[icinga-checkins] icinga.org: icinga-core/mbecker/test: classic ui: fix status. cgi segfault without hostgroup parameter on solaris 10 #594

git at icinga.org git at icinga.org
Fri Sep 24 19:37:24 CEST 2010


Module: icinga-core
Branch: mbecker/test
Commit: 99c1ee9484f5f13b65c0689b8066ca4d823799d8
URL:    https://git.icinga.org/?p=icinga-core.git;a=commit;h=99c1ee9484f5f13b65c0689b8066ca4d823799d8

Author: Michael Friedrich <michael.friedrich at univie.ac.at>
Date:   Fri Sep 24 17:57:40 2010 +0200

classic ui: fix status.cgi segfault without hostgroup parameter on solaris 10 #594

defaults then to host_name, which is also NULL.
printf("%s", NULL) on Solaris is evil.

getenv also returns NULL if QUERY_STRING not set. this causes
strdup to segfault too - fixed.

fixes #594
refs #806

---

 Changelog    |    1 +
 cgi/status.c |   46 +++++++++++++++++++++++++++-------------------
 2 files changed, 28 insertions(+), 19 deletions(-)

diff --git a/Changelog b/Changelog
index 2cfc924..8cafbeb 100644
--- a/Changelog
+++ b/Changelog
@@ -36,6 +36,7 @@ FIXES
 * classic ui: removed double header in tac.c #808
 * classic ui: changed size of checkbox column to 16 #809
 * classic ui: remove useless utils.inc.php since check-program-updates is dropped from core #800
+* classic ui: fix status.cgi segfault without hostgroup parameter on solaris 10 #594
 
 * idoutils: fix ido2db forking if database connection failed, now immediately disconnecting the client #773
 
