SEGV in cmd_process_service_check_result (base/commands.c)

Mooney, Ryan ryan.mooney at pnl.gov
Tue Jul 1 03:49:28 CEST 2003

Previous message: Nagios Double Checking with remote Nagios site for verification of errors
Next message: SEGV in cmd_process_service_check_result (base/commands.c)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'm seeing this in a nagios 1.0 deployment, but its still appears to be in the CVS version.
 
Basically the problem happens when an external PROCESS_SERVICE_CHECK_RESULT comes in
formatted like:
  [1056956399] PROCESS_SERVICE_CHECK_RESULT;
Yes this is an error (one of my external check scripts barfs every so often).  However it shouldn't crash nagios...
 
The problem is that  
  /* get the host name */
  temp_ptr=my_strtok(args,";");
returns a null and then when you try to do the  
   if(!strcmp(temp_ptr,temp_host->address)){
a few lines later bam strcmp((char *)0, something_else) == instant SEGV.
 
The obvious solution is to put a test in for strlen of args, but looking around I see a couple
other places where this could conceivably happen, so the question is - is it better to fix each
of them individually in thier own functions, or just stuff some code in up higher that checks 
the args is mostly ok (or at least exists) for the vulnerable types (types that have args) (maybe 
in process_external_command() or check_for_external_commands()). Or maybe there is a better
way to handle the problem altogether.

Previous message: Nagios Double Checking with remote Nagios site for verification of errors
Next message: SEGV in cmd_process_service_check_result (base/commands.c)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list