commit 5c816f5d9352c373e9dadb95b63612a96cf96dff Author: Ricardo Bartels Date: Fri Oct 23 22:26:12 2015 +0200 Classic-UI: fixes a XXS vulnerability in pagination and export links #10453 Sorry guys. Due to my bad programming skills I introduced a XSS vulnerability in Classic-UI with the CSV export link and pagination feature. The functions parsed QUERY_STRING from the environment without properly sanitizing it. The getcgivars() function got a bit reworked. Once the QUERY_STRING is read and parsed the content survives the whole lifetime of the cgi execution and gets free’d at the end. This way we can always build urls from valid parsed cgi params. I wonder why I haven't done this earlier. Also the url param parsing in every cgi was updated and hopefully everything works as bevor. Refs: #10453 diff --git a/cgi/avail.c b/cgi/avail.c index 5fe9833..8985142 100644 --- a/cgi/avail.c +++ b/cgi/avail.c @@ -230,7 +230,7 @@ void free_archived_state_list(archived_state *); void read_archived_state_data(void); unsigned long calculate_total_time(time_t, time_t); -int process_cgivars(void); +void process_cgivars(void); int backtrack_archives = 2; int earliest_archive = 0; @@ -245,6 +245,8 @@ extern char *csv_data_enclosure; timeperiod *current_timeperiod = NULL; +html_request *html_request_list = NULL; /**< contains html requested data */ + int CGI_ID = AVAIL_CGI_ID; int main(int argc, char **argv) { @@ -1095,43 +1097,28 @@ int main(int argc, char **argv) { document_footer(CGI_ID); /* free all other allocated memory */ + free_html_request(html_request_list); free_memory(); return OK; } -int process_cgivars(void) { - char **variables; +void process_cgivars(void) { char *temp_buffer = NULL; char *key = NULL; char *value = NULL; - int error = FALSE; - int x; + timeperiod *temp_timeperiod = NULL; + html_request *temp_request_item = NULL; - variables = getcgivars(); + html_request_list = getcgivars(); - for (x = 0; variables[x] != NULL; x+=2) { - key = variables[x]; - value = variables[x+1]; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { - /* do some basic length checking on the variable key to prevent buffer overflows */ - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } - /* likewise, check the value if present */ - if (value != NULL) - if (strlen(value) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } + key = temp_request_item->option; + value = temp_request_item->value; /* we found the hostgroup argument */ - if (!strcmp(key, "hostgroup")) { - if (value == NULL) { - error = TRUE; - break; - } + if (!strcmp(key, "hostgroup") && value != NULL) { if ((hostgroup_name = (char *)strdup(value)) == NULL) hostgroup_name = ""; @@ -1139,14 +1126,12 @@ int process_cgivars(void) { display_type = DISPLAY_HOSTGROUP_AVAIL; show_all_hostgroups = (strcmp(hostgroup_name, "all")) ? FALSE : TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the servicegroup argument */ - else if (!strcmp(key, "servicegroup")) { - if (variables[x] == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "servicegroup") && value != NULL) { if ((servicegroup_name = (char *)strdup(value)) == NULL) servicegroup_name = ""; @@ -1154,14 +1139,12 @@ int process_cgivars(void) { display_type = DISPLAY_SERVICEGROUP_AVAIL; show_all_servicegroups = (strcmp(servicegroup_name, "all")) ? FALSE : TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the host argument */ - else if (!strcmp(key, "host")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "host") && value != NULL) { if ((host_name = (char *)strdup(value)) == NULL) host_name = ""; @@ -1171,14 +1154,12 @@ int process_cgivars(void) { if (strlen(service_desc) == 0) display_type = DISPLAY_HOST_AVAIL; show_all_hosts = (strcmp(host_name, "all")) ? FALSE : TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the service description argument */ - else if (!strcmp(key, "service")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "service") && value != NULL) { if ((service_desc = (char *)strdup(value)) == NULL) service_desc = ""; @@ -1186,14 +1167,12 @@ int process_cgivars(void) { display_type = DISPLAY_SERVICE_AVAIL; show_all_services = (strcmp(service_desc, "all")) ? FALSE : TRUE; + + temp_request_item->is_valid = TRUE; } /* we found a combined host/service */ - else if (!strcmp(key, "hostservice")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "hostservice") && value != NULL) { temp_buffer = strtok(value, "^"); @@ -1211,110 +1190,90 @@ int process_cgivars(void) { display_type = DISPLAY_SERVICE_AVAIL; show_all_services = (strcmp(service_desc, "all")) ? FALSE : TRUE; + + temp_request_item->is_valid = TRUE; } /* we found first time argument */ - else if (!strcmp(key, "t1")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "t1") && value != NULL) { t1 = (time_t)strtoul(value, NULL, 10); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found first time argument */ - else if (!strcmp(key, "t2")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "t2") && value != NULL) { t2 = (time_t)strtoul(value, NULL, 10); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the assume initial states option */ - else if (!strcmp(key, "assumeinitialstates")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "assumeinitialstates") && value != NULL) { if (!strcmp(value, "yes")) assume_initial_states = TRUE; else assume_initial_states = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the assume state during program not running option */ - else if (!strcmp(key, "assumestatesduringnotrunning")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "assumestatesduringnotrunning") && value != NULL) { if (!strcmp(value, "yes")) assume_states_during_notrunning = TRUE; else assume_states_during_notrunning = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the initial assumed host state option */ - else if (!strcmp(key, "initialassumedhoststate")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "initialassumedhoststate") && value != NULL) { initial_assumed_host_state = atoi(value); + temp_request_item->is_valid = TRUE; } /* we found the initial assumed service state option */ - else if (!strcmp(key, "initialassumedservicestate")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "initialassumedservicestate") && value != NULL) { initial_assumed_service_state = atoi(value); + temp_request_item->is_valid = TRUE; } /* we found the assume state retention option */ - else if (!strcmp(key, "assumestateretention")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "assumestateretention") && value != NULL) { if (!strcmp(value, "yes")) assume_state_retention = TRUE; else assume_state_retention = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the include soft states option */ - else if (!strcmp(key, "includesoftstates")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "includesoftstates") && value != NULL) { if (!strcmp(value, "yes")) include_soft_states = TRUE; else include_soft_states = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the backtrack archives argument */ - else if (!strcmp(key, "backtrack")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "backtrack") && value != NULL) { backtrack_archives = atoi(value); if (backtrack_archives < 0) @@ -1322,17 +1281,11 @@ int process_cgivars(void) { if (backtrack_archives > MAX_ARCHIVE_BACKTRACKS) backtrack_archives = MAX_ARCHIVE_BACKTRACKS; -#ifdef DEBUG - printf("BACKTRACK ARCHIVES: %d\n", backtrack_archives); -#endif + temp_request_item->is_valid = TRUE; } /* we found the standard timeperiod argument */ - else if (!strcmp(key, "timeperiod")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "timeperiod") && value != NULL) { if (!strcmp(value, "today")) timeperiod_type = TIMEPERIOD_TODAY; @@ -1367,40 +1320,50 @@ int process_cgivars(void) { convert_timeperiod_to_times(timeperiod_type, &t1, &t2); compute_time_from_parts = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the embed option */ - else if (!strcmp(key, "embedded")) + else if (!strcmp(key, "embedded")) { embedded = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the noheader option */ - else if (!strcmp(key, "noheader")) + else if (!strcmp(key, "noheader")) { display_header = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the CSV output option */ else if (!strcmp(key, "csvoutput")) { display_header = FALSE; content_type = CSV_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the JSON output option */ else if (!strcmp(key, "jsonoutput")) { display_header = FALSE; content_type = JSON_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the XML output option */ else if (!strcmp(key, "xmloutput")) { display_header = FALSE; content_type = XML_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the content type argument */ - else if (!strcmp(key, "content_type")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "content_type") && value != NULL) { if (!strcmp(value, "xml")) content_type = XML_CONTENT; @@ -1415,26 +1378,34 @@ int process_cgivars(void) { if (content_type != HTML_CONTENT) display_header = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the log entries option */ - else if (!strcmp(key, "show_log_entries")) + else if (!strcmp(key, "show_log_entries")) { show_log_entries = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the full log entries option */ - else if (!strcmp(key, "full_log_entries")) + else if (!strcmp(key, "full_log_entries")) { full_log_entries = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the get date parts option */ - else if (!strcmp(key, "get_date_parts")) + else if (!strcmp(key, "get_date_parts")) { get_date_parts = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the report type selection option */ - else if (!strcmp(key, "report_type")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "report_type") && value != NULL) { + if (!strcmp(value, "hostgroups")) select_hostgroups = TRUE; else if (!strcmp(value, "servicegroups")) @@ -1443,14 +1414,12 @@ int process_cgivars(void) { select_hosts = TRUE; else select_services = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "smon")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "smon") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1458,14 +1427,12 @@ int process_cgivars(void) { start_month = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "sday")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "sday") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1473,14 +1440,12 @@ int process_cgivars(void) { start_day = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "syear")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "syear") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1488,14 +1453,12 @@ int process_cgivars(void) { start_year = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "smin")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "smin") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1503,14 +1466,12 @@ int process_cgivars(void) { start_minute = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "ssec")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "ssec") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1518,14 +1479,12 @@ int process_cgivars(void) { start_second = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "shour")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "shour") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1533,15 +1492,13 @@ int process_cgivars(void) { start_hour = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "emon")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "emon") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1549,14 +1506,12 @@ int process_cgivars(void) { end_month = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "eday")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "eday") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1564,14 +1519,12 @@ int process_cgivars(void) { end_day = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "eyear")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "eyear") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1579,14 +1532,12 @@ int process_cgivars(void) { end_year = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "emin")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "emin") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1594,14 +1545,12 @@ int process_cgivars(void) { end_minute = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "esec")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "esec") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1609,14 +1558,12 @@ int process_cgivars(void) { end_second = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "ehour")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "ehour") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1624,28 +1571,23 @@ int process_cgivars(void) { end_hour = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the show scheduled downtime option */ - else if (!strcmp(key, "showscheduleddowntime")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "showscheduleddowntime") && value != NULL) { if (!strcmp(value, "yes")) show_scheduled_downtime = TRUE; else show_scheduled_downtime = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the report timeperiod option */ - else if (!strcmp(key, "rpttimeperiod")) { - timeperiod *temp_timeperiod; - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "rpttimeperiod") && value != NULL) { for (temp_timeperiod = timeperiod_list; temp_timeperiod != NULL; temp_timeperiod = temp_timeperiod->next) { if (!strcmp(url_encode(temp_timeperiod->name), value)) { @@ -1653,18 +1595,19 @@ int process_cgivars(void) { break; } } + + temp_request_item->is_valid = TRUE; } /* we found the nodaemoncheck option */ - else if (!strcmp(key, "nodaemoncheck")) + else if (!strcmp(key, "nodaemoncheck") && value != NULL) { daemon_check = FALSE; - + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } } - /* free memory allocated to the CGI variables */ - free_cgivars(variables); - - return error; + return; } diff --git a/cgi/cgiutils.c b/cgi/cgiutils.c index 8584613..f7167f3 100644 --- a/cgi/cgiutils.c +++ b/cgi/cgiutils.c @@ -31,6 +31,7 @@ #include "../include/comments.h" #include "../include/cgiutils.h" +#include "../include/getcgi.h" char main_config_file[MAX_FILENAME_LENGTH]; char command_file[MAX_FILENAME_LENGTH]; @@ -208,6 +209,7 @@ extern serviceescalation *serviceescalation_list; extern hoststatus *hoststatus_list; extern servicestatus *servicestatus_list; +extern html_request *html_request_list; char encoded_url_string[4][MAX_INPUT_BUFFER]; // 4 to be able to use url_encode 4 times @@ -2223,54 +2225,50 @@ void display_info_table(char *title, authdata *current_authdata, int daemon_chec } void display_nav_table(time_t ts_start, time_t ts_end) { - char *temp_buffer; + char temp_buffer[MAX_INPUT_BUFFER] = ""; char url[MAX_INPUT_BUFFER] = ""; - char stripped_query_string[MAX_INPUT_BUFFER] = ""; char date_time[MAX_INPUT_BUFFER]; struct tm *t; time_t ts_midnight = 0L; time_t current_time = 0L; + html_request *temp_request_item = NULL; /* define base url */ switch (CGI_ID) { case HISTORY_CGI_ID: - strcat(url, HISTORY_CGI); + strncpy(url, HISTORY_CGI, sizeof(url)); break; case NOTIFICATIONS_CGI_ID: - strcat(url, NOTIFICATIONS_CGI); + strncpy(url, NOTIFICATIONS_CGI, sizeof(url)); break; case SHOWLOG_CGI_ID: - strcat(url, SHOWLOG_CGI); + strncpy(url, SHOWLOG_CGI, sizeof(url)); break; default: - strcat(url, "NO_URL_DEFINED"); + strncpy(url, "NO_URL_DEFINED", sizeof(url)); break; } - /* get url options but filter out "ts_end", "ts_start" and "start" */ - if (getenv("QUERY_STRING") != NULL && strcmp(getenv("QUERY_STRING"), "")) { - if(strlen(getenv("QUERY_STRING")) > MAX_INPUT_BUFFER - 1) { - write_to_cgi_log("display_nav_table(): Query string exceeds max length. Returning without displaying nav table.\n"); - return; + url[sizeof(url) - 1] = '\x0'; + + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { + + if (temp_request_item->is_valid == FALSE || temp_request_item->option == NULL) { + continue; } - strcpy(stripped_query_string, getenv("QUERY_STRING")); - strip_html_brackets(stripped_query_string); - /* check if concatenated strings exceed MAX_INPUT_BUFFER */ - if (strlen(url) + strlen(stripped_query_string) + 1 > MAX_INPUT_BUFFER - 1) { - write_to_cgi_log("display_nav_table(): Full query string exceeds max length. Returning without displaying nav table.\n"); - return; + /* filter out "limit" and "start" */ + if (!strcmp(temp_request_item->option, "ts_start") || !strcmp(temp_request_item->option, "ts_end") || !strcmp(temp_request_item->option, "start")) { + continue; } - for (temp_buffer = my_strtok(stripped_query_string, "&"); temp_buffer != NULL; temp_buffer = my_strtok(NULL, "&")) { - if (strncmp(temp_buffer, "ts_start=", 9) != 0 && strncmp(temp_buffer, "ts_end=", 6) != 0 && strncmp(temp_buffer, "start=", 6) != 0) { - if (strstr(url, "?")) - strcat(url, "&"); - else - strcat(url, "?"); - strcat(url, temp_buffer); - } + strncpy(temp_buffer, url, sizeof(temp_buffer)); + if (temp_request_item->value != NULL) { + snprintf(url, sizeof(url) - 1, "%s%s%s=%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", url_encode(temp_request_item->option), url_encode(temp_request_item->value)); + } else { + snprintf(url, sizeof(url) - 1, "%s%s%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", url_encode(temp_request_item->option)); } + url[sizeof(url) - 1] = '\x0'; } /* get the current time */ @@ -2865,49 +2863,45 @@ void print_generic_error_message(char *title, char *text, int returnlevels) { * a new page with the desired content. **/ void print_export_link(int content_type, char *cgi, char *add_to_url) { - char stripped_query_string[MAX_INPUT_BUFFER] = ""; char link[MAX_INPUT_BUFFER] = ""; + char temp_buffer[MAX_INPUT_BUFFER] = ""; + html_request *temp_request_item = NULL; if (cgi == NULL) return; - strcat(link, cgi); + strncpy(link, cgi, sizeof(link)); + link[sizeof(link) - 1] = '\x0'; - /* just do stuff if some options are requested */ - if (getenv("QUERY_STRING") != NULL && strcmp(getenv("QUERY_STRING"), "")) { - if(strlen(getenv("QUERY_STRING")) > MAX_INPUT_BUFFER - 1) { - write_to_cgi_log("print_export_link(): Query string exceeds max length. Returning without displaying export link.\n"); - return; - } - strcpy(stripped_query_string, getenv("QUERY_STRING")); - strip_html_brackets(stripped_query_string); + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { - /* check if concatenated strings exceed MAX_INPUT_BUFFER */ - if (strlen(link) + strlen(stripped_query_string) + 1 > MAX_INPUT_BUFFER - 1) { - write_to_cgi_log("print_export_link(): Full query string exceeds max length. Returning without displaying export link.