[Pkg-nagios-devel] Bug#395176: check_tcp segfaults when more than one -e argument is specified

Ralph Rößner roessner at capcom.de
Wed Oct 25 14:33:42 CEST 2006

Package: nagios-plugins
Tags: patch

Specifying more than one -e (expect reponse string) argument to
check_tcp leads to SEGV.

Simplified examples:

"check_tcp -H server -p port -s test -e foo"        works

"check_tcp -H server -p port -s test -e foo -e bar" segfaults.

Real-life example (server name hidden):

roessner(gorkon)~$ /usr/lib/nagios/plugins/check_tcp -H <hidden>  -p 143 -s '0 foo' -e test -e test2 -v
Using service TCP
Port: 143
flags: 0x2
Send string: 0 foo
server_expect_count: 2
        0: (null)
        1: test2
received 64 bytes from host
* OK magellan Cyrus IMAP4 v2.2.13-Debian-2.2.13-3 server ready

looking for [(null)] anywhere in [* OK magellan Cyrus IMAP4 v2.2.13-Debian-2.2.13-3 server ready]
Segmentation fault

You will notice the "0: (null)" entry in the list of expected strings.
This is due to bad argument parsing in check_tcp.c . The first argument
string is explicitly overwritten with a NULL, which is a Bad Thing and
serves no useful purpose.

Patch to resolve this:

*** nagios-plugins-	2006-09-28 18:56:19.000000000 +0200
--- nagios-plugins-	2006-09-28 19:05:11.000000000 +0200
*** 500,506 ****
  				asprintf(&server_send, "%s", optarg);
  		case 'e': /* expect string (may be repeated) */
  			flags &= ~FLAG_EXACT_MATCH;
  			if (server_expect_count == 0)
  				server_expect = malloc (sizeof (char *) * (++server_expect_count));
--- 500,505 ----

This bug was reported to upstream already as part of sourceforge project
nagiosplug / bug id 1475899. I have recently added some details there in
the hope that this will be fixed some time soon (that report dates from
april 24th).

   Ralph Rößner

More information about the Pkg-nagios-devel mailing list