Tracker: Bugs

5 check_http "-f follow" crash with "LLLLLocation" HTTP header - ID: 1813346
Last Update: Settings changed ( hweiss )

Hello,

I've found a crash bug in check_http. Let's say we run it with "-f
follow" and make it connect to a server that sends back this:

HTTP/1.0 304 Something
[500 L characters here]ocation: http://sourceforge.net/

In this case, check_http will crash and burn with a segfault.

I have attached a patch that will correct this issue.

-- fabiodds

fabiodds ( fabiodds ) - 2007-10-14 13:59:59 PDT

5

Closed

Accepted

Nobody/Anonymous

General plugin execution

None

Public


Comment ( 1 )

Date: 2007-10-14 15:22:03 PDT
Sender: hweissProject Admin


Bah, this is the umpteenth bug in check_http's parsing of the 'Location'
header, I guess we should rewrite that. Anyway, I committed your patch to
SVN and I also specified a field width of 1 for the characters following
the 'L'. They're not written to memory, but it makes no sense to accept
'Looocaaatiooon' as a valid 'Location' header.

Thank you very much, Holger

PS: If you're not yet in our THANKS file, please send me
(hweiss@users.sourceforge.net) your real name if I may add it :-)

Attached File ( 1 )

Filename Description Download
nagiosplugins-checkhttp-crash.patch Download

Changes ( 4 )

Field Old Value Date By
status_id Open 2007-10-14 15:22:31 PDT hweiss
close_date - 2007-10-14 15:22:31 PDT hweiss
resolution_id None 2007-10-14 15:22:03 PDT hweiss
File Added 249657: nagiosplugins-checkhttp-crash.patch 2007-10-14 13:59:59 PDT fabiodds