\n"); - return; + if (temp_request_item->is_valid == FALSE || temp_request_item->option == NULL) { + continue; } - strcat(link, "?"); - strcat(link, stripped_query_string); + strncpy(temp_buffer, link, sizeof(temp_buffer)); + if (temp_request_item->value != NULL) { + snprintf(link, sizeof(link) - 1, "%s%s%s=%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", url_encode(temp_request_item->option), url_encode(temp_request_item->value)); + } else { + snprintf(link, sizeof(link) - 1, "%s%s%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", url_encode(temp_request_item->option)); + } + link[sizeof(link) - 1] = '\x0'; } /* add string to url */ - if (add_to_url != NULL && strlen(add_to_url) != 0 && strlen(link) + strlen(stripped_query_string) + strlen(add_to_url) + 2 <= MAX_INPUT_BUFFER - 1) { - if (strlen(stripped_query_string) != 0) - strcat(link, "&"); - else - strcat(link, "?"); - strcat(link, add_to_url); + if (add_to_url != NULL && strlen(add_to_url) != 0) { + strncpy(temp_buffer, link, sizeof(temp_buffer)); + snprintf(link, sizeof(link) - 1, "%s%s%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", add_to_url); + link[sizeof(link) - 1] = '\x0'; } /* print formatted link */ if (content_type == CSV_CONTENT) - printf("%s\n", link, (strlen(stripped_query_string) != 0) ? "&" : "?", url_images_path, EXPORT_CSV_ICON, EXPORT_CSV_ICON_ALT, EXPORT_CSV_ICON_ALT); + printf("%s\n", link, (strstr(link, "?")) ? "&" : "?", url_images_path, EXPORT_CSV_ICON, EXPORT_CSV_ICON_ALT, EXPORT_CSV_ICON_ALT); else if (content_type == JSON_CONTENT) - printf("%s\n", link, (strlen(stripped_query_string) != 0) ? "&" : "?", url_images_path, EXPORT_JSON_ICON, EXPORT_JSON_ICON_ALT, EXPORT_JSON_ICON_ALT); + printf("%s\n", link, (strstr(link, "?")) ? "&" : "?", url_images_path, EXPORT_JSON_ICON, EXPORT_JSON_ICON_ALT, EXPORT_JSON_ICON_ALT); else if (content_type == XML_CONTENT) - printf("%s\n", link, (strlen(stripped_query_string) != 0) ? "&" : "?", url_images_path, EXPORT_XML_ICON, EXPORT_XML_ICON_ALT, EXPORT_XML_ICON_ALT); + printf("%s\n", link, (strstr(link, "?")) ? "&" : "?", url_images_path, EXPORT_XML_ICON, EXPORT_XML_ICON_ALT, EXPORT_XML_ICON_ALT); else printf("%s\n", link, url_images_path, EXPORT_LINK_ICON, EXPORT_LINK_ICON_ALT, EXPORT_LINK_ICON_ALT); @@ -3662,16 +3656,15 @@ void print_modified_attributes(int content_type, char *cgi, unsigned long modifi /******************* pagination functions ************************/ /******************************************************************/ void page_num_selector(int result_start, int total_entries, int displayed_entries) { - char link[MAX_INPUT_BUFFER] = ""; - char stripped_query_string[MAX_INPUT_BUFFER] = ""; - char *temp_buffer; + char temp_buffer[MAX_INPUT_BUFFER] = ""; int total_pages = 1; int current_page = 1; //int next_page = 0; int previous_page = 0; int display_from = 0; int display_to = 0; + html_request *temp_request_item = NULL; /* define base url */ switch (CGI_ID) { @@ -3680,49 +3673,44 @@ void page_num_selector(int result_start, int total_entries, int displayed_entrie // strcat(link, STATUS_CGI); // break; case CONFIG_CGI_ID: - strcat(link, CONFIG_CGI); + strncpy(link, CONFIG_CGI, sizeof(link)); break; case EXTINFO_CGI_ID: - strcat(link, EXTINFO_CGI); + strncpy(link, EXTINFO_CGI, sizeof(link)); break; case HISTORY_CGI_ID: - strcat(link, HISTORY_CGI); + strncpy(link, HISTORY_CGI, sizeof(link)); break; case NOTIFICATIONS_CGI_ID: - strcat(link, NOTIFICATIONS_CGI); + strncpy(link, NOTIFICATIONS_CGI, sizeof(link)); break; case SHOWLOG_CGI_ID: - strcat(link, SHOWLOG_CGI); + strncpy(link, SHOWLOG_CGI, sizeof(link)); break; default: - strcat(link, "NO_URL_DEFINED"); + strncpy(link, "NO_URL_DEFINED", sizeof(link)); break; } + link[sizeof(link) - 1] = '\x0'; - /* get url options but filter out "limit" and "status" */ - if (getenv("QUERY_STRING") != NULL && strcmp(getenv("QUERY_STRING"), "")) { - if(strlen(getenv("QUERY_STRING")) > MAX_INPUT_BUFFER - 1) { - write_to_cgi_log("page_num_selector(): Query string exceeds max length. Returning without displaying num selector.\n"); - return; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { + + if (temp_request_item->is_valid == FALSE || temp_request_item->option == NULL) { + continue; } - strcpy(stripped_query_string, getenv("QUERY_STRING")); - strip_html_brackets(stripped_query_string); - /* check if concatenated strings exceed MAX_INPUT_BUFFER */ - if (strlen(link) + strlen(stripped_query_string) + 1 > MAX_INPUT_BUFFER - 1) { - write_to_cgi_log("page_num_selector(): Full query string exceeds max length. Returning without displaying num selector.\n"); - return; + /* filter out "limit" and "start" */ + if (!strcmp(temp_request_item->option, "limit") || !strcmp(temp_request_item->option, "start")) { + continue; } - for (temp_buffer = my_strtok(stripped_query_string, "&"); temp_buffer != NULL; temp_buffer = my_strtok(NULL, "&")) { - if (strncmp(temp_buffer, "limit=", 6) != 0 && strncmp(temp_buffer, "start=", 6) != 0) { - if (strstr(link, "?")) - strcat(link, "&"); - else - strcat(link, "?"); - strcat(link, temp_buffer); - } + strncpy(temp_buffer, link, sizeof(temp_buffer)); + if (temp_request_item->value != NULL) { + snprintf(link, sizeof(link) - 1, "%s%s%s=%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", url_encode(temp_request_item->option), url_encode(temp_request_item->value)); + } else { + snprintf(link, sizeof(link) - 1, "%s%s%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", url_encode(temp_request_item->option)); } + link[sizeof(link) - 1] = '\x0'; } /* calculate pages */ @@ -3791,61 +3779,55 @@ void page_num_selector(int result_start, int total_entries, int displayed_entrie } void page_limit_selector(int result_start) { - static int id = 0; // gets every dropdown a single id to activate msdropdown char link[MAX_INPUT_BUFFER] = ""; - char stripped_query_string[MAX_INPUT_BUFFER] = ""; - char *temp_buffer; + char temp_buffer[MAX_INPUT_BUFFER] = ""; + html_request *temp_request_item = NULL; /* define base url */ switch (CGI_ID) { case STATUS_CGI_ID: - strcat(link, STATUS_CGI); + strncpy(link, STATUS_CGI, sizeof(link)); break; case CONFIG_CGI_ID: - strcat(link, CONFIG_CGI); + strncpy(link, CONFIG_CGI, sizeof(link)); break; case EXTINFO_CGI_ID: - strcat(link, EXTINFO_CGI); + strncpy(link, EXTINFO_CGI, sizeof(link)); break; case HISTORY_CGI_ID: - strcat(link, HISTORY_CGI); + strncpy(link, HISTORY_CGI, sizeof(link)); break; case NOTIFICATIONS_CGI_ID: - strcat(link, NOTIFICATIONS_CGI); + strncpy(link, NOTIFICATIONS_CGI, sizeof(link)); break; case SHOWLOG_CGI_ID: - strcat(link, SHOWLOG_CGI); + strncpy(link, SHOWLOG_CGI, sizeof(link)); break; default: - strcat(link, "NO_URL_DEFINED"); + strncpy(link, "NO_URL_DEFINED", sizeof(link)); break; } + link[sizeof(link) - 1] = '\x0'; - /* get url options but filter out "limit" and "status" */ - if (getenv("QUERY_STRING") != NULL && strcmp(getenv("QUERY_STRING"), "")) { - if(strlen(getenv("QUERY_STRING")) > MAX_INPUT_BUFFER - 1) { - write_to_cgi_log("page_limit_selector(): Query string exceeds max length. Returning without displaying page limit selector.\n"); - return; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { + + if (temp_request_item->is_valid == FALSE || temp_request_item->option == NULL) { + continue; } - strcpy(stripped_query_string, getenv("QUERY_STRING")); - strip_html_brackets(stripped_query_string); - /* check if concatenated strings exceed MAX_INPUT_BUFFER */ - if (strlen(link) + strlen(stripped_query_string) + 1 > MAX_INPUT_BUFFER - 1) { - write_to_cgi_log("page_limit_selector(): Full query string exceeds max length. Returning without displaying page limit selector.\n"); - return; + /* filter out "limit" and "start" */ + if (!strcmp(temp_request_item->option, "limit") || !strcmp(temp_request_item->option, "start")) { + continue; } - for (temp_buffer = my_strtok(stripped_query_string, "&"); temp_buffer != NULL; temp_buffer = my_strtok(NULL, "&")) { - if (strncmp(temp_buffer, "limit=", 6) != 0 && strncmp(temp_buffer, "start=", 6) != 0) { - if (strstr(link, "?")) - strcat(link, "&"); - else - strcat(link, "?"); - strcat(link, temp_buffer); - } + strncpy(temp_buffer, link, sizeof(temp_buffer)); + if (temp_request_item->value != NULL) { + snprintf(link, sizeof(link) - 1, "%s%s%s=%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", url_encode(temp_request_item->option), url_encode(temp_request_item->value)); + } else { + snprintf(link, sizeof(link) - 1, "%s%s%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", url_encode(temp_request_item->option)); } + link[sizeof(link) - 1] = '\x0'; } /* display drop down menu to select result limit */ diff --git a/cgi/cmd.c b/cgi/cmd.c index c249219..491e7cc 100644 --- a/cgi/cmd.c +++ b/cgi/cmd.c @@ -178,6 +178,7 @@ unsigned long attr = MODATTR_NONE; /**< default modified_attributes */ double interval = 1.0; /**< default modified *_interval */ authdata current_authdata; /**< struct to hold current authentication data */ +html_request *html_request_list = NULL; /**< contains html requested data */ /** Initialize the struct */ struct hostlist commands[NUMBER_OF_STRUCTS]; @@ -283,13 +284,10 @@ void check_comment_sanity(int*); void check_time_sanity(int*); /** @brief Parses the requested GET/POST variables - * @retval TRUE - * @retval FALSE - * @return wether parsing was successful or not * * @n This function parses the request and set's the necessary variables **/ -int process_cgivars(void); +void process_cgivars(void); /** @brief Yes we need a main function **/ @@ -309,6 +307,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -318,6 +317,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -340,6 +340,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -350,6 +351,7 @@ int main(void) { print_error(NULL, ERROR_CGI_STATUS_DATA, FALSE); document_footer(CGI_ID); free_memory(); + free_html_request(html_request_list); return ERROR; } @@ -407,146 +409,112 @@ int main(void) { document_footer(CGI_ID); /* free allocated memory */ + free_html_request(html_request_list); free_memory(); free_object_data(); return OK; } -int process_cgivars(void) { - char **variables; +void process_cgivars(void) { char *temp_buffer = NULL; char *key = NULL; char *value = NULL; - int error = FALSE; - int x; + int x = 0; int z = 0; int sticky_ack_set = FALSE; /* default is TRUE */ + html_request *temp_request_item = NULL; - variables = getcgivars(); + html_request_list = getcgivars(); - /* Process the variables */ - for (x = 0; variables[x] != NULL; x+=2) { - key = variables[x]; - value = variables[x+1]; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { - /* do some basic length checking on the variable identifier to prevent buffer overflows */ - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } - /* likewise, check the value if there is one */ - if (value != NULL) - if (strlen(value) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } + key = temp_request_item->option; + value = temp_request_item->value; /* we found the command type */ - if (!strcmp(key, "cmd_typ")) { - if (value == NULL) { - error = TRUE; - break; - } + if (!strcmp(key, "cmd_typ") && value != NULL) { command_type = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the attr */ - else if (!strcmp(key, "attr")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "attr") && value != NULL) { attr = strtoul(value, NULL, 10); + + temp_request_item->is_valid = TRUE; } /* we found the attr */ - else if (!strcmp(key, "interval")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "interval") && value != NULL) { #ifdef HAVE_STRTOF interval = strtof(value, NULL); #else /* Solaris 8 doesn't have strtof() */ interval = (float)strtod(value, NULL); #endif + + temp_request_item->is_valid = TRUE; } /* we found the command mode */ - else if (!strcmp(key, "cmd_mod")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "cmd_mod") && value != NULL) { command_mode = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found a comment id or a downtime id*/ - else if (!strcmp(key, "com_id") || !strcmp(key, "down_id")) { - if (value == NULL) { - error = TRUE; - break; - } + else if ((!strcmp(key, "com_id") || !strcmp(key, "down_id")) && value != NULL) { multi_ids[z] = strtoul(value, NULL, 10); z++; + + temp_request_item->is_valid = TRUE; } /* we found the notification delay */ - else if (!strcmp(key, "not_dly")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "not_dly") && value != NULL) { notification_delay = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the schedule delay */ - else if (!strcmp(key, "sched_dly")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "sched_dly") && value != NULL) { schedule_delay = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the comment author */ - else if (!strcmp(key, "com_author")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "com_author") && value != NULL) { if ((comment_author = (char *)strdup(value)) == NULL) comment_author = ""; strip_html_brackets(comment_author); + + temp_request_item->is_valid = TRUE; } /* we found the comment data */ - else if (!strcmp(key, "com_data")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "com_data") && value != NULL) { if ((comment_data = (char *)strdup(value)) == NULL) comment_data = ""; strip_html_brackets(comment_data); + + temp_request_item->is_valid = TRUE; } /* we found the host name */ - else if (!strcmp(key, "host")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "host") && value != NULL) { if ((host_name = (char *)strdup(value)) == NULL) host_name = ""; @@ -555,27 +523,24 @@ int process_cgivars(void) { /* Store hostname in struct */ commands[x].host_name = host_name; + x++; } + + temp_request_item->is_valid = TRUE; } /* we found the hostgroup name */ - else if (!strcmp(key, "hostgroup")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "hostgroup") && value != NULL) { if ((hostgroup_name = (char *)strdup(value)) == NULL) hostgroup_name = ""; strip_html_brackets(hostgroup_name); + + temp_request_item->is_valid = TRUE; } /* we found the service name */ - else if (!strcmp(key, "service")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "service") && value != NULL) { if ((service_desc = (char *)strdup(value)) == NULL) service_desc = ""; @@ -583,51 +548,54 @@ int process_cgivars(void) { strip_html_brackets(service_desc); /* Store service description in struct */ - commands[(x-2)].description = service_desc; + commands[(x-1)].description = service_desc; } + + temp_request_item->is_valid = TRUE; } /* we found a combined host/service */ - else if (!strcmp(key, "hostservice")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "hostservice") && value != NULL) { temp_buffer = strtok(value, "^"); - if ((host_name = (char *)strdup(temp_buffer)) == NULL) - host_name = ""; - else { + if ((host_name = (char *)strdup(temp_buffer)) == NULL) { + continue; + } else { strip_html_brackets(host_name); commands[x].host_name = host_name; } temp_buffer = strtok(NULL, ""); - if ((service_desc = (char *)strdup(temp_buffer)) == NULL) - service_desc = ""; - else { + if ((service_desc = (char *)strdup(temp_buffer)) == NULL) { + my_free(commands[x].host_name); + continue; + } else { strip_html_brackets(service_desc); commands[x].description = service_desc; } + + x++; + temp_request_item->is_valid = TRUE; } /* we found the servicegroup name */ - else if (!strcmp(key, "servicegroup")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "servicegroup") && value != NULL) { if ((servicegroup_name = (char *)strdup(value)) == NULL) servicegroup_name = ""; strip_html_brackets(servicegroup_name); + + temp_request_item->is_valid = TRUE; } /* we got the persistence option for a comment */ - else if (!strcmp(key, "persistent")) + else if (!strcmp(key, "persistent")) { persistent_comment = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we got the notification option for an acknowledgement */ else if (!strcmp(key, "send_notification")) { @@ -636,6 +604,8 @@ int process_cgivars(void) { /* if the value was omitted, assume it is enabled */ if (value == NULL) send_notification = TRUE; + + temp_request_item->is_valid = TRUE; } /* we got the acknowledgement type */ @@ -645,155 +615,154 @@ int process_cgivars(void) { /* if the value was omitted, assume it is enabled */ if (value == NULL) sticky_ack_set = TRUE; + + temp_request_item->is_valid = TRUE; } /* we use the end_time as expire time */ - else if (!strcmp(key, "use_ack_end_time")) + else if (!strcmp(key, "use_ack_end_time")) { use_ack_end_time = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we use the end_time as disabled notifcations expire time */ - else if (!strcmp(key, "use_disabled_notif_end_time")) + else if (!strcmp(key, "use_disabled_notif_end_time")) { use_disabled_notif_end_time = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we got the service check force option */ - else if (!strcmp(key, "force_check")) + else if (!strcmp(key, "force_check")) { force_check = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we got the option to affect host and all its services */ - else if (!strcmp(key, "ahas")) + else if (!strcmp(key, "ahas")) { affect_host_and_services = TRUE; - + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we got the option to propagate to child hosts */ - else if (!strcmp(key, "ptc")) + else if (!strcmp(key, "ptc")) { propagate_to_children = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we got the option for fixed downtime */ - else if (!strcmp(key, "fixed")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "fixed") && value != NULL) { fixed = (atoi(value) > 0) ? TRUE : FALSE; + + temp_request_item->is_valid = TRUE; } /* we got the triggered by downtime option */ - else if (!strcmp(key, "trigger")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "trigger") && value != NULL) { triggered_by = strtoul(value, NULL, 10); + + temp_request_item->is_valid = TRUE; } /* we got the child options */ - else if (!strcmp(key, "childoptions")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "childoptions") && value != NULL) { child_options = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the plugin output */ - else if (!strcmp(key, "plugin_output")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "plugin_output") && value != NULL) { - strcpy(plugin_output, value); + strncpy(plugin_output, value, MAX_INPUT_BUFFER); + + temp_request_item->is_valid = TRUE; } /* we found the performance data */ - else if (!strcmp(key, "performance_data")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "performance_data") && value != NULL) { - strcpy(performance_data, value); + strncpy(performance_data, value, MAX_INPUT_BUFFER); + + temp_request_item->is_valid = TRUE; } /* we found the plugin state */ - else if (!strcmp(key, "plugin_state")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "plugin_state") && value != NULL) { plugin_state = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the hour duration */ - else if (!strcmp(key, "hours")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "hours") && value != NULL) { if (atoi(value) < 0) { - error = TRUE; - break; + continue; } duration += (unsigned long)(atoi(value) * 3600); + + temp_request_item->is_valid = TRUE; } /* we found the minute duration */ - else if (!strcmp(key, "minutes")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "minutes") && value != NULL) { if (atoi(value) < 0) { - error = TRUE; - break; + continue; } duration += (unsigned long)(atoi(value) * 60); + + temp_request_item->is_valid = TRUE; } /* we found the start time */ - else if (!strcmp(key, "start_time")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "start_time") && value != NULL) { - start_time_string = (char *)malloc(strlen(value) + 1); - if (start_time_string == NULL) + if ((start_time_string = (char *)strdup(value)) == NULL) { start_time_string = ""; - else - strcpy(start_time_string, value); + } + + temp_request_item->is_valid = TRUE; } /* we found the end time */ - else if (!strcmp(key, "end_time")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "end_time") && value != NULL) { - end_time_string = (char *)malloc(strlen(value) + 1); - if (end_time_string == NULL) + if ((end_time_string = (char *)strdup(value)) == NULL) { end_time_string = ""; - else - strcpy(end_time_string, value); + } + + temp_request_item->is_valid = TRUE; } /* we found the forced notification option */ - else if (!strcmp(key, "force_notification")) + else if (!strcmp(key, "force_notification")) { force_notification = NOTIFICATION_OPTION_FORCED; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the