Age | Commit message (Collapse) | Author |
|
Serveral coverity fixes from nagios-plugins
|
|
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
Added two if elses to cover when only one threshold is set.
|
|
|
|
Coverity 66479 - validate_arguments has no need to return anything, as it dies on error, yet was set to return an int. Set to void to resolve warning.
|
|
Coverity 66480 - Potential array index out of bounds, since result was not verified to be positive prior to using as an index for state[]. Simply reording the if statement should resolve the issue. - SR
|
|
Coverity 66514 - Possible leakage and overflow with addr in redirect functionality. Not confirmed as null terminated, and externally gathered. Restrict string comparisons and duplications by size. - SR
|
|
Coverity 66524 - req.data is not neccessarily null terminated but still feed to printf statements. This both does that, and verifies the struct more so than before. - SR
|
|
Recv into buffer is not properly null terminated prior to strstr and possible other string functions expecting a null termination. Simply take bytes received and use as an index to append \0 after. We are creating buffer[] with size of MAX_INPUT_BUFFER and recv with MAX_INPUT_BUFFER-1 so this should never overflow.
|
|
Coverity 66531 - ereg.buffer can be printed without being initialized if do_include and do_exclude are null and critical is an invalid regex. While minor this may leak memory and cause undefined behavior.
|
|
also make test is now working on travis-ci
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
|
|
|
|
|
|
Our die() function doesn't append a newline character to the message.
|
|
Allow for using the FreeRADIUS Client library instead of radiusclient or
radiusclient-ng. The latter two projects are dead.
Closes #1231.
|
|
The puts(3) function already appends a newline character to the string.
|
|
when returning syscontact. So make them optional since we want to test
check_snmp and not the snmpd.
Signed-off-by: Sven Nierlein <Sven.Nierlein@consol.de>
|
|
so make sure our tests only run if -2 maps to nobody
Signed-off-by: Sven Nierlein <Sven.Nierlein@consol.de>
|
|
on the fping binary. Check this before running the test.
Signed-off-by: Sven Nierlein <Sven.Nierlein@consol.de>
|
|
since the test uses send_header from HTTP::Daemon::ClientConn which has been introduced in
HTTP::Daemon 6.01
|
|
so add configurable/optional timeout to testCmd.
Signed-off-by: Sven Nierlein <Sven.Nierlein@consol.de>
|
|
skip those tests if the uid does not exist
Signed-off-by: Sven Nierlein <Sven.Nierlein@consol.de>
|
|
GnuTLS doesn't provide a SSL_CTX_check_private_key() function.
Closes #1254.
|
|
|
|
|
|
|
|
The SNMPv3 noAuthNoPriv security level, somewhat unintuitively, requires
a security name to be passed along together with the request. Check_snmp
previously did not do this, causing snmpget to throw an error:
"External command error: No log handling enabled - turning on stderr
logging
snmpget: No securityName specified"
This patch fixes the issue by always providing the security name when
noAuthNoPriv is specified.
See also:
https:://bugs.op5.com/view.php?id=8385.
Signed-off-by: Anton Lofgren <alofgren@op5.com>
|
|
anything
|
|
|
|
If you don't specify a group or a file to read data from the plugin tries to read from several files that don't exist and no groups.
|
|
|
|
Signed-off-by: Davide Madrisan <davide.madrisan@gmail.com>
|
|
Signed-off-by: Davide Madrisan <davide.madrisan@gmail.com>
|
|
thats because check_procs verifys there is a user for a
given uid filter. So even we use sample data for this
test, we still need a real user.
Signed-off-by: Sven Nierlein <Sven.Nierlein@consol.de>
|
|
This seems to result into more problems in the wild then before 'fixing' it
Closes Debian #739254
Reopen Debian #734811
|
|
Remove unnecessary whitespace in Makefile.am
|
|
|
|
|
|
|
|
|
|
check_snmp becomes capable of evaluating negative values properly,
but it might be returning CRITICALs where it used to return OK and was ignored,
if a negative value turns out to actually be a valid value.
If negative values are valid, this can be worked around,
by adding "~:" to the warning/critical threshold : 100 -> ~:100
|
|
Next commit will work on fixing these!
|
|
C89 doesn't allow variable declarations to be intermingled with code.
|
|
This change saves us from having to link check_dig against "libm"
|
|
which is already set to 10 seconds
|
|
When a timeout value is specified with the -t option, dig will sometimes
timeout before the timer is actually reached.
The problem occurs because the check_dig plugin does not pass the specified
timeout value to dig, leaving dig to timeout with it's default value which
seems to be around 10-15seconds.
To reproduce:
time ./check_dig -H 127.0.0.2 -l www.google.com -t 30
It will not run for 30secs, which is the expected behaviour.
The following will work, because the timeout is less than the default dig
timeout, so the plugin cancels the dig command:
time ./check_dig -H 127.0.0.2 -l www.google.com -t 2
This fix passes the timeout value to dig, and sets the number of retries which tends to vary from system to system by default.
Closes #1168
|
|
|
|
Check_swap used to allow no swap when thresholds were only specified in
percent. This is no longer the case and the state now must be specified
explicitly. The default is to always return CRITICAL when the swap is
absent regardless of thresholds.
|
|
Also use strcasecmp imported from gnulib for simplicity
|