From: Karl DeBisschop <kdebisschop@users.sourceforge.net>
Date: Tue, 28 Jan 2003 07:15:54 +0000 (+0000)
Subject: remove NULL string inits that can lead to segfaults
X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=9452b46d955a3e99837214c77ad48dae4a7bf7cd;p=nagiosplug.git

remove NULL string inits that can lead to segfaults


git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@256 f882894a-f735-0410-b71e-b25c423dba1c
---

diff --git a/plugins/check_http.c b/plugins/check_http.c
index be18ce7..506a1ec 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -189,16 +189,17 @@ struct timeval tv;
 #define HTTPS_PORT 443
 #define HTTP_EXPECT "HTTP/1."
 #define HTTP_URL "/"
+#define CRLF "\r\n"
 
 char timestamp[17] = "";
 int specify_port = FALSE;
 int server_port = HTTP_PORT;
 char server_port_text[6] = "";
 char server_type[6] = "http";
-/*@null@*/ char *server_address = NULL; 
+char *server_address = ""; 
 char *host_name = "";
-/*@null@*/ char *server_url = NULL;
-int server_url_length = 0;
+char *server_url = HTTP_URL;
+int server_url_length = 1;
 int server_expect_yn = 0;
 char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;
 char string_expect[MAX_INPUT_BUFFER] = "";
@@ -212,8 +213,8 @@ int onredirect = STATE_OK;
 int use_ssl = FALSE;
 int verbose = FALSE;
 int sd;
-/*@null@*/ char *http_method = NULL;
-/*@null@*/ char *http_post_data = NULL;
+char *http_method = "GET";
+char *http_post_data = "";
 char buffer[MAX_INPUT_BUFFER];
 
 void print_usage (void);
@@ -404,11 +405,11 @@ process_arguments (int argc, char **argv)
  			asprintf (&host_name, "%s", optarg);
 			break;
 		case 'I': /* Server IP-address */
- 			server_address = strscpy (server_address, optarg);
+ 			asprintf (&server_address, "%s", optarg);
 			break;
 		case 'u': /* Host or server */
-			server_url = strscpy (server_url, optarg);
-			server_url_length = strlen (optarg);
+			asprintf (&server_url, "%s", optarg);
+			server_url_length = strlen (server_url);
 			break;
 		case 'p': /* Host or server */
 			if (!is_intnonneg (optarg))
@@ -421,8 +422,8 @@ process_arguments (int argc, char **argv)
 			user_auth[MAX_INPUT_BUFFER - 1] = 0;
 			break;
 		case 'P': /* HTTP POST data in URL encoded format */
-			http_method = strscpy (http_method, "POST");
-			http_post_data = strscpy (http_post_data, optarg);
+			asprintf (&http_method, "%s", "POST");
+			asprintf (&http_post_data, "%s", optarg);
 			break;
 		case 's': /* string or substring */
 			strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1);
@@ -464,27 +465,17 @@ process_arguments (int argc, char **argv)
 
 	c = optind;
 
-	if (server_address == NULL) {
-		if (c < argc) {
-			server_address = strscpy (NULL, argv[c++]);
-		}
-		else if (strcmp (host_name ,"") == 0) {
-			usage ("check_http: you must specify a server address\n");
-		}
-	}
+	if (strcmp (server_address, "") == 0 && c < argc)
+			asprintf (&server_address, "%s", argv[c++]);
 
-	if (strcmp (host_name ,"") == 0 && c < argc)
+	if (strcmp (host_name, "") == 0 && c < argc)
  		asprintf (&host_name, "%s", argv[c++]);
 