broadcast notification option */ - else if (!strcmp(key, "broadcast_notification")) + else if (!strcmp(key, "broadcast_notification")) { broadcast_notification = NOTIFICATION_OPTION_BROADCAST; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we got the persistence option for a comment */ - else if (!strcmp(key, "nodaemoncheck")) + else if (!strcmp(key, "nodaemoncheck")) { daemon_check = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } } @@ -801,10 +770,7 @@ int process_cgivars(void) { sticky_ack = sticky_ack_set; } - /* free memory allocated to the CGI variables */ - free_cgivars(variables); - - return error; + return; } void print_object_list(int list_type) { diff --git a/cgi/config.c b/cgi/config.c index 5e80473..0baf52f 100644 --- a/cgi/config.c +++ b/cgi/config.c @@ -145,7 +145,7 @@ extern int use_ssl_authentication; extern int week_starts_on_monday; -int process_cgivars(void); +void process_cgivars(void); void display_options(void); void display_hosts(void); void display_hostgroups(void); @@ -180,6 +180,7 @@ char hashed_color[8]; char *item_name = NULL; /**< contains exact name user is looking for */ char *search_string = NULL; /**< contains search string if user searched something */ regex_t search_preg; /**< contains compiled regex term to use with regexec() */ +html_request *html_request_list = NULL; /**< contains html requested data */ char *org_action_url_target = ""; char *org_authorized_for_all_host_commands = ""; @@ -299,6 +300,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -308,6 +310,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -317,6 +320,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -460,6 +464,7 @@ int main(void) { if (is_authorized_for_configuration_information(¤t_authdata) == FALSE) { print_generic_error_message("It appears as though you do not have permission to view the configuration information you requested...", "If you believe this is an error, check the HTTP server authentication requirements for accessing this CGI and check the authorization options in your CGI configuration file.", 0); document_footer(CGI_ID); + free_html_request(html_request_list); return OK; } @@ -579,90 +584,62 @@ int main(void) { page_num_selector(result_start, total_entries, displayed_entries); document_footer(CGI_ID); + free_html_request(html_request_list); return OK; } -int process_cgivars(void) { - char **variables; +void process_cgivars(void) { char *key = NULL; char *value = NULL; - int error = FALSE; - int x; + html_request *temp_request_item = NULL; - variables = getcgivars(); + html_request_list = getcgivars(); to_expand[0] = '\0'; - for (x = 0; variables[x] != NULL; x+=2) { - key = variables[x]; - value = variables[x+1]; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { - /* do some basic length checking on the variable identifier to prevent buffer overflows */ - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } - /* likewise, check the value for length if it's present */ - if (value != NULL) - if (strlen(value) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } + key = temp_request_item->option; + value = temp_request_item->value; /* we found the search_string argument */ if (!strcmp(key, "search_string")) { - if (value == NULL) { - error = TRUE; - break; - } - - if (strlen(value) != 0) + if (value != NULL && strlen(value) != 0) { search_string = strdup(value); + temp_request_item->is_valid = TRUE; + } } /* we found the item_name argument */ else if (!strcmp(key, "item_name")) { - if (value == NULL) { - error = TRUE; - break; - } - - if (strlen(value) != 0) + if (value != NULL && strlen(value) != 0) { item_name = strdup(value); + temp_request_item->is_valid = TRUE; + } } /* we found the host name */ - else if (!strcmp(key, "host")) { - if (value == NULL) { - error = TRUE; - break; - } - + else if (!strcmp(key, "host") && value != NULL) { host_name = strdup(value); if (host_name == NULL) host_name = ""; strip_html_brackets(host_name); + temp_request_item->is_valid = TRUE; } /* we found the service name */ - else if (!strcmp(key, "service")) { - if (value == NULL) { - error = TRUE; - break; - } - + else if (!strcmp(key, "service") && value != NULL) { service_desc = strdup(value); if (service_desc == NULL) service_desc = ""; strip_html_brackets(service_desc); + temp_request_item->is_valid = TRUE; } /* we found the configuration type argument */ - else if (!strcmp(key, "type")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "type") && value != NULL) { + + temp_request_item->is_valid = TRUE; /* what information should we display? */ if (!strcmp(value, "hosts")) @@ -697,71 +674,68 @@ int process_cgivars(void) { display_type = DISPLAY_CGICONFIG; else if (!strcmp(value, "all")) display_type = DISPLAY_ALL; + else + temp_request_item->is_valid = FALSE; } /* we found the embed option */ - else if (!strcmp(key, "embedded")) + else if (!strcmp(key, "embedded")) { embedded = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nodaemoncheck option */ - else if (!strcmp(key, "nodaemoncheck")) + else if (!strcmp(key, "nodaemoncheck")) { daemon_check = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the string-to-expand argument */ - else if (!strcmp(key, "expand")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "expand") && value != NULL) { + strncpy(to_expand, value, MAX_COMMAND_BUFFER); to_expand[MAX_COMMAND_BUFFER - 1] = '\0'; + + temp_request_item->is_valid = TRUE; } /* we found the CSV output option */ else if (!strcmp(key, "csvoutput")) { display_header = FALSE; content_type = CSV_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the JSON output option */ else if (!strcmp(key, "jsonoutput")) { display_header = FALSE; content_type = JSON_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* start num results to skip on displaying statusdata */ - else if (!strcmp(key, "start")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "start") && value != NULL) { result_start = atoi(value); if (result_start < 1) result_start = 1; + + temp_request_item->is_valid = TRUE; } /* amount of results to display */ - else if (!strcmp(key, "limit")) { - if (value == NULL) { - error = TRUE; - break; - } - + else if (!strcmp(key, "limit") && value != NULL) { get_result_limit = atoi(value); + temp_request_item->is_valid = TRUE; } - - /* we received an invalid argument */ - else - error = TRUE; - } - /* free memory allocated to the CGI variables */ - free_cgivars(variables); - - return error; + return; } void display_hosts(void) { diff --git a/cgi/extinfo.c b/cgi/extinfo.c index 18bae34..7a45912 100644 --- a/cgi/extinfo.c +++ b/cgi/extinfo.c @@ -109,7 +109,7 @@ typedef struct sortdata_struct { struct sortdata_struct *next; } sortdata; -int process_cgivars(void); +void process_cgivars(void); void show_process_info(void); void show_host_info(void); @@ -131,6 +131,8 @@ authdata current_authdata; sortdata *sortdata_list = NULL; +html_request *html_request_list = NULL; /**< contains html requested data */ + char *host_name = ""; char *hostgroup_name = ""; char *servicegroup_name = ""; @@ -188,6 +190,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -197,6 +200,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -206,6 +210,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -216,6 +221,7 @@ int main(void) { print_error(NULL, ERROR_CGI_STATUS_DATA, FALSE); document_footer(CGI_ID); free_memory(); + free_html_request(html_request_list); return ERROR; } @@ -812,42 +818,27 @@ int main(void) { free_comment_data(); free_downtime_data(); free_sortdata_list(); + free_html_request(html_request_list); return OK; } -int process_cgivars(void) { - char **variables; +void process_cgivars(void) { char *key = NULL; char *value = NULL; - int error = FALSE; int temp_type; - int x; + html_request *temp_request_item = NULL; - variables = getcgivars(); + html_request_list = getcgivars(); - for (x = 0; variables[x] != NULL; x+=2) { - key = variables[x]; - value = variables[x+1]; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { - /* do some basic length checking on the variable identifier to prevent buffer overflows */ - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } - /* likewise, check the value if it exists */ - if (value != NULL) - if (strlen(value) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } + key = temp_request_item->option; + value = temp_request_item->value; /* we found the display type */ - if (!strcmp(key, "type")) { - if (value == NULL) { - error = TRUE; - break; - } + if (!strcmp(key, "type") && value != NULL) { + temp_type = atoi(value); if (temp_type == DISPLAY_HOST_INFO) display_type = DISPLAY_HOST_INFO; @@ -867,97 +858,89 @@ int process_cgivars(void) { display_type = DISPLAY_SCHEDULING_QUEUE; else display_type = DISPLAY_PROCESS_INFO; + + temp_request_item->is_valid = TRUE; } /* we found the host name */ - else if (!strcmp(key, "host")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "host") && value != NULL) { host_name = strdup(value); if (host_name == NULL) host_name = ""; strip_html_brackets(host_name); + + temp_request_item->is_valid = TRUE; } /* we found the hostgroup name */ - else if (!strcmp(key, "hostgroup")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "hostgroup") && value != NULL) { hostgroup_name = strdup(value); if (hostgroup_name == NULL) hostgroup_name = ""; strip_html_brackets(hostgroup_name); + + temp_request_item->is_valid = TRUE; } /* we found the service name */ - else if (!strcmp(key, "service")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "service") && value != NULL) { service_desc = strdup(value); if (service_desc == NULL) service_desc = ""; strip_html_brackets(service_desc); + + temp_request_item->is_valid = TRUE; } /* we found the servicegroup name */ - else if (!strcmp(key, "servicegroup")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "servicegroup") && value != NULL) { servicegroup_name = strdup(value); if (servicegroup_name == NULL) servicegroup_name = ""; strip_html_brackets(servicegroup_name); + + temp_request_item->is_valid = TRUE; } /* we found the sort type argument */ - else if (!strcmp(key, "sorttype")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "sorttype") && value != NULL) { sort_type = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the sort option argument */ - else if (!strcmp(key, "sortoption")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "sortoption") && value != NULL) { sort_option = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the CSV output option */ else if (!strcmp(key, "csvoutput")) { display_header = FALSE; content_type = CSV_CONTENT; + + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the JSON output option */ else if (!strcmp(key, "jsonoutput")) { display_header = FALSE; content_type = JSON_CONTENT; + + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } - else if (!strcmp(key, "csvtype")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "csvtype") && value != NULL) { if (!strcmp(value, "comment")) csv_type = CSV_COMMENT; @@ -965,54 +948,63 @@ int process_cgivars(void) { csv_type = CSV_DOWNTIME; else csv_type = CSV_DEFAULT; + + temp_request_item->is_valid = TRUE; } /* we found the embed option */ - else if (!strcmp(key, "embedded")) + else if (!strcmp(key, "embedded")) { embedded = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } + /* we found the noheader option */ - else if (!strcmp(key, "noheader")) + else if (!strcmp(key, "noheader")) { display_header = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } + /* we found the pause option */ - else if (!strcmp(key, "paused")) + else if (!strcmp(key, "paused")) { refresh = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } + /* we found the nodaemoncheck option */ - else if (!strcmp(key, "nodaemoncheck")) + else if (!strcmp(key, "nodaemoncheck")) { daemon_check = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } + /* start num results to skip on displaying statusdata */ - else if (!strcmp(key, "start")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "start") && value != NULL) { result_start = atoi(value); if (result_start < 1) result_start = 1; + + temp_request_item->is_valid = TRUE; } /* amount of results to display */ - else if (!strcmp(key, "limit")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "limit") && value != NULL) { get_result_limit = atoi(value); - } + temp_request_item->is_valid = TRUE; + } } - - /* free memory allocated to the CGI variables */ - free_cgivars(variables); - - return error; + return; } void show_process_info(void) { diff --git a/cgi/getcgi.c b/cgi/getcgi.c index 91e0c91..b7e6a77 100644 --- a/cgi/getcgi.c +++ b/cgi/getcgi.c @@ -138,22 +138,18 @@ void unescape_cgi_input(char *input) { return; } - - -/* read the CGI input and place all name/val pairs into list. returns list containing name1, value1, name2, value2, ... , NULL */ -/* this is a hacked version of a routine I found a long time ago somewhere - can't remember where anymore */ -char **getcgivars(void) { - register int i; +html_request *getcgivars(void) { char *request_method; char *content_type; char *content_length_string; int content_length; char *cgiinput; - char **cgivars; - char **pairlist; - int paircount; char *nvpair; char *eqpos; + char *temp_pair; + html_request *new_html_request_list = NULL; + html_request *new_request_item = NULL; + html_request *last_request_item = NULL; /* initialize char variable(s) */ cgiinput = ""; @@ -237,92 +233,88 @@ char **getcgivars(void) { exit(1); } - /* first, split on ampersands (&) to extract the name-value pairs into pairlist */ - /* allocate memory for 256 name-value pairs at a time, increasing by same - amount as necessary... */ - pairlist = (char **)malloc(256 * sizeof(char **)); - if (pairlist == NULL) { - printf("getcgivars(): Could not allocate memory for name-value pairlist.\n"); - exit(1); - } - paircount = 0; - nvpair = strtok(cgiinput, "&"); + nvpair = my_strtok(cgiinput, "&"); while (nvpair) { - pairlist[paircount] = strdup(nvpair); - if(pairlist[paircount++] == NULL) { - printf("getcgivars(): Could not allocate memory for name-value pair element #%d.\n", paircount); + + temp_pair = strdup(nvpair); + if(temp_pair == NULL) { + printf("getcgivars(): Could not allocate memory for name-value pair element %s.\n", nvpair); exit(1); } - if (paircount > MAX_CGI_INPUT_PAIRS) - break; - if (!(paircount % 256)) { - pairlist = (char **)realloc(pairlist, (paircount + 256) * sizeof(char **)); - if (pairlist == NULL) { - printf("getcgivars(): Could not re-allocate memory for name-value pairlist.\n"); - exit(1); - } - } - nvpair = strtok(NULL, "&"); - } - /* terminate the list */ - pairlist[paircount] = '\x0'; + /* allocating new memory */ + new_request_item = (html_request *)malloc(sizeof(html_request)); + if(new_request_item == NULL) { + printf("getcgivars(): Could not allocate memory for new html_request element.\n"); + my_free(temp_pair); + exit(1); + } - /* extract the names and values from the pairlist */ - cgivars = (char **)malloc((paircount * 2 + 1) * sizeof(char **)); - if (cgivars == NULL) { - printf("getcgivars(): Could not allocate memory for name-value list.\n"); - exit(1); - } + new_request_item->option = NULL; + new_request_item->value = NULL; + new_request_item->is_valid = FALSE; + new_request_item->next = NULL; - for (i = 0; i < paircount; i++) { - /* get the variable name preceding the equal (=) sign */ - if ((eqpos = strchr(pairlist[i], '=')) != NULL) { + /* get value */ + if ((eqpos = strchr(temp_pair, '=')) != NULL) { *eqpos = '\0'; - cgivars[i*2+1] = strdup(eqpos + 1); - if(cgivars[i*2+1] == NULL) { - printf("getcgivars(): Could not allocate memory for cgi param value #%d,%s.\n", i,eqpos + 1); + new_request_item->value = strdup(eqpos + 1); + if(new_request_item->value == NULL) { + printf("getcgivars(): Could not allocate memory for cgi param value: %s=%s.\n", temp_pair,eqpos + 1); + exit(1); + } + unescape_cgi_input(new_request_item->value); + /* do some basic length checking */ + if (strlen(new_request_item->value) >= MAX_INPUT_BUFFER - 1) { + printf("getcgivars(): length of cgi param value exceeds MAX_INPUT_BUFFER: %d.\n", MAX_INPUT_BUFFER); exit(1); } - unescape_cgi_input(cgivars[i*2+1]); - - } else { - cgivars[i*2+1] = NULL; } - /* get the variable value (or name/value of there was no real "pair" in the first place) */ - cgivars[i*2] = strdup(pairlist[i]); - if(cgivars[i*2] == NULL) { - printf("getcgivars(): Could not allocate memory for cgi param name #%d,%s.\n", i,eqpos + 1); + /* get option name + just reuse the temp_pair pointer without allocating new memory + */ + new_request_item->option = temp_pair; + unescape_cgi_input(new_request_item->option); + if (strlen(new_request_item->option) >= MAX_INPUT_BUFFER - 1) { + printf("getcgivars(): length of cgi param option exceeds MAX_INPUT_BUFFER: %d.\n", MAX_INPUT_BUFFER); exit(1); } - unescape_cgi_input(cgivars[i*2]); - } - /* terminate the name-value list */ - cgivars[paircount*2] = '\x0'; + if (new_html_request_list == NULL) { + new_html_request_list = new_request_item; + new_html_request_list->next = NULL; + last_request_item = new_html_request_list; + } else { + last_request_item->next = new_request_item; + last_request_item = new_request_item; + last_request_item->next = NULL; + } + + nvpair = my_strtok(NULL, "&"); + } /* free allocated memory */ free(cgiinput); - for (i = 0; pairlist[i] != NULL; i++) - free(pairlist[i]); - free(pairlist); - - /* sanitize the name-value strings */ - sanitize_cgi_input(cgivars); /* return the list of name-value strings */ - return cgivars; + return new_html_request_list; } +/* free() memory allocated to storing the CGI request data */ +void free_html_request(html_request *html_request_list) { + html_request *this_html_request = NULL; + html_request *next_html_request = NULL; + + /* free memory for html request list */ + for (this_html_request = html_request_list; this_html_request != NULL; this_html_request = next_html_request) { + next_html_request = this_html_request->next; + my_free(this_html_request->option); + my_free(this_html_request->value); + my_free(this_html_request); + } - -/* free() memory allocated to storing the CGI variables */ -void free_cgivars(char **cgivars) { - register int x; - - for (x = 0; cgivars[x] != '\x0'; x++) - free(cgivars[x]); + html_request_list = NULL; return; } diff --git a/cgi/histogram.c b/cgi/histogram.c index 0d912ef..39e1dad 100644 --- a/cgi/histogram.c +++ b/cgi/histogram.c @@ -128,6 +128,8 @@ typedef struct timeslice_data_struct { timeslice_data *tsdata; +html_request *html_request_list = NULL; /**< contains html requested data */ + void compute_report_times(void); void graph_all_histogram_data(void); void add_archived_state(int, time_t); @@ -135,7 +137,7 @@ void read_archived_state_data(void); void draw_line(int, int, int, int, int); void draw_dashed_line(int, int, int, int, int); -int process_cgivars(void); +void process_cgivars(void); time_t t1; @@ -235,6 +237,7 @@ int main(int argc, char **argv) { document_header(CGI_ID, FALSE, "Error"); print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); } return ERROR; } @@ -246,6 +249,7 @@ int main(int argc, char **argv) { document_header(CGI_ID, FALSE, "Error"); print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); } return ERROR; } @@ -257,6 +261,7 @@ int main(int argc, char **argv) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); } return ERROR; } @@ -268,6 +273,7 @@ int main(int argc, char **argv) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_STATUS_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); } free_memory(); return