[icinga-devel] fix segfault when sending host notifications - head

Michael Friedrich michael.friedrich at univie.ac.at
Wed Jul 13 18:19:36 CEST 2011


hi,

hacking around in Icinga Core, the patch on the nagios-exp.git 
repository on git.op5.org for using local macros on the notifications 
came up with a bug on the host notifications.
basically, a memset was missing in order to allocate memory before 
accessing/freeing the macro struct. See over here 
https://dev.icinga.org/issues/1703 and/or below. On Icinga GIT you will 
recognize the commit already.


start gdb

~/nagios/nagios-exp $ sudo gdb base/nagios

(gdb) run /usr/local/nagios/etc/nagios.cfg
Starting program: nagios/nagios-exp/base/nagios 
/usr/local/nagios/etc/nagios.cfg
[Thread debugging using libthread_db enabled]

Nagios Core 3.3.1
Copyright (c) 2009-2011 Nagios Core Development Team and Community 
Contributors
Copyright (c) 1999-2009 Ethan Galstad
Last Modified: 02-13-2011
License: GPL

Website: http://www.nagios.org
Nagios 3.3.1 starting... (PID=10221)
Local time is Wed Jul 13 17:47:18 CEST 2011
[New Thread 0x40a00940 (LWP 10224)]
[New Thread 0x41401940 (LWP 10225)]


send a custom host notification

# /usr/bin/printf "[1310543176] 
SEND_CUSTOM_HOST_NOTIFICATION;localhost;2;nagiosadmin;foobar" > 
/usr/local/nagios/var/rw/nagios.cmd


watch it die ...

ARGS: localhost;2;nagiosadmin;foobar

Program received signal SIGSEGV, Segmentation fault.
0x0000003fe247273e in free () from /lib64/libc.so.6

attached is a patch, which fixes this accordingly and applies cleanly to 
nagios-exp HEAD.

Nagios 3.3.1 starting... (PID=13983)
Local time is Wed Jul 13 18:00:23 CEST 2011
[New Thread 0x40a00940 (LWP 13986)]
[New Thread 0x41401940 (LWP 13987)]
ARGS: localhost;2;nagiosadmin;foobar
Detaching after fork from child process 14060.

feel free to use the patch or introduce a proper solution :-)


kind regards,
Michael


backtrace.

