aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--plugins/check_http.c61
1 files changed, 29 insertions, 32 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 1b4bae34..306e4a2e 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -177,15 +177,14 @@ int errcode;
#define HTTP_EXPECT "HTTP/1."
#define HTTP_URL "/"
-time_t start_time, end_time;
char timestamp[10] = "";
int specify_port = FALSE;
int server_port = HTTP_PORT;
char server_port_text[6] = "";
char server_type[6] = "http";
-char *server_address = NULL;
-char *host_name = NULL;
-char *server_url = NULL;
+/*@null@*/ char *server_address = NULL;
+/*@null@*/ char *host_name = NULL;
+/*@null@*/ char *server_url = NULL;
int server_url_length = 0;
int server_expect_yn = 0;
char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;
@@ -200,8 +199,8 @@ int onredirect = STATE_OK;
int use_ssl = FALSE;
int verbose = FALSE;
int sd;
-char *http_method = NULL;
-char *http_post_data = NULL;
+/*@null@*/ char *http_method = NULL;
+/*@null@*/ char *http_post_data = NULL;
char buffer[MAX_INPUT_BUFFER];
void print_usage (void);
@@ -223,9 +222,9 @@ main (int argc, char **argv)
if (strstr (timestamp, ":")) {
if (strstr (server_url, "?"))
- sprintf (server_url, "%s&%s", server_url, timestamp);
+ server_url = ssprintf (server_url, "%s&%s", server_url, timestamp);
else
- sprintf (server_url, "%s?%s", server_url, timestamp);
+ server_url = ssprintf (server_url, "%s?%s", server_url, timestamp);
}
if (display_html == TRUE)
@@ -233,9 +232,9 @@ main (int argc, char **argv)
host_name, server_port, server_url);
/* initialize alarm signal handling, set socket timeout, start timer */
- signal (SIGALRM, socket_timeout_alarm_handler);
- alarm (socket_timeout);
- time (&start_time);
+ (void) signal (SIGALRM, socket_timeout_alarm_handler);
+ (void) alarm (socket_timeout);
+ (void) time (&start_time);
#ifdef HAVE_SSL
if (use_ssl && check_cert == TRUE) {
@@ -431,8 +430,8 @@ process_arguments (int argc, char **argv)
case 'r': /* regex */
#ifdef HAVE_REGEX_H
cflags |= REG_EXTENDED | REG_NOSUB | REG_NEWLINE;
- strncpy (regexp, optarg, MAX_INPUT_BUFFER - 1);
- regexp[MAX_INPUT_BUFFER - 1] = 0;
+ strncpy (regexp, optarg, MAX_RE_SIZE - 1);
+ regexp[MAX_RE_SIZE - 1] = 0;
errcode = regcomp (&preg, regexp, cflags);
if (errcode != 0) {
regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER);
@@ -487,9 +486,7 @@ base64 (char *bin, int len)
int i = 0, j = 0;
char BASE64_END = '=';
- char base64_table[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
- "abcdefghijklmnopqrstuvwxyz"
- "0123456789+/";
+ char base64_table[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
while (j < len - 2) {
buf[i++] = base64_table[bin[j] >> 2];
@@ -552,7 +549,7 @@ check_http (void)
return STATE_CRITICAL;
}
- sprintf (buffer, "%s %s HTTP/1.0\r\n", http_method, server_url);
+ snprintf (buffer, MAX_INPUT_BUFFER - 1, "%s %s HTTP/1.0\r\n", http_method, server_url);
if (SSL_write (ssl, buffer, strlen (buffer)) == -1) {
ERR_print_errors_fp (stderr);
return STATE_CRITICAL;
@@ -560,7 +557,7 @@ check_http (void)
/* optionally send the host header info (not clear if it's usable) */
if (strcmp (host_name, "")) {
- sprintf (buffer, "Host: %s\r\n", host_name);
+ snprintf (buffer, MAX_INPUT_BUFFER - 1, "Host: %s\r\n", host_name);
if (SSL_write (ssl, buffer, strlen (buffer)) == -1) {
ERR_print_errors_fp (stderr);
return STATE_CRITICAL;
@@ -568,7 +565,7 @@ check_http (void)
}
/* send user agent */
- sprintf (buffer, "User-Agent: check_http/%s (nagios-plugins %s)\r\n",
+ snprintf (buffer, MAX_INPUT_BUFFER - 1, "User-Agent: check_http/%s (nagios-plugins %s)\r\n",
clean_revstring (REVISION), PACKAGE_VERSION);
