check_http core dump on solaris

Andreas Ericsson ae at op5.se
Tue Nov 2 09:44:15 CET 2004

Previous message: check_http core dump on solaris
Next message: check_oracle
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

craig wrote:
> GNU gdb 6.0
> Copyright 2003 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you
> are
> welcome to change it and/or distribute copies of it under certain
> conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB.  Type "show warranty" for
> details.
> This GDB was configured as "sparc-sun-solaris2.9"...
> (gdb) run -I 192.168.0.100 -u http://192.168.0.100/index.html
> Starting program: /usr/local/nagios/libexec/check_http -I 192.168.0.100
> -u http://192.168.0.100/index.html
> HTTP OK HTTP/1.1 200 OK - 40 bytes in 0.006 seconds |time=5975us;;;0
> size=40B;;;0
>  
> Program exited normally.
> (gdb) run -I 192.168.0.100 -u http://192.168.0.100/index.html
> Starting program: /usr/local/nagios/libexec/check_http -I 192.168.0.100
> -u http://192.168.0.100/index.html
>  
> Program received signal SIGSEGV, Segmentation fault.
> 0xff374880 in freeaddrinfo () from /usr/lib/libsocket.so.1
> (gdb) bt 0xff374880
> #0  0xff374880 in freeaddrinfo () from /usr/lib/libsocket.so.1
> #1  0x00014984 in my_connect (host_name=0x0, port=195584, sd=0x2fd20,
> proto=6) at netutils.c:304
> #2  0x00012b54 in check_http () at check_http.c:502
> 

Judging by the function names here, it might be a double free bug in 
libsocket, but my_connect() should look for nullness in host_name before 
trying to do anything with it. Also, the port and socket descriptor 
seems to be un-initialized, which points to poor design in check_http.

> 
> Note: 192.168.0.100 is not the real IP checked, changed for this
> posting.
> 
> This is line 502 & 503 in check_http.c
> if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK)
>     die (STATE_CRITICAL, _("Unable to open TCP socket\n"));
> 
> I don't know much about C...
> 
> Thanks
> 
> Craig
> 
> 
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by:
> Sybase ASE Linux Express Edition - download now for FREE
> LinuxWorld Reader's Choice Award Winner for best database on Linux.
> http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
> ::: Messages without supporting info will risk being sent to /dev/null
> 

-- 
Andreas Ericsson                   andreas.ericsson at op5.se
OP5 AB                             www.op5.se
Lead Developer


-------------------------------------------------------
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: check_http core dump on solaris
Next message: check_oracle
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list