(gdb) bt full
#0 0x0000003fe247273e in free () from /lib64/libc.so.6
No symbol table info available.
#1 0x000000000042fa91 in clear_volatile_macros_r (mac=0x7fffffffdf00) at 
../common/macros.c:2824
this_customvariablesmember = <value optimized out>
next_customvariablesmember = <value optimized out>
x = 2
#2 0x0000000000439b99 in host_notification (hst=0x6b8440, type=99, 
not_author=0x6b4d00 "nagiosadmin", not_data=0x6b5230 "foobar",
options=2) at notifications.c:1041
temp_notification = <value optimized out>
temp_contact = <value optimized out>
current_time = <value optimized out>
start_time = {tv_sec = 1310572223, tv_usec = 700585}
end_time = {tv_sec = 7012920, tv_usec = 7}
escalated = 0
result = <value optimized out>
contacts_notified = <value optimized out>
increment_notification_number = <value optimized out>
mac = {x = {0x0, 0x0, 0x20 <Address 0x20 out of bounds>, 0x0, 0x64000000 
<Address 0x64000000 out of bounds>, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0xa <Address 0xa out of bounds>, 0x5c <Address 0x5c 
out of bounds>,
0xffffffff0000000a <Address 0xffffffff0000000a out of bounds>, 0x480b01 
"s\n", 0x0, 0x25 <Address 0x25 out of bounds>,
0x1 <Address 0x1 out of bounds>, 0x21 <Address 0x21 out of bounds>, 
0x100000001 <Address 0x100000001 out of bounds>,
0x490ab8 "d\n", 0x0, 0x0, 0x3fe248d98f "\205\300\017\204\231\001", 0x0, 
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x1 <Address 0x1 out of bounds>, 0x0, 0x3000000018 <Address 0x3000000018 
out of bounds>, 0x7fffffffe380 "\300\352\340\302>",
0x801 <Address 0x801 out of bounds>, 0x9802f <Address 0x9802f out of 
bounds>, 0x1 <Address 0x1 out of bounds>,
0x81a4 <Address 0x81a4 out of bounds>, 0x0, 0x0, 0x8a3 <Address 0x8a3 
out of bounds>, 0x1000 <Address 0x1000 out of bounds>,
0x10 <Address 0x10 out of bounds>, 0x4e1dbeb0 <Address 0x4e1dbeb0 out of 
bounds>, 0x0,
0x4aef1ace <Address 0x4aef1ace out of bounds>, 0x0, 0x4aef1ace <Address 
0x4aef1ace out of bounds>, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x3fe27529e0 "", 0x3fe2520afb "/etc/localtime", 0xf <Address 
0xf out of bounds>, 0x69e890 "/etc/localtime",
0x3fe27535a0 "", 0x6bf13b "\342?", 0x3fe2474cde 
"H\205\300H\211\305tJ\203=;\022.", 0xf <Address 0xf out of bounds>,
0x3fe2520afb "/etc/localtime", 0x1 <Address 0x1 out of bounds>, 0x69e890 
"/etc/localtime", 0x3fe27535a0 "",
0x6bf13b "\342?", 0x7fffffffe1b0 ";\361k", 0x3fe248c8af "D\213=J\224,", 
0x1 <Address 0x1 out of bounds>,
0x81a4 <Address 0x81a4 out of bounds>, 0x0, 0x0, 0x8a3 <Address 0x8a3 
out of bounds>, 0x1000 <Address 0x1000 out of bounds>,
0x10 <Address 0x10 out of bounds>, 0x3fe251fa76 "%H:%M:%S", 0x1ff5 
<Address 0x1ff5 out of bounds>, 0x3fe2520fc8 "T ",
0x8 <Address 0x8 out of bounds>, 0x6bf13b "\342?", 0x6bf13b "\342?", 
0x3fe248d350 "\213\005\252\211,", 0x0,
0x3fe2491f18 "\351Y\377\377\377Hc\332L\211\377\276\060", 0x7fffffffe2a0 
"\020 ", 0x7fffffffe2e8 "\t",
0x3fe274fae0 "@\355t\342?", 0x7fffffffe3f0 "\027", 0x1ff5 <Address 
0x1ff5 out of bounds>,
0x44e823 
"\205\300u\021H\211\332\061\300H\t\352t\aH\205۰\001u\026H\213\\$\bH\213l$\020H\203\304\030ø\377\377\377\377\353\352H\205\355\270\377\377\377\377t\340H\211\356H\211\337H\213l$\020H\213\\$\bH\203\304\030\351\067\066\374\377\017\037\200", 

