[Pkg-nagios-devel] Bug#982847: monitoring-plugins-standard: check_pgsql check of database name is too strict

Florian Lohoff f at zz.de
Mon Feb 15 10:16:40 GMT 2021 

Package: monitoring-plugins-standard
Version: 2.3-1
Severity: normal

Hi *,
to reproduce create a Database called freshports.git and try to
use it with check_pgsql:

flo at p5:/tmp/monitoring-plugins-2.3$ /usr/lib/nagios/plugins/check_pgsql -d freshports.devgit -l flo
check_pgsql: Database name is not valid - freshports.devgit
Usage:
check_pgsql [-H <host>] [-P <port>] [-c <critical time>] [-w <warning time>]
 [-t <timeout>] [-d <database>] [-l <logname>] [-p <password>]
[-q <query>] [-C <critical query range>] [-W <warning query range>]


flo at p5:/tmp/monitoring-plugins-2.3$ psql freshports.devgit
psql (13.1 (Debian 13.1-1+b1))
Type "help" for help.

freshports.devgit=# \d
Did not find any relations.
freshports.devgit=# 


The problem is that check_pgsql validates the Database name and has different assumptions
that postgres itself.


I fail to see a reason to validate the database name here. Postgres'es API should
do this - So i would suggest a fix like this by removing is_pg_dbname alltogether.



diff --git a/plugins/check_pgsql.c b/plugins/check_pgsql.c
index 11ce691..88cd029 100644
--- a/plugins/check_pgsql.c
+++ b/plugins/check_pgsql.c
@@ -69,7 +69,6 @@ int process_arguments (int, char **);
 int validate_arguments (void);
 void print_usage (void);
 void print_help (void);
-int is_pg_dbname (char *);
 int is_pg_logname (char *);
 int do_query (PGconn *, char *);
 
@@ -344,11 +343,7 @@ process_arguments (int argc, char **argv)
 				pgport = optarg;
 			break;
 		case 'd':     /* database name */
-			if (!is_pg_dbname (optarg)) /* checks length and valid chars */
-				usage2 (_("Database name is not valid"), optarg);
-			else /* we know length, and know optarg is terminated, so us strcpy */
-				strcpy (dbName, optarg);
-			break;
+			strcpy (dbName, optarg);
 		case 'l':     /* login name */
 			if (!is_pg_logname (optarg))
 				usage2 (_("User name is not valid"), optarg);
@@ -408,45 +403,6 @@ validate_arguments ()
 	return OK;
 }
 
-
-/******************************************************************************
-
-@@-
-<sect3>
-<title>is_pg_dbname</title>
-
-<para>&PROTO_is_pg_dbname;</para>
-
-<para>Given a database name, this function returns TRUE if the string
-is a valid PostgreSQL database name, and returns false if it is
-not.</para>
-
-<para>Valid PostgreSQL database names are less than &NAMEDATALEN;
-characters long and consist of letters, numbers, and underscores. The
-first character cannot be a number, however.</para>
-
-</sect3>
--@@
-******************************************************************************/
-
-
-
-int
-is_pg_dbname (char *dbname)
-{
-	char txt[NAMEDATALEN];
-	char tmp[NAMEDATALEN];
-	if (strlen (dbname) > NAMEDATALEN - 1)
-		return (FALSE);
-	strncpy (txt, dbname, NAMEDATALEN - 1);
-	txt[NAMEDATALEN - 1] = 0;
-	if (sscanf (txt, "%[_a-zA-Z]%[^_a-zA-Z0-9-]", tmp, tmp) == 1)
-		return (TRUE);
-	if (sscanf (txt, "%[_a-zA-Z]%[_a-zA-Z0-9-]%[^_a-zA-Z0-9-]", tmp, tmp, tmp) ==
-			2) return (TRUE);
-	return (FALSE);
-}
-
 /**
 
 the tango program should eventually create an entity here based on the


-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-3-amd64 (SMP w/16 CPU threads)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE.utf-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages monitoring-plugins-standard depends on:
ii  libc6                     2.31-9
ii  monitoring-plugins-basic  2.3-1
ii  ucf                       3.0043

Versions of packages monitoring-plugins-standard recommends:
ii  bind9-dnsutils [dnsutils]  1:9.16.11-2
ii  bind9-host [host]          1:9.16.11-2
ii  dnsutils                   1:9.16.11-2
ii  libcurl4                   7.74.0-1
ii  libdbi1                    0.9.0-6
ii  libldap-2.4-2              2.4.57+dfsg-1
ii  libmariadb3                1:10.5.8-3
ii  libnet-snmp-perl           6.0.1-6
ii  libpq5                     13.1-1+b1
ii  libradcli4                 1.2.11-1+b2
ii  libssl1.1                  1.1.1i-3
ii  liburiparser1              0.9.4+dfsg-1
ii  rpcbind                    1.2.5-9
ii  smbclient                  2:4.13.4+dfsg-1
ii  snmp                       5.9+dfsg-3+b1
ii  sudo                       1.9.5p2-2

Versions of packages monitoring-plugins-standard suggests:
ii  fping    5.0-1
pn  icinga2  <none>
ii  postfix  3.5.6-1
pn  qstat    <none>

-- no debconf information

More information about the Pkg-nagios-devel mailing list