ERROR; @@ -497,6 +503,7 @@ int main(int argc, char **argv) { } document_footer(CGI_ID); + free_html_request(html_request_list); free_memory(); return ERROR; } @@ -886,136 +893,114 @@ int main(int argc, char **argv) { document_footer(CGI_ID); /* free all other allocated memory */ + free_html_request(html_request_list); free_memory(); return OK; } -int process_cgivars(void) { - char **variables; +void process_cgivars(void) { char *key = NULL; char *value = NULL; char *temp_buffer = NULL; - int error = FALSE; - int x; + html_request *temp_request_item = NULL; - variables = getcgivars(); + html_request_list = getcgivars(); - for (x = 0; variables[x] != NULL; x+=2) { - key = variables[x]; - value = variables[x+1]; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { - /* do some basic length checking on the variable identifier to prevent buffer overflows */ - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } - /* likewise, check the value for length if it exists */ - if (key != NULL) - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } + key = temp_request_item->option; + value = temp_request_item->value; /* we found the host argument */ - if (!strcmp(key, "host")) { - if (value == NULL) { - error = TRUE; - break; - } + if (!strcmp(key, "host") && value != NULL) { if ((host_name = (char *)strdup(value)) == NULL) host_name = ""; strip_html_brackets(host_name); display_type = DISPLAY_HOST_HISTOGRAM; + + temp_request_item->is_valid = TRUE; } /* we found the node width argument */ - else if (!strcmp(key, "service")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "service") && value != NULL) { if ((service_desc = (char *)strdup(value)) == NULL) service_desc = ""; strip_html_brackets(service_desc); display_type = DISPLAY_SERVICE_HISTOGRAM; + + temp_request_item->is_valid = TRUE; } /* we found a combined host/service */ - else if (!strcmp(key, "hostservice")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "hostservice") && value != NULL) { temp_buffer = strtok(value, "^"); - if ((host_name = (char *)strdup(temp_buffer)) == NULL) - host_name = ""; - else + if ((host_name = (char *)strdup(temp_buffer)) == NULL) { + continue; + } else { strip_html_brackets(host_name); + } temp_buffer = strtok(NULL, ""); - if ((service_desc = (char *)strdup(temp_buffer)) == NULL) - service_desc = ""; - else + if ((service_desc = (char *)strdup(temp_buffer)) == NULL) { + my_free(host_name); + continue; + } else { strip_html_brackets(service_desc); + } display_type = DISPLAY_SERVICE_HISTOGRAM; + + temp_request_item->is_valid = TRUE; } /* we found first time argument */ - else if (!strcmp(key, "t1")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "t1") && value != NULL) { t1 = (time_t)strtoul(value, NULL, 10); timeperiod_type = TIMEPERIOD_CUSTOM; + + temp_request_item->is_valid = TRUE; } /* we found first time argument */ - else if (!strcmp(key, "t2")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "t2") && value != NULL) { t2 = (time_t)strtoul(value, NULL, 10); timeperiod_type = TIMEPERIOD_CUSTOM; + + temp_request_item->is_valid = TRUE; } /* we found the image creation option */ else if (!strcmp(key, "createimage")) { content_type = IMAGE_CONTENT; + + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the backtrack archives argument */ - else if (!strcmp(key, "backtrack")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "backtrack") && value != NULL) { backtrack_archives = atoi(value); if (backtrack_archives < 0) backtrack_archives = 0; if (backtrack_archives > MAX_ARCHIVE_BACKTRACKS) backtrack_archives = MAX_ARCHIVE_BACKTRACKS; + + temp_request_item->is_valid = TRUE; } /* we found the standard timeperiod argument */ - else if (!strcmp(key, "timeperiod")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "timeperiod") && value != NULL) { if (!strcmp(value, "today")) timeperiod_type = TIMEPERIOD_TODAY; @@ -1051,14 +1036,12 @@ int process_cgivars(void) { if (timeperiod_type != TIMEPERIOD_CUSTOM) convert_timeperiod_to_times(timeperiod_type, &t1, &t2); + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "smon")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "smon") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1066,14 +1049,12 @@ int process_cgivars(void) { start_month = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "sday")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "sday") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1081,14 +1062,12 @@ int process_cgivars(void) { start_day = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "syear")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "syear") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1096,14 +1075,12 @@ int process_cgivars(void) { start_year = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "smin")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "smin") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1111,14 +1088,12 @@ int process_cgivars(void) { start_minute = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "ssec")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "ssec") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1126,14 +1101,12 @@ int process_cgivars(void) { start_second = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "shour")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "shour") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1141,15 +1114,13 @@ int process_cgivars(void) { start_hour = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "emon")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "emon") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1157,14 +1128,12 @@ int process_cgivars(void) { end_month = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "eday")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "eday") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1172,14 +1141,12 @@ int process_cgivars(void) { end_day = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "eyear")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "eyear") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1187,14 +1154,12 @@ int process_cgivars(void) { end_year = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "emin")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "emin") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1202,14 +1167,12 @@ int process_cgivars(void) { end_minute = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "esec")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "esec") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1217,14 +1180,12 @@ int process_cgivars(void) { end_second = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "ehour")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "ehour") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1232,26 +1193,33 @@ int process_cgivars(void) { end_hour = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the embed option */ - else if (!strcmp(key, "embedded")) + else if (!strcmp(key, "embedded")) { embedded = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the noheader option */ - else if (!strcmp(key, "noheader")) + else if (!strcmp(key, "noheader")) { display_header = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nodaemoncheck option */ - else if (!strcmp(key, "nodaemoncheck")) + else if (!strcmp(key, "nodaemoncheck")) { daemon_check = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the input option */ - else if (!strcmp(key, "input")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "input") && value != NULL) { if (!strcmp(value, "gethost")) input_type = GET_INPUT_HOST_TARGET; @@ -1261,34 +1229,28 @@ int process_cgivars(void) { input_type = GET_INPUT_OPTIONS; else input_type = GET_INPUT_TARGET_TYPE; + + temp_request_item->is_valid = TRUE; } /* we found the graph states option */ - else if (!strcmp(key, "graphevents")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "graphevents") && value != NULL) { graph_events = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the graph state types option */ - else if (!strcmp(key, "graphstatetypes")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "graphstatetypes") && value != NULL) { graph_statetypes = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the breakdown option */ - else if (!strcmp(key, "breakdown")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "breakdown") && value != NULL) { if (!strcmp(value, "monthly")) breakdown_type = BREAKDOWN_MONTHLY; @@ -1298,54 +1260,45 @@ int process_cgivars(void) { breakdown_type = BREAKDOWN_DAY_OF_WEEK; else breakdown_type = BREAKDOWN_HOURLY; + + temp_request_item->is_valid = TRUE; } /* we found the assume state retention option */ - else if (!strcmp(key, "assumestateretention")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "assumestateretention") && value != NULL) { if (!strcmp(value, "yes")) assume_state_retention = TRUE; else assume_state_retention = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the initial states logged option */ - else if (!strcmp(key, "initialstateslogged")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "initialstateslogged") && value != NULL) { if (!strcmp(value, "yes")) initial_states_logged = TRUE; else initial_states_logged = FALSE; + temp_request_item->is_valid = TRUE; } /* we found the new states only option */ - else if (!strcmp(key, "newstatesonly")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "newstatesonly") && value != NULL) { if (!strcmp(value, "yes")) new_states_only = TRUE; else new_states_only = FALSE; + temp_request_item->is_valid = TRUE; } } - /* free memory allocated to the CGI variables */ - free_cgivars(variables); - - return error; + return; } diff --git a/cgi/history.c b/cgi/history.c index da17b1b..4c31119 100644 --- a/cgi/history.c +++ b/cgi/history.c @@ -76,6 +76,8 @@ time_t ts_end = 