0x69e890 "/etc/localtime", 0x6b8900 "@\204k", 0x6ad950 "", 0x43cf6c 
"\205\300f\220t\030H\203<$", 0x0,
0x6b5200 "localhost;2;nagiosadmin;foobar", 0x9f <Address 0x9f out of 
bounds>, 0x4e1d4d48 <Address 0x4e1d4d48 out of bounds>,
0x6b5200 "localhost;2;nagiosadmin;foobar", 0x7fffffffe6d0 "", 0xffffffff 
<Address 0xffffffff out of bounds>,
0x44adc3 "H\201\304X\003", 0x6b0220 "localhost", 0x3fe27529e0 "", 
0x6b2020 "SEND_CUSTOM_HOST_NOTIFICATION",
0x258 <Address 0x258 out of bounds>, 0x3fe27529e0 "", 0x7fffffffe4f0 "",
options=2) at notifications.c:1041
temp_notification = <value optimized out>
temp_contact = <value optimized out>
current_time = <value optimized out>
start_time = {tv_sec = 1310572223, tv_usec = 700585}
end_time = {tv_sec = 7012920, tv_usec = 7}
escalated = 0
result = <value optimized out>
contacts_notified = <value optimized out>
increment_notification_number = <value optimized out>
mac = {x = {0x0, 0x0, 0x20 <Address 0x20 out of bounds>, 0x0, 0x64000000 
<Address 0x64000000 out of bounds>, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0xa <Address 0xa out of bounds>, 0x5c <Address 0x5c 
out of bounds>,
0xffffffff0000000a <Address 0xffffffff0000000a out of bounds>, 0x480b01 
"s\n", 0x0, 0x25 <Address 0x25 out of bounds>,
0x1 <Address 0x1 out of bounds>, 0x21 <Address 0x21 out of bounds>, 
0x100000001 <Address 0x100000001 out of bounds>,
0x490ab8 "d\n", 0x0, 0x0, 0x3fe248d98f "\205\300\017\204\231\001", 0x0, 
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x1 <Address 0x1 out of bounds>, 0x0, 0x3000000018 <Address 0x3000000018 
out of bounds>, 0x7fffffffe380 "\300\352\340\302>",
0x801 <Address 0x801 out of bounds>, 0x9802f <Address 0x9802f out of 
bounds>, 0x1 <Address 0x1 out of bounds>,
0x81a4 <Address 0x81a4 out of bounds>, 0x0, 0x0, 0x8a3 <Address 0x8a3 
out of bounds>, 0x1000 <Address 0x1000 out of bounds>,
0x10 <Address 0x10 out of bounds>, 0x4e1dbeb0 <Address 0x4e1dbeb0 out of 
bounds>, 0x0,
0x4aef1ace <Address 0x4aef1ace out of bounds>, 0x0, 0x4aef1ace <Address 
0x4aef1ace out of bounds>, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x3fe27529e0 "", 0x3fe2520afb "/etc/localtime", 0xf <Address 
0xf out of bounds>, 0x69e890 "/etc/localtime",
0x3fe27535a0 "", 0x6bf13b "\342?", 0x3fe2474cde 
"H\205\300H\211\305tJ\203=;\022.", 0xf <Address 0xf out of bounds>,
0x3fe2520afb "/etc/localtime", 0x1 <Address 0x1 out of bounds>, 0x69e890 
"/etc/localtime", 0x3fe27535a0 "",
0x6bf13b "\342?", 0x7fffffffe1b0 ";\361k", 0x3fe248c8af "D\213=J\224,", 
0x1 <Address 0x1 out of bounds>,
0x81a4 <Address 0x81a4 out of bounds>, 0x0, 0x0, 0x8a3 <Address 0x8a3 
out of bounds>, 0x1000 <Address 0x1000 out of bounds>,
0x10 <Address 0x10 out of bounds>, 0x3fe251fa76 "%H:%M:%S", 0x1ff5 
<Address 0x1ff5 out of bounds>, 0x3fe2520fc8 "T ",
0x8 <Address 0x8 out of bounds>, 0x6bf13b "\342?", 0x6bf13b "\342?", 
0x3fe248d350 "\213\005\252\211,", 0x0,
0x3fe2491f18 "\351Y\377\377\377Hc\332L\211\377\276\060", 0x7fffffffe2a0 
"\020 ", 0x7fffffffe2e8 "\t",
0x3fe274fae0 "@\355t\342?", 0x7fffffffe3f0 "\027", 0x1ff5 <Address 
0x1ff5 out of bounds>,
0x44e823 
"\205\300u\021H\211\332\061\300H\t\352t\aH\205۰\001u\026H\213\\$\bH\213l$\020H\203\304\030ø\377\377\377\377\353\352H\205\355\270\377\377\377\377t\340H\211\356H\211\337H\213l$\020H\213\\$\bH\203\304\030\351\067\066\374\377\017\037\200", 