-	if (server_address == NULL)
-		server_address = strscpy (NULL, host_name);
-
-	if (http_method == NULL)
-		http_method = strscpy (http_method, "GET");
-
-	if (server_url == NULL) {
-		server_url = strscpy (NULL, "/");
-		server_url_length = strlen(HTTP_URL);
+	if (strcmp (server_address ,"") == 0) {
+		if (strcmp (host_name, "") == 0)
+			usage ("check_http: you must specify a server address or host name\n");
+		else
+			asprintf (&server_address, "%s", host_name);
 	}
 
 	return TRUE;
@@ -600,7 +591,7 @@ check_http (void)
 		}
 
 		/* either send http POST data */
-		if (http_post_data) {
+		if (strlen (http_post_data)) {
 			asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");
 			if (SSL_write (ssl, buf, strlen (buf)) == -1) {
 				ERR_print_errors_fp (stderr);
@@ -611,11 +602,15 @@ check_http (void)
 				ERR_print_errors_fp (stderr);
 				return STATE_CRITICAL;
 			}
-			http_post_data = strscat (http_post_data, "\r\n");
 			if (SSL_write (ssl, http_post_data, strlen (http_post_data)) == -1) {
 				ERR_print_errors_fp (stderr);
 				return STATE_CRITICAL;
 			}
+			asprintf (&buf, CRLF);
+			if (SSL_write (ssl, buf, strlen (buf)) == -1) {
+				ERR_print_errors_fp (stderr);
+				return STATE_CRITICAL;
+			}
 		}
 		else {
 			/* or just a newline so the server knows we're done with the request */
@@ -655,13 +650,13 @@ check_http (void)
 
 		/* either send http POST data */
 		/* written by Chris Henesy <lurker@shadowtech.org> */
-		if (http_post_data) {
+		if (strlen (http_post_data)) {
 			asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");
 			send (sd, buf, strlen (buf), 0);
 			asprintf (&buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
 			send (sd, buf, strlen (buf), 0);
-			http_post_data = strscat (http_post_data, "\r\n");
 			send (sd, http_post_data, strlen (http_post_data), 0);
+			send (sd, CRLF, strlen (CRLF), 0);
 		}
 		else {
 			/* or just a newline so the server knows we're done with the request */
@@ -773,7 +768,7 @@ check_http (void)
 		    strstr (status_line, "304")) {
 			if (onredirect == STATE_DEPENDENT) {
 
-				orig_url = strscpy(NULL, server_url);
+				asprintf (&orig_url, "%s", server_url);
 				pos = header;
 				while (pos) {
 					server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH);
@@ -788,26 +783,26 @@ check_http (void)
 						server_url_length = strcspn (pos, "\r\n");
 					}
 					if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) {
-						host_name = strscpy (host_name, server_address);
+						asprintf (&host_name, "%s", server_address);
 						use_ssl = server_type_check (server_type);
 						server_port = atoi (server_port_text);
 						check_http ();
 					}
 					else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PATH, server_type, server_address, server_url) == 3 ) { 
-						host_name = strscpy (host_name, server_address);
+						asprintf (&host_name, "%s", server_address);
 						use_ssl = server_type_check (server_type);
 						server_port = server_port_check (use_ssl);
 						check_http ();
 					}
 					else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT, server_type, server_address, server_port_text) == 3) {
-						host_name = strscpy (host_name, server_address);
+						asprintf (&host_name, "%s", server_address);
 						strcpy (server_url, "/");
 						use_ssl = server_type_check (server_type);
 						server_port = atoi (server_port_text);
 						check_http ();
 					}
 					else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST, server_type, server_address) == 2) {
-						host_name = strscpy (host_name, server_address);
+						asprintf (&host_name, "%s", server_address);
 						strcpy (server_url, "/");
 						use_ssl = server_type_check (server_type);
 						server_port = server_port_check (use_ssl);
@@ -912,7 +907,7 @@ int connect_SSL (void)
 {
 	SSL_METHOD *meth;
 
-	randbuff = strscpy (NULL, "qwertyuiopasdfghjkl");
+	asprintf (randbuff, "%s", "qwertyuiopasdfghjkl");
 	RAND_seed (randbuff, strlen (randbuff));
 	/* Initialize SSL context */
 	SSLeay_add_ssl_algorithms ();