From: Ethan G. <ega...@us...> - 2010-09-21 15:05:44
|
Update of /cvsroot/nagios/nagios/cgi In directory sfp-cvsdas-3.v30.ch3.sourceforge.com:/tmp/cvs-serv5030/cgi Modified Files: cgiauth.c cmd.c extcmd_list.c status.c Log Message: Code cleanup (compiler warnings) by Stephen Gran Index: cmd.c =================================================================== RCS file: /cvsroot/nagios/nagios/cgi/cmd.c,v retrieving revision 1.54 retrieving revision 1.55 diff -C2 -d -r1.54 -r1.55 *** cmd.c 28 Aug 2010 13:44:47 -0000 1.54 --- cmd.c 21 Sep 2010 15:05:31 -0000 1.55 *************** *** 1892,1895 **** --- 1892,1915 ---- } + static int cmd_submit(int id){ + char cmd[MAX_EXTERNAL_COMMAND_LENGTH]; + const char *command; + int len; + + command = extcmd_get_name(id); + /* + * We disallow sending 'CHANGE' commands from the cgi's + * until we do proper session handling to prevent cross-site + * request forgery + */ + if (!command || (strlen(command) > 6 && !memcmp("CHANGE", command, 6))) + return ERROR; + + len = snprintf(cmd, sizeof(cmd) - 1, "[%lu] %s;", time(NULL), command); + if (len < 0) + return ERROR; + + return write_command_to_file(cmd); + } __attribute__((format(printf, 2, 3))) *************** *** 1926,1930 **** /* commits a command for processing */ int commit_command(int cmd){ - char command_buffer[MAX_INPUT_BUFFER]; time_t current_time; time_t scheduled_time; --- 1946,1949 ---- *************** *** 1981,1985 **** case CMD_START_OBSESSING_OVER_HOST_CHECKS: case CMD_STOP_OBSESSING_OVER_HOST_CHECKS: ! result = cmd_submitf(cmd,""); break; --- 2000,2004 ---- case CMD_START_OBSESSING_OVER_HOST_CHECKS: case CMD_STOP_OBSESSING_OVER_HOST_CHECKS: ! result = cmd_submit(cmd); break; Index: cgiauth.c =================================================================== RCS file: /cvsroot/nagios/nagios/cgi/cgiauth.c,v retrieving revision 1.13 retrieving revision 1.14 diff -C2 -d -r1.13 -r1.14 *** cgiauth.c 17 Jun 2009 15:13:52 -0000 1.13 --- cgiauth.c 21 Sep 2010 15:05:31 -0000 1.14 *************** *** 45,49 **** char *input=NULL; char *temp_ptr; - int needed_options; if(authinfo==NULL) --- 45,48 ---- Index: extcmd_list.c =================================================================== RCS file: /cvsroot/nagios/nagios/cgi/extcmd_list.c,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** extcmd_list.c 2 Nov 2008 17:32:03 -0000 1.1 --- extcmd_list.c 21 Sep 2010 15:05:31 -0000 1.2 *************** *** 192,196 **** # define ARRAY_SIZE(x) (sizeof(x) / sizeof(x[0])) #endif - static int extcmd_entries, extcmd_slots; const char *extcmd_get_name(int id) --- 192,195 ---- Index: status.c =================================================================== RCS file: /cvsroot/nagios/nagios/cgi/status.c,v retrieving revision 1.82 retrieving revision 1.83 diff -C2 -d -r1.82 -r1.83 *** status.c 6 Aug 2010 00:40:30 -0000 1.82 --- status.c 21 Sep 2010 15:05:31 -0000 1.83 *************** *** 993,997 **** host *temp_host; servicestatus *temp_servicestatus; - service *temp_service; int count_host; --- 993,996 ---- |