upstream/monitoring-plugins
1
0
Fork 0
mirror of https://github.com/monitoring-plugins/monitoring-plugins.git synced 2026-04-21 22:29:49 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix check_curl crash if http header contains leading spaces

Browse source 
check_curl crashes when a (broken) http server returns invalid http header with
leading spaces or double colons. This PR adds a fix and a test case for this.

Signed-off-by: Sven Nierlein <sven@nierlein.de>
This commit is contained in:
Sven Nierlein 2021-03-11 13:33:16 +01:00
parent 05d7f70d45
commit 5cfc93d995
2 changed files with 14 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
plugins/check_curl.c
View file

@ -2037,7 +2037,7 @@ get_header_value (const struct phr_header* headers, const size_t nof_headers, co
{
int i;
for( i = 0; i < nof_headers; i++ ) {
if( strncasecmp( header, headers[i].name, max( headers[i].name_len, 4 ) ) == 0 ) {
if(headers[i].name != NULL && strncasecmp( header, headers[i].name, max( headers[i].name_len, 4 ) ) == 0 ) {
return strndup( headers[i].value, headers[i].value_len );
}
}

16
plugins/tests/check_curl.t
View file

@ -21,7 +21,7 @@ use FindBin qw($Bin);
$ENV{'LC_TIME'} = "C";
my $common_tests = 70;
my $common_tests = 72;
my $ssl_only_tests = 8;
# Check that all dependent modules are available
eval "use HTTP::Daemon 6.01;";
@ -188,6 +188,12 @@ sub run_server {
$c->send_basic_header;
$c->send_header('foo');
$c->send_crlf;
} elsif ($r->url->path eq "/header_broken_check") {
$c->send_basic_header;
$c->send_header('foo');
print $c "Test1:: broken\n";
print $c " Test2: leading whitespace\n";
$c->send_crlf;
} elsif ($r->url->path eq "/virtual_port") {
# return sent Host header
$c->send_basic_header;
@ -247,7 +253,7 @@ my $cmd;
# advanced checks with virtual hostname and virtual port
SKIP: {
skip "libcurl version is smaller than $required_version", 6 unless $use_advanced_checks;
# http without virtual port
$cmd = "./$plugin -H $virtual_host -I 127.0.0.1 -p $port_http -u /virtual_port -r ^$virtual_host:$port_http\$";
$result = NPTest->testCmd( $cmd );
@ -259,7 +265,7 @@ SKIP: {
$result = NPTest->testCmd( $cmd );
is( $result->return_code, 0, $cmd);
like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
# http with virtual port (80)
$cmd = "./$plugin -H $virtual_host:80 -I 127.0.0.1 -p $port_http -u /virtual_port -r ^$virtual_host\$";
$result = NPTest->testCmd( $cmd );
@ -321,6 +327,10 @@ sub run_common_tests {
is( $result->return_code, 2, "Missing header string check");
like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - header 'bar' not found on 'https?://127\.0\.0\.1:\d+/header_check'%, "Shows search string and location");
$result = NPTest->testCmd( "$command -u /header_broken_check" );
is( $result->return_code, 0, "header_check search for string");
like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 138 bytes in [\d\.]+ second/', "Output correct" );
my $cmd;
$cmd = "$command -u /slow";
$result = NPTest->testCmd( $cmd );