0x69e890 "/etc/localtime", 0x6b8900 "@\204k", 0x6ad950 "", 0x43cf6c 
"\205\300f\220t\030H\203<$", 0x0,
0x6b5200 "localhost;2;nagiosadmin;foobar", 0x9f <Address 0x9f out of 
bounds>, 0x4e1d4d48 <Address 0x4e1d4d48 out of bounds>,
0x6b5200 "localhost;2;nagiosadmin;foobar", 0x7fffffffe6d0 "", 0xffffffff 
<Address 0xffffffff out of bounds>,
0x44adc3 "H\201\304X\003", 0x6b0220 "localhost", 0x3fe27529e0 "", 
0x6b2020 "SEND_CUSTOM_HOST_NOTIFICATION",
0x258 <Address 0x258 out of bounds>, 0x3fe27529e0 "", 0x7fffffffe4f0 "",
---Type <return> to continue, or q <return> to quit---
0x333200000260 <Address 0x333200000260 out of bounds>, 0x6c1130 "", 
0x2010 <Address 0x2010 out of bounds>,
0x6c <Address 0x6c out of bounds>, 0x2010 <Address 0x2010 out of 
bounds>, 0x6bf120 "", 0x80 <Address 0x80 out of bounds>,
0x3fe2474429 "\017\037\200", 0x3000000010 <Address 0x3000000010 out of 
bounds>, 0x3fe27529e0 "", 0x7fffffffe510 "",
0x9 <Address 0x9 out of bounds>, 0x3fe274fae0 "@\355t\342?", 
0x7fffffffe3f0 "\027", 0x1ffc <Address 0x1ffc out of bounds>,
0x3fe27529e0 "", 0x100000000 <Address 0x100000000 out of bounds>, 0x6c 
<Address 0x6c out of bounds>,
0x9 <Address 0x9 out of bounds>, 0x6bf120 "", 0x100000000 <Address 
0x100000000 out of bounds>,
0x3fe2475292 "H\211\302\203=\214\f.", 0x0, 0x2010 <Address 0x2010 out of 
bounds>, 0x8b <Address 0x8b out of bounds>,
0x14 <Address 0x14 out of bounds>, 0x6b46a0 "\210.u\342?", 
0x3331000000000000 <Address 0x3331000000000000 out of bounds>,
0x3332323237353031 <Address 0x3332323237353031 out of bounds>, 0x14 
<Address 0x14 out of bounds>,
0x3ec2e0eac0 "H\213\227\210", 0x6b46a0 "\210.u\342?", 0x0, 0x0, 
0x3000000010 <Address 0x3000000010 out of bounds>,
0x7fffffffe5a0 "", 0x7fffffffe4e0 "", 0x3fe24d4c14 "몉\302H\213\005\211 
\303'", 0x14 <Address 0x14 out of bounds>}, argv = {
0x3fe27529e0 "", 0x3fe2752a00 "", 0x3fe2752a00 "", 0x6b46a0 
"\210.u\342?", 0x3fe2752a38 "0\225l",
0x3200000017 <Address 0x3200000017 out of bounds>, 0xd00000011 <Address 
0xd00000011 out of bounds>,
0x6f00000006 <Address 0x6f00000006 out of bounds>, 0xc100000003 <Address 
0xc100000003 out of bounds>,
0x1 <Address 0x1 out of bounds>, 0x3fe27529e0 "", 0x1 <Address 0x1 out 
of bounds>, 0x238 <Address 0x238 out of bounds>,
0x3fe27529e0 "", 0x7fffffffe6d0 "", 0x240 <Address 0x240 out of bounds>, 
0x9 <Address 0x9 out of bounds>,
0x4ddf5cea <Address 0x4ddf5cea out of bounds>, 0x4e1dbebf <Address 
0x4e1dbebf out of bounds>,
0xffffe420 <Address 0xffffe420 out of bounds>, 0x260 <Address 0x260 out 
of bounds>, 0x0, 0x50 <Address 0x50 out of bounds>,
0x3fe2752a48 "@\002k", 0x7fffffffe500 "", 0x0, 0x31 <Address 0x31 out of 
bounds>, 0x1f <Address 0x1f out of bounds>, 0x0,
0x0, 0x0, 0x7 <Address 0x7 out of bounds>}, contactaddress = {0x0, 0x9f 
<Address 0x9f out of bounds>,
0x3fe244d3fa "H\201\304", <incomplete sequence \330>, 0x100000000 
<Address 0x100000000 out of bounds>, 0x7fffffffe5c0 "",
0x7fffffffe500 ""}, ondemand = 0x6006b0c90 <Address 0x6006b0c90 out of 
bounds>, host_ptr = 0x200, hostgroup_ptr = 0x6b5200,
service_ptr = 0x6b5200, servicegroup_ptr = 0x40042e32e, contact_ptr = 
0x4ddf5cea, contactgroup_ptr = 0x3fe27529e0,
custom_host_vars = 0x6b5200, custom_service_vars = 0x1f, 
custom_contact_vars = 0x6b5200}
neb_result = <value optimized out>
#3 0x0000000000427ed1 in process_host_command (cmd=<value optimized 
out>, entry_time=<value optimized out>, args=<value optimized out>)
at commands.c:1294
host_name = <value optimized out>
temp_host = 0x6b8440
temp_service = <value optimized out>
temp_servicesmember = <value optimized out>
str = <value optimized out>
intval = 2
#4 0x0000000000428158 in process_external_command2 (cmd=0, 
entry_time=1310543176, args=0x6b5200 "localhost;2;nagiosadmin;foobar")
at commands.c:922
No locals.