0L; /**< end time as unix timestamp */ authdata current_authdata; /**< struct to hold current authentication data */ +html_request *html_request_list = NULL; /**< contains html requested data */ + int CGI_ID = HISTORY_CGI_ID; /**< ID to identify the cgi for functions in cgiutils.c */ /** @} */ @@ -87,13 +89,10 @@ int CGI_ID = HISTORY_CGI_ID; /**< ID to identify the cgi for functions in cgiu void show_history(void); /** @brief Parses the requested GET/POST variables - * @return wether parsing was successful or not - * @retval TRUE - * @retval FALSE * * @n This function parses the request and set's the necessary variables **/ -int process_cgivars(void); +void process_cgivars(void); /** @brief Yes we need a main function **/ int main(void) { @@ -111,6 +110,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -120,6 +120,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -129,6 +130,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -310,42 +312,26 @@ int main(void) { document_footer(CGI_ID); /* free allocated memory */ + free_html_request(html_request_list); free_memory(); return OK; } -int process_cgivars(void) { - char **variables; +void process_cgivars(void) { char *key = NULL; char *value = NULL; - int error = FALSE; - int x; + html_request *temp_request_item = NULL; - variables = getcgivars(); + html_request_list = getcgivars(); - for (x = 0; variables[x] != NULL; x+=2) { - key = variables[x]; - value = variables[x+1]; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { - /* do some basic length checking on the variable identifier to prevent buffer overflows */ - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } - /* likewise, check the value if it exists */ - if (value != NULL) - if (strlen(value) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } + key = temp_request_item->option; + value = temp_request_item->value; /* we found the host argument */ - if (!strcmp(key, "host")) { - if (value == NULL) { - error = TRUE; - break; - } + if (!strcmp(key, "host") && value != NULL) { if ((host_name = (char *)strdup(value)) == NULL) host_name = ""; @@ -357,159 +343,164 @@ int process_cgivars(void) { show_all_hosts = TRUE; else show_all_hosts = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the service argument */ - else if (!strcmp(key, "service")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "service") && value != NULL) { if ((service_desc = (char *)strdup(value)) == NULL) service_desc = ""; strip_html_brackets(service_desc); display_type = DISPLAY_SERVICES; + + temp_request_item->is_valid = TRUE; } /* we found the hostgroup argument */ - else if (!strcmp(key, "hostgroup")) { + else if (!strcmp(key, "hostgroup") && value != NULL) { display_type = DISPLAY_HOSTGROUPS; - if (value == NULL) { - error = TRUE; - break; - } + if ((hostgroup_name = strdup(value)) == NULL) hostgroup_name = ""; strip_html_brackets(hostgroup_name); + + temp_request_item->is_valid = TRUE; } /* we found the servicegroup argument */ - else if (!strcmp(key, "servicegroup")) { + else if (!strcmp(key, "servicegroup") && value != NULL) { display_type = DISPLAY_SERVICEGROUPS; - if (value == NULL) { - error = TRUE; - break; - } + if ((servicegroup_name = strdup(value)) == NULL) servicegroup_name = ""; strip_html_brackets(servicegroup_name); + + temp_request_item->is_valid = TRUE; } /* we found the history type argument */ - else if (!strcmp(key, "type")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "type") && value != NULL) { history_options = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the history state type argument */ - else if (!strcmp(key, "statetype")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "statetype") && value != NULL) { state_options = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found first time argument */ - else if (!strcmp(key, "ts_start")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "ts_start") && value != NULL) { ts_start = (time_t)strtoul(value, NULL, 10); + + temp_request_item->is_valid = TRUE; } /* we found last time argument */ - else if (!strcmp(key, "ts_end")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "ts_end") && value != NULL) { ts_end = (time_t)strtoul(value, NULL, 10); + + temp_request_item->is_valid = TRUE; } /* we found the order argument */ - else if (!strcmp(key, "order")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "order") && value != NULL) { if (!strcmp(value, "new2old")) reverse = FALSE; else if (!strcmp(value, "old2new")) reverse = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the embed option */ - else if (!strcmp(key, "embedded")) + else if (!strcmp(key, "embedded")) { embedded = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the noheader option */ - else if (!strcmp(key, "noheader")) + else if (!strcmp(key, "noheader")) { display_header = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nodaemoncheck option */ - else if (!strcmp(key, "nodaemoncheck")) + else if (!strcmp(key, "nodaemoncheck")) { daemon_check = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nofrills option */ - else if (!strcmp(key, "nofrills")) + else if (!strcmp(key, "nofrills")) { display_frills = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the notimebreaks option */ - else if (!strcmp(key, "notimebreaks")) + else if (!strcmp(key, "notimebreaks")) { display_timebreaks = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the no system messages option */ - else if (!strcmp(key, "nosystem")) + else if (!strcmp(key, "nosystem")) { display_system_messages = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the no flapping alerts option */ - else if (!strcmp(key, "noflapping")) + else if (!strcmp(key, "noflapping")) { display_flapping_alerts = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the no downtime alerts option */ - else if (!strcmp(key, "nodowntime")) + else if (!strcmp(key, "nodowntime")) { display_downtime_alerts = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* start num results to skip on displaying statusdata */ - else if (!strcmp(key, "start")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "start") && value != NULL) { result_start = atoi(value); if (result_start < 1) result_start = 1; + + temp_request_item->is_valid = TRUE; } /* amount of results to display */ - else if (!strcmp(key, "limit")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "limit") && value != NULL) { get_result_limit = atoi(value); + + temp_request_item->is_valid = TRUE; } } - /* free memory allocated to the CGI variables */ - free_cgivars(variables); - - return error; + return; } void show_history(void) { diff --git a/cgi/notifications.c b/cgi/notifications.c index 4960305..2060721 100644 --- a/cgi/notifications.c +++ b/cgi/notifications.c @@ -75,6 +75,8 @@ time_t ts_end = 0L; /**< end time as unix timestamp */ authdata current_authdata; /**< struct to hold current authentication data */ +html_request *html_request_list = NULL; /**< contains html requested data */ + int CGI_ID = NOTIFICATIONS_CGI_ID; /**< ID to identify the cgi for functions in cgiutils.c */ /** @} */ @@ -86,13 +88,10 @@ int CGI_ID = NOTIFICATIONS_CGI_ID; /**< ID to identify the cgi for functions in void display_notifications(void); /** @brief Parses the requested GET/POST variables - * @return wether parsing was successful or not - * @retval TRUE - * @retval FALSE * * @n This function parses the request and set's the necessary variables **/ -int process_cgivars(void); +void process_cgivars(void); /** @brief Yes we need a main function **/ int main(void) { @@ -111,6 +110,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -120,6 +120,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -129,6 +130,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -348,43 +350,27 @@ int main(void) { document_footer(CGI_ID); /* free allocated memory */ + free_html_request(html_request_list); free_memory(); return OK; } -int process_cgivars(void) { - char **variables; +void process_cgivars(void) { char *key = NULL; char *value = NULL; - int error = FALSE; - int x; + html_request *temp_request_item = NULL; - variables = getcgivars(); + html_request_list = getcgivars(); - for (x = 0; variables[x] != NULL; x+=2) { - key = variables[x]; - value = variables[x+1]; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { - /* do some basic length checking on the variable identifier to prevent buffer overflows */ - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } - /* likewise, check the value if it exists */ - if (value != NULL) - if (strlen(value) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } + key = temp_request_item->option; + value = temp_request_item->value; /* we found the host argument */ - if (!strcmp(key, "host")) { + if (!strcmp(key, "host") && value != NULL) { query_type = DISPLAY_HOSTS; - if (value == NULL) { - error = TRUE; - break; - } if ((query_host_name = strdup(value)) == NULL) query_host_name = ""; @@ -394,15 +380,13 @@ int process_cgivars(void) { find_all = TRUE; else find_all = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the contact argument */ - else if (!strcmp(key, "contact")) { + else if (!strcmp(key, "contact") && value != NULL) { query_type = DISPLAY_CONTACTS; - if (value == NULL) { - error = TRUE; - break; - } if ((query_contact_name = strdup(value)) == NULL) query_contact_name = ""; @@ -412,108 +396,89 @@ int process_cgivars(void) { find_all = TRUE; else find_all = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the service argument */ - else if (!strcmp(key, "service")) { + else if (!strcmp(key, "service") && value != NULL) { query_type = DISPLAY_SERVICES; - if (value == NULL) { - error = TRUE; - break; - } + if ((query_svc_description = strdup(value)) == NULL) query_svc_description = ""; strip_html_brackets(query_svc_description); + + temp_request_item->is_