICAL; @@ -618,19 +615,19 @@ check_http (void) msg = ssprintf (msg, "Unable to open TCP socket"); terminate (STATE_CRITICAL, msg); } - sprintf (buffer, "%s %s HTTP/1.0\r\n", http_method, server_url); + snprintf (buffer, MAX_INPUT_BUFFER - 1, "%s %s HTTP/1.0\r\n", http_method, server_url); send (sd, buffer, strlen (buffer), 0); /* optionally send the host header info */ if (strcmp (host_name, "")) { - sprintf (buffer, "Host: %s\r\n", host_name); + snprintf (buffer, MAX_INPUT_BUFFER - 1, "Host: %s\r\n", host_name); send (sd, buffer, strlen (buffer), 0); } /* send user agent */ - sprintf (buffer, + snprintf (buffer, MAX_INPUT_BUFFER - 1, "User-Agent: check_http/%s (nagios-plugins %s)\r\n", clean_revstring (REVISION), PACKAGE_VERSION); send (sd, buffer, strlen (buffer), 0); @@ -638,23 +635,23 @@ check_http (void) /* optionally send the authentication info */ if (strcmp (user_auth, "")) { auth = base64 (user_auth, strlen (user_auth)); - sprintf (buffer, "Authorization: Basic %s\r\n", auth); + snprintf (buffer, MAX_INPUT_BUFFER - 1, "Authorization: Basic %s\r\n", auth); send (sd, buffer, strlen (buffer), 0); } /* optionally send http POST data */ /* written by Chris Henesy <lurker@shadowtech.org> */ if (http_post_data) { - sprintf (buffer, "Content-Type: application/x-www-form-urlencoded\r\n"); + snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Type: application/x-www-form-urlencoded\r\n"); send (sd, buffer, strlen (buffer), 0); - sprintf (buffer, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); + snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); send (sd, buffer, strlen (buffer), 0); http_post_data = strscat (http_post_data, "\r\n"); send (sd, http_post_data, strlen (http_post_data), 0); } /* send a newline so the server knows we're done with the request */ - sprintf (buffer, "\r\n\r\n"); + snprintf (buffer, MAX_INPUT_BUFFER - 1, "\r\n\r\n"); send (sd, buffer, strlen (buffer), 0); #ifdef HAVE_SSL } @@ -993,8 +990,8 @@ check_certificate (X509 ** certificate) stamp.tm_isdst = -1; days_left = (mktime (&stamp) - time (NULL)) / 86400; - sprintf - (timestamp, "%02d/%02d/%04d %02d:%02d", + snprintf + (timestamp, MAX_INPUT_BUFFER - 1, "%02d/%02d/%04d %02d:%02d", stamp.tm_mon + 1, stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); |