#5 0x000000000042861c in process_external_command1 (cmd=<value optimized 
out>) at commands.c:746
temp_buffer = 0x0
command_id = 0x6b2020 "SEND_CUSTOM_HOST_NOTIFICATION"
args = 0x6b5200 "localhost;2;nagiosadmin;foobar"
entry_time = 1
command_type = 159
temp_ptr = <value optimized out>
#6 0x0000000000429bac in check_for_external_commands () at commands.c:152
buffer = 0x6b1e10 "[1310543176] 
SEND_CUSTOM_HOST_NOTIFICATION;localhost;2;nagiosadmin;foobar"
#7 0x000000000042b0e1 in event_execution_loop () at events.c:1180
temp_event = <value optimized out>
sleep_event = {event_type = 98, run_time = 1310572223, recurring = 0, 
event_interval = 0, compensate_for_time_change = 0,
timing_func = 0x0, event_data = 0x7fffffffe6d0, event_args = 0x0, 
event_options = 0, next = 0x0, prev = 0x0}
last_time = 1310572223
current_time = 1310572223
last_status_update = <value optimized out>
run_event = <value optimized out>
nudge_seconds = <value optimized out>
temp_host = <value optimized out>
temp_service = <value optimized out>
delay = {tv_sec = 0, tv_nsec = 250000000}
wait_result = <value optimized out>
#8 0x00000000004125eb in main (argc=<value optimized out>, argv=<value 
optimized out>, env=<value optimized out>) at nagios.c:847
result = <value optimized out>
error = <value optimized out>
buffer = 0x0
display_license = 0
display_help = <value optimized out>
c = <value optimized out>
tm = <value optimized out>
tm_s = {tm_sec = 18, tm_min = 47, tm_hour = 17, tm_mday = 13, tm_mon = 
6, tm_year = 111, tm_wday = 3, tm_yday = 193,
tm_isdst = 1, tm_gmtoff = 7200, tm_zone = 0x69e760 "CEST"}
now = 1310572038
datestring = "Wed Jul 13 17:47:18 CEST 
2011\000\000\000\340\350\377\377\377\177\000\000\220\350\377\377\377\177\000\000.N=\366\000\000\000\000\250\350\377\377\377\177\000\000\000\000\000\000\000\000\000\000b\221\000\342?", 
'\000' <repeats 11 times>, "p٫\252\252*\000\000\001\000\000\000?", 
'\000' <repeats 11 times>, 
"\001\000\000\000?\000\000\000\200\266Q\342?\000\000\000\000\350\377\377\377\177\000\000\000\000\000\000\000\000\000\000\344\262\360\000\000\000\000\000\302\000\000\000\000\000\000\000\000\350\377\377\001\000\000\000p٫\252\252*\000\000`\263\252\252\252*\000\000\020\351\377\377\377\177\000\000\000\260\252\252\252*\000\000D\234@\000\000\000\000\000\344\000\000\000>\000\000\000\000\000\000\200\001", 
'\000' <repeats 27 times>"\344, \262\360\000\000\000\000"
mac = 0x69ae40
option_index = 0
long_options = {{name = 0x471ed9 "help", has_arg = 0, flag = 0x0, val = 
104}, {name = 0x4733d7 "version", has_arg = 0,
flag = 0x0, val = 86}, {name = 0x471ede "license", has_arg = 0, flag = 
0x0, val = 86}, {name = 0x471ee6 "verify-config",
has_arg = 0, flag = 0x0, val = 118}, {name = 0x471ef4 "daemon", has_arg 
= 0, flag = 0x0, val = 100}, {
name = 0x471efb "test-scheduling", has_arg = 0, flag = 0x0, val = 115}, 
{name = 0x471f0b "dont-verify-objects", has_arg = 0,
flag = 0x0, val = 111}, {name = 0x471f1f "dont-verify-paths", has_arg = 
0, flag = 0x0, val = 120}, {
name = 0x471f31 "precache-objects", has_arg = 0, flag = 0x0, val = 112}, 
{name = 0x471f42 "use-precached-objects",
has_arg = 0, flag = 0x0, val = 117}, {name = 0x0, has_arg = 0, flag = 
0x0, val = 0}}
(gdb)

-- 
DI (FH) Michael Friedrich

Vienna University Computer Center
Universitaetsstrasse 7 A-1010 Vienna, Austria

email: 	michael.friedrich at univie.ac.at
phone: 	+43 1 4277 14359
mobile: +43 664 60277 14359
fax: 	+43 1 4277 14338
web:	http://www.univie.ac.at/zid
	http://www.aco.net

Icinga Core&  IDOUtils Developer
http://www.icinga.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-fix-segfault-when-sending-host-notifications.patch
Type: text/x-diff
Size: 997 bytes
Desc: not available
URL: <http://lists.icinga.org/pipermail/icinga-devel/attachments/20110713/3a106bea/attachment.patch>


More information about the icinga-devel mailing list