diff options
Diffstat (limited to 'plugins/popen.c')
| -rw-r--r-- | plugins/popen.c | 294 |
1 files changed, 294 insertions, 0 deletions
diff --git a/plugins/popen.c b/plugins/popen.c new file mode 100644 index 0000000..036bc60 --- /dev/null +++ b/plugins/popen.c @@ -0,0 +1,294 @@ +/***************************************************************************** +* +* Monitoring Plugins popen +* +* License: GPL +* Copyright (c) 2005-2007 Monitoring Plugins Development Team +* +* Description: +* +* A safe alternative to popen +* +* Provides spopen and spclose +* +* FILE * spopen(const char *); +* int spclose(FILE *); +* +* Code taken with little modification from "Advanced Programming for the Unix +* Environment" by W. Richard Stevens +* +* This is considered safe in that no shell is spawned, and the environment +* and path passed to the exec'd program are essentially empty. (popen create +* a shell and passes the environment to it). +* +* +* This program is free software: you can redistribute it and/or modify +* it under the terms of the GNU General Public License as published by +* the Free Software Foundation, either version 3 of the License, or +* (at your option) any later version. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program. If not, see <http://www.gnu.org/licenses/>. +* +* +*****************************************************************************/ + +#include "./common.h" +#include "./utils.h" +#include "../lib/maxfd.h" + +/* extern so plugin has pid to kill exec'd process on timeouts */ +extern pid_t *childpid; +extern int *child_stderr_array; +extern FILE *child_process; + +FILE *spopen (const char *); +int spclose (FILE *); +#ifdef REDHAT_SPOPEN_ERROR +void popen_sigchld_handler (int); +#endif +void popen_timeout_alarm_handler (int); + +#include <stdarg.h> /* ANSI C header file */ +#include <fcntl.h> + +#include <limits.h> +#include <sys/resource.h> + +#ifdef HAVE_SYS_WAIT_H +#include <sys/wait.h> +#endif + +#ifndef WEXITSTATUS +# define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8) +#endif + +#ifndef WIFEXITED +# define WIFEXITED(stat_val) (((stat_val) & 255) == 0) +#endif + +/* 4.3BSD Reno <signal.h> doesn't define SIG_ERR */ +#if defined(SIG_IGN) && !defined(SIG_ERR) +#define SIG_ERR ((Sigfunc *)-1) +#endif + + +char *pname = NULL; /* caller can set this from argv[0] */ + +#ifdef REDHAT_SPOPEN_ERROR +static volatile int childtermd = 0; +#endif + +FILE * +spopen (const char *cmdstring) +{ + char *env[2]; + char *cmd = NULL; + char **argv = NULL; + char *str, *tmp; + int argc; + + int i = 0, pfd[2], pfderr[2]; + pid_t pid; + +#ifdef RLIMIT_CORE + /* do not leave core files */ + struct rlimit limit; + getrlimit (RLIMIT_CORE, &limit); + limit.rlim_cur = 0; + setrlimit (RLIMIT_CORE, &limit); +#endif + + env[0] = strdup("LC_ALL=C"); + env[1] = '\0'; + + /* if no command was passed, return with no error */ + if (cmdstring == NULL) + return (NULL); + + /* make copy of command string so strtok() doesn't silently modify it */ + /* (the calling program may want to access it later) */ + cmd = malloc (strlen (cmdstring) + 1); + if (cmd == NULL) + return NULL; + strcpy (cmd, cmdstring); + + /* This is not a shell, so we don't handle "???" */ + if (strstr (cmdstring, "\"")) + return NULL; + + /* allow single quotes, but only if non-whitesapce doesn't occur on both sides */ + if (strstr (cmdstring, " ' ") || strstr (cmdstring, "'''")) + return NULL; + + /* there cannot be more args than characters */ + argc = strlen (cmdstring) + 1; /* add 1 for NULL termination */ + argv = malloc (sizeof(char*)*argc); + + if (argv == NULL) { + printf ("%s\n", _("Could not malloc argv array in popen()")); + return NULL; + } + + /* loop to get arguments to command */ + while (cmd) { + str = cmd; + str += strspn (str, " \t\r\n"); /* trim any leading whitespace */ + + if (i >= argc - 2) { + printf ("%s\n",_("CRITICAL - You need more args!!!")); + return (NULL); + } + + if (strstr (str, "'") == str) { /* handle SIMPLE quoted strings */ + str++; + if (!strstr (str, "'")) + return NULL; /* balanced? */ + cmd = 1 + strstr (str, "'"); + str[strcspn (str, "'")] = 0; + } + else if (strcspn(str,"'") < strcspn (str, " \t\r\n")) { + /* handle --option='foo bar' strings */ + tmp = str + strcspn(str, "'") + 1; + if (!strstr (tmp, "'")) + return NULL; /* balanced? */ + tmp += strcspn(tmp,"'") + 1; + *tmp = 0; + cmd = tmp + 1; + } else { + if (strpbrk (str, " \t\r\n")) { + cmd = 1 + strpbrk (str, " \t\r\n"); + str[strcspn (str, " \t\r\n")] = 0; + } + else { + cmd = NULL; + } + } + + if (cmd && strlen (cmd) == strspn (cmd, " \t\r\n")) + cmd = NULL; + + argv[i++] = str; + + } + argv[i] = NULL; + + long maxfd = mp_open_max(); + + if (childpid == NULL) { /* first time through */ + if ((childpid = calloc ((size_t)maxfd, sizeof (pid_t))) == NULL) + return (NULL); + } + + if (child_stderr_array == NULL) { /* first time through */ + if ((child_stderr_array = calloc ((size_t)maxfd, sizeof (int))) == NULL) + return (NULL); + } + + if (pipe (pfd) < 0) + return (NULL); /* errno set by pipe() */ + + if (pipe (pfderr) < 0) + return (NULL); /* errno set by pipe() */ + +#ifdef REDHAT_SPOPEN_ERROR + if (signal (SIGCHLD, popen_sigchld_handler) == SIG_ERR) { + usage4 (_("Cannot catch SIGCHLD")); + } +#endif + + if ((pid = fork ()) < 0) + return (NULL); /* errno set by fork() */ + else if (pid == 0) { /* child */ + close (pfd[0]); + if (pfd[1] != STDOUT_FILENO) { + dup2 (pfd[1], STDOUT_FILENO); + close (pfd[1]); + } + close (pfderr[0]); + if (pfderr[1] != STDERR_FILENO) { + dup2 (pfderr[1], STDERR_FILENO); + close (pfderr[1]); + } + /* close all descriptors in childpid[] */ + for (i = 0; i < maxfd; i++) + if (childpid[i] > 0) + close (i); + + execve (argv[0], argv, env); + _exit (0); + } + + close (pfd[1]); /* parent */ + if ((child_process = fdopen (pfd[0], "r")) == NULL) + return (NULL); + close (pfderr[1]); + + childpid[fileno (child_process)] = pid; /* remember child pid for this fd */ + child_stderr_array[fileno (child_process)] = pfderr[0]; /* remember STDERR */ + return (child_process); +} + +int +spclose (FILE * fp) +{ + int fd, status; + pid_t pid; + + if (childpid == NULL) + return (1); /* popen() has never been called */ + + fd = fileno (fp); + if ((pid = childpid[fd]) == 0) + return (1); /* fp wasn't opened by popen() */ + + childpid[fd] = 0; + if (fclose (fp) == EOF) + return (1); + +#ifdef REDHAT_SPOPEN_ERROR + while (!childtermd); /* wait until SIGCHLD */ +#endif + + while (waitpid (pid, &status, 0) < 0) + if (errno != EINTR) + return (1); /* error other than EINTR from waitpid() */ + + if (WIFEXITED (status)) + return (WEXITSTATUS (status)); /* return child's termination status */ + + return (1); +} + +#ifdef REDHAT_SPOPEN_ERROR +void +popen_sigchld_handler (int signo) +{ + if (signo == SIGCHLD) + childtermd = 1; +} +#endif + +void +popen_timeout_alarm_handler (int signo) +{ + int fh; + if (signo == SIGALRM) { + if (child_process != NULL) { + fh=fileno (child_process); + if(fh >= 0){ + kill (childpid[fh], SIGKILL); + } + printf (_("CRITICAL - Plugin timed out after %d seconds\n"), + timeout_interval); + } else { + printf ("%s\n", _("CRITICAL - popen timeout received, but no child process")); + } + exit (STATE_CRITICAL); + } +} |