Mirrors/Munin-Contrib
1
0
Fork 0
mirror of https://github.com/munin-monitoring/contrib.git synced 2025-07-26 02:48:28 +00:00
Code Issues Releases Wiki Activity

mnc: avoid execution via shell meta characters

Browse source 
And remove dependency on /bin/sh.
This commit is contained in:
Helmut Grohne 2013-02-10 09:10:43 +01:00
parent 55c20ee59b
commit a752d8c5da
1 changed files with 13 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

16
tools/munin-node-c/main.c
View file

@ -5,6 +5,7 @@
#include <limits.h> #include <limits.h>
#include <stdlib.h> #include <stdlib.h>
#include <sys/types.h> #include <sys/types.h>
#include <sys/wait.h>
#include <dirent.h> #include <dirent.h>
@ -102,6 +103,7 @@ int main(int argc, char *argv[]) {
strcmp(cmd, "fetch") == 0 strcmp(cmd, "fetch") == 0
) { ) {
char cmdline[LINE_MAX]; char cmdline[LINE_MAX];
pid_t pid;
if(arg == NULL) { if(arg == NULL) {
printf("# no plugin given\n"); printf("# no plugin given\n");
continue; continue;
@ -110,13 +112,21 @@ int main(int argc, char *argv[]) {
printf("# invalid plugin character"); printf("# invalid plugin character");
continue; continue;
} }
sprintf(cmdline, "%s/%s", plugin_dir, arg); snprintf(cmdline, LINE_MAX, "%s/%s", plugin_dir, arg);
if (access(cmdline, X_OK) == -1) { if (access(cmdline, X_OK) == -1) {
printf("# unknown plugin: %s\n", arg); printf("# unknown plugin: %s\n", arg);
continue; continue;
} }
snprintf(cmdline, LINE_MAX, "exec %s/%s %s", plugin_dir, arg, cmd); if(0 == (pid = vfork())) {
system(cmdline); execl(cmdline, arg, cmd, NULL);
/* according to vfork(2) we must use _exit */
_exit(1);
} else if(pid < 0) {
printf("# fork failed\n");
continue;
} else {
waitpid(pid, NULL, 0);
}
printf(".\n"); printf(".\n");
} else if (strcmp(cmd, "cap") == 0) { } else if (strcmp(cmd, "cap") == 0) {
printf("cap "); printf("cap ");