if (SSL_write (ssl, buffer, strlen (buffer)) == -1) {
ERR_print_errors_fp (stderr);
@@ -578,7 +575,7 @@ check_http (void)
/* optionally send the authentication info */
if (strcmp (user_auth, "")) {
auth = base64 (user_auth, strlen (user_auth));
- sprintf (buffer, "Authorization: Basic %s\r\n", auth);
+ snprintf (buffer, MAX_INPUT_BUFFER - 1, "Authorization: Basic %s\r\n", auth);
if (SSL_write (ssl, buffer, strlen (buffer)) == -1) {
ERR_print_errors_fp (stderr);
return STATE_CRITICAL;
@@ -587,12 +584,12 @@ check_http (void)
/* optionally send http POST data */
if (http_post_data) {
- sprintf (buffer, "Content-Type: application/x-www-form-urlencoded\r\n");
+ snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Type: application/x-www-form-urlencoded\r\n");
if (SSL_write (ssl, buffer, strlen (buffer)) == -1) {
ERR_print_errors_fp (stderr);
return STATE_CRITICAL;
}
- sprintf (buffer, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
+ snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
if (SSL_write (ssl, buffer, strlen (buffer)) == -1) {
ERR_print_errors_fp (stderr);
return STATE_CRITICAL;
@@ -605,7 +602,7 @@ check_http (void)
}
/* send a newline so the server knows we're done with the request */
- sprintf (buffer, "\r\n\r\n");
+ snprintf (buffer, MAX_INPUT_BUFFER - 1, "\r\n\r\n");
if (SSL_write (ssl, buffer, strlen (buffer)) == -1) {
ERR_print_errors_fp (stderr);
return STATE_CRITICAL;
@@ -618,19 +615,19 @@ check_http (void)
msg = ssprintf (msg, "Unable to open TCP socket");
terminate (STATE_CRITICAL, msg);
}
- sprintf (buffer, "%s %s HTTP/1.0\r\n", http_method, server_url);
+ snprintf (buffer, MAX_INPUT_BUFFER - 1, "%s %s HTTP/1.0\r\n", http_method, server_url);
send (sd, buffer, strlen (buffer), 0);
/* optionally send the host header info */
if (strcmp (host_name, "")) {
- sprintf (buffer, "Host: %s\r\n", host_name);
+ snprintf (buffer, MAX_INPUT_BUFFER - 1, "Host: %s\r\n", host_name);
send (sd, buffer, strlen (buffer), 0);
}
/* send user agent */
- sprintf (buffer,
+ snprintf (buffer, MAX_INPUT_BUFFER - 1,
"User-Agent: check_http/%s (nagios-plugins %s)\r\n",
clean_revstring (REVISION), PACKAGE_VERSION);
send (sd, buffer, strlen (buffer), 0);
@@ -638,23 +635,23 @@ check_http (void)
/* optionally send the authentication info */
if (strcmp (user_auth, "")) {
auth = base64 (user_auth, strlen (user_auth));
- sprintf (buffer, "Authorization: Basic %s\r\n", auth);
+ snprintf (buffer, MAX_INPUT_BUFFER - 1, "Authorization: Basic %s\r\n", auth);
send (sd, buffer, strlen (buffer), 0);
}
/* optionally send http POST data */
/* written by Chris Henesy <lurker@shadowtech.org> */
if (http_post_data) {
- sprintf (buffer, "Content-Type: application/x-www-form-urlencoded\r\n");
+ snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Type: application/x-www-form-urlencoded\r\n");
send (sd, buffer, strlen (buffer), 0);
- sprintf (buffer, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
+ snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
send (sd, buffer, strlen (buffer), 0);
http_post_data = strscat (http_post_data, "\r\n");
send (sd, http_post_data, strlen (http_post_data), 0);
}
/* send a newline so the server knows we're done with the request */
- sprintf (buffer, "\r\n\r\n");
+ snprintf (buffer, MAX_INPUT_BUFFER - 1, "\r\n\r\n");
send (sd, buffer, strlen (buffer), 0);
#ifdef HAVE_SSL
}
@@ -993,8 +990,8 @@ check_certificate (X509 ** certificate)
stamp.tm_isdst = -1;
days_left = (mktime (&stamp) - time (NULL)) / 86400;
- sprintf
- (timestamp, "%02d/%02d/%04d %02d:%02d",
+ snprintf
+ (timestamp, MAX_INPUT_BUFFER - 1, "%02d/%02d/%04d %02d:%02d",
stamp.tm_mon + 1,
stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min);