diff --git a/cgi/status.c b/cgi/status.c
index 624e9db..5fd1267 100644
--- a/cgi/status.c
+++ b/cgi/status.c
@@ -880,7 +880,7 @@ void show_service_status_totals(void){
 	printf("<TH CLASS='serviceTotals'>");
 	printf("<A CLASS='serviceTotals' HREF='%s?",STATUS_CGI);
 	if(display_type==DISPLAY_HOSTS)
-		printf("host=%s",url_encode(host_name));
+		printf("host=%s",(host_name==NULL)?"all":url_encode(host_name));
 	else if(display_type==DISPLAY_SERVICEGROUPS)
 		printf("servicegroup=%s&style=detail",url_encode(servicegroup_name));
 	else
@@ -892,7 +892,7 @@ void show_service_status_totals(void){
 	printf("<TH CLASS='serviceTotals'>");
 	printf("<A CLASS='serviceTotals' HREF='%s?",STATUS_CGI);
 	if(display_type==DISPLAY_HOSTS)
-		printf("host=%s",url_encode(host_name));
+		printf("host=%s",(host_name==NULL)?"all":url_encode(host_name));
 	else if(display_type==DISPLAY_SERVICEGROUPS)
 		printf("servicegroup=%s&style=detail",url_encode(servicegroup_name));
 	else
@@ -904,7 +904,7 @@ void show_service_status_totals(void){
 	printf("<TH CLASS='serviceTotals'>");
 	printf("<A CLASS='serviceTotals' HREF='%s?",STATUS_CGI);
 	if(display_type==DISPLAY_HOSTS)
-		printf("host=%s",url_encode(host_name));
+		printf("host=%s",(host_name==NULL)?"all":url_encode(host_name));
 	else if(display_type==DISPLAY_SERVICEGROUPS)
 		printf("servicegroup=%s&style=detail",url_encode(servicegroup_name));
 	else
@@ -916,7 +916,7 @@ void show_service_status_totals(void){
 	printf("<TH CLASS='serviceTotals'>");
 	printf("<A CLASS='serviceTotals' HREF='%s?",STATUS_CGI);
 	if(display_type==DISPLAY_HOSTS)
-		printf("host=%s",url_encode(host_name));
+		printf("host=%s",(host_name==NULL)?"all":url_encode(host_name));
 	else if(display_type==DISPLAY_SERVICEGROUPS)
 		printf("servicegroup=%s&style=detail",url_encode(servicegroup_name));
 	else
@@ -928,7 +928,7 @@ void show_service_status_totals(void){
 	printf("<TH CLASS='serviceTotals'>");
 	printf("<A CLASS='serviceTotals' HREF='%s?",STATUS_CGI);
 	if(display_type==DISPLAY_HOSTS)
-		printf("host=%s",url_encode(host_name));
+		printf("host=%s",(host_name==NULL)?"all":url_encode(host_name));
 	else if(display_type==DISPLAY_SERVICEGROUPS)
 		printf("servicegroup=%s&style=detail",url_encode(servicegroup_name));
 	else
@@ -969,7 +969,7 @@ void show_service_status_totals(void){
 	printf("<TH CLASS='serviceTotals'>");
 	printf("<A CLASS='serviceTotals' HREF='%s?",STATUS_CGI);
 	if(display_type==DISPLAY_HOSTS)
-		printf("host=%s",url_encode(host_name));
+		printf("host=%s",(host_name==NULL)?"all":url_encode(host_name));
 	else if(display_type==DISPLAY_SERVICEGROUPS)
 		printf("servicegroup=%s&style=detail",url_encode(servicegroup_name));
 	else
@@ -981,7 +981,7 @@ void show_service_status_totals(void){
 	printf("<TH CLASS='serviceTotals'>");
 	printf("<A CLASS='serviceTotals' HREF='%s?",STATUS_CGI);
 	if(display_type==DISPLAY_HOSTS)
-		printf("host=%s",url_encode(host_name));
+		printf("host=%s",(host_name==NULL)?"all":url_encode(host_name));
 	else if(display_type==DISPLAY_SERVICEGROUPS)
 		printf("servicegroup=%s&style=detail",url_encode(servicegroup_name));
 	else
@@ -1093,7 +1093,7 @@ void show_host_status_totals(void){
 	printf("<TH CLASS='hostTotals'>");
 	printf("<A CLASS='hostTotals' HREF='%s?",STATUS_CGI);
 	if(display_type==DISPLAY_HOSTS)
-		printf("host=%s",url_encode(host_name));
+		printf("host=%s",(host_name==NULL)?"all":url_encode(host_name));
 	else if(display_type==DISPLAY_SERVICEGROUPS)
 		printf("servicegroup=%s",url_encode(servicegroup_name));
 	else{
@@ -1111,7 +1111,7 @@ void show_host_status_totals(void){
 	printf("<TH CLASS='hostTotals'>");
 	printf("<A CLASS='hostTotals' HREF='%s?",STATUS_CGI);
 	if(display_type==DISPLAY_HOSTS)
-		printf("host=%s",url_encode(host_name));
+		printf("host=%s",(host_name==NULL)?"all":url_encode(host_name));
 	else if(display_type==DISPLAY_SERVICEGROUPS)
 		printf("servicegroup=%s",url_encode(servicegroup_name));
 	else{
@@ -1129,7 +1129,7 @@ void show_host_status_totals(void){
 	printf("<TH CLASS='hostTotals'>");
 	printf("<A CLASS='hostTotals' HREF='%s?",STATUS_CGI);
 	if(display_type==DISPLAY_HOSTS)
-		printf("host=%s",url_encode(host_name));
+		printf("host=%s",(host_name==NULL)?"all":url_encode(host_name));
 	else if(display_type==DISPLAY_SERVICEGROUPS)
 		printf("servicegroup=%s",url_encode(servicegroup_name));
 	else{
@@ -1147,7 +1147,7 @@ void show_host_status_totals(void){
 	printf("<TH CLASS='hostTotals'>");
 	printf("<A CLASS='hostTotals' HREF='%s?",STATUS_CGI);
 	if(display_type==DISPLAY_HOSTS)
-		printf("host=%s",url_encode(host_name));
+		printf("host=%s",(host_name==NULL)?"all":url_encode(host_name));
 	else if(display_type==DISPLAY_SERVICEGROUPS)
 		printf("servicegroup=%s",url_encode(servicegroup_name));
 	else{
@@ -1190,7 +1190,7 @@ void show_host_status_totals(void){
 	printf("<TH CLASS='hostTotals'>");
 	printf("<A CLASS='hostTotals' HREF='%s?",STATUS_CGI);
 	if(display_type==DISPLAY_HOSTS)
-		printf("host=%s",url_encode(host_name));
+		printf("host=%s",(host_name==NULL)?"all":url_encode(host_name));
 	else if(display_type==DISPLAY_SERVICEGROUPS)
 		printf("servicegroup=%s",url_encode(servicegroup_name));
 	else{
@@ -1208,7 +1208,7 @@ void show_host_status_totals(void){
 	printf("<TH CLASS='hostTotals'>");
 	printf("<A CLASS='hostTotals' HREF='%s?",STATUS_CGI);
 	if(display_type==DISPLAY_HOSTS)
-		printf("host=%s",url_encode(host_name));
+		printf("host=%s",(host_name==NULL)?"all":url_encode(host_name));
 	else if(display_type==DISPLAY_SERVICEGROUPS)
 		printf("servicegroup=%s",url_encode(servicegroup_name));
 	else{
@@ -1353,8 +1353,12 @@ void show_service_detail(void){
 
 		printf("</td>\n");
 
-		// will this cause a probelm with buffer overlow
-		printf("<td valign=bottom width=33%%><div class='csv_export_link'><a href='%s?%s&csvoutput' target='_blank'>Export to CSV</a></div></td>\n",STATUS_CGI,strdup(getenv("QUERY_STRING")));
+                /* add export to csv link */
+                if(getenv("QUERY_STRING")!=NULL) {
+                        printf("<td valign=bottom width=33%%><div class='csv_export_link'><a href='%s?%s&csvoutput' target='_blank'>Export to CSV</a></div></td>\n",STATUS_CGI,strdup(getenv("QUERY_STRING")));
+                } else {
+                        printf("<td valign=bottom width=33%%><div class='csv_export_link'><a href='%s?csvoutput' target='_blank'>Export to CSV</a></div></td>\n",STATUS_CGI);
+                }
 
 		printf("</tr>\n");
 		printf("</table>\n");
@@ -1366,7 +1370,7 @@ void show_service_detail(void){
 	snprintf(temp_url,sizeof(temp_url)-1,"%s?",STATUS_CGI);
 	temp_url[sizeof(temp_url)-1]='\x0';
 	if(display_type==DISPLAY_HOSTS)
-		snprintf(temp_buffer,sizeof(temp_buffer)-1,"host=%s",url_encode(host_name));
+		snprintf(temp_buffer,sizeof(temp_buffer)-1,"host=%s",(host_name==NULL)?"all":url_encode(host_name));
 	else if(display_type==DISPLAY_SERVICEGROUPS)
 		snprintf(temp_buffer,sizeof(temp_buffer)-1,"servicegroup=%s&style=detail",url_encode(servicegroup_name));
 	else
@@ -2004,8 +2008,12 @@ void show_host_detail(void){
 
 		printf("</td>\n");
 
-		// will this cause a probelm with buffer overlow
-		printf("<td valign=bottom width=33%%><div class='csv_export_link'><a href='%s?%s&csvoutput' target='_blank'>Export to CSV</a></div></td>\n",STATUS_CGI,strdup(getenv("QUERY_STRING")));
+		/* add export to csv link */
+		if(getenv("QUERY_STRING")!=NULL) {
+			printf("<td valign=bottom width=33%%><div class='csv_export_link'><a href='%s?%s&csvoutput' target='_blank'>Export to CSV</a></div></td>\n",STATUS_CGI,strdup(getenv("QUERY_STRING")));
+		} else {
+			printf("<td valign=bottom width=33%%><div class='csv_export_link'><a href='%s?csvoutput' target='_blank'>Export to CSV</a></div></td>\n",STATUS_CGI);
+		}
 
 		printf("</tr>\n");
 		printf("</table>\n");
@@ -2015,7 +2023,7 @@ void show_host_detail(void){
 	snprintf(temp_url,sizeof(temp_url)-1,"%s?",STATUS_CGI);
 	temp_url[sizeof(temp_url)-1]='\x0';
 	if(display_type==DISPLAY_HOSTS)
-		snprintf(temp_buffer,sizeof(temp_buffer)-1,"host=%s&style=hostdetail",url_encode(host_name));
+		snprintf(temp_buffer,sizeof(temp_buffer)-1,"host=%s&style=hostdetail",(host_name==NULL)?"all":url_encode(host_name));
 	else
 		snprintf(temp_buffer,sizeof(temp_buffer)-1,"hostgroup=%s&style=hostdetail",url_encode(hostgroup_name));
 	temp_buffer[sizeof(temp_buffer)-1]='\x0';





More information about the icinga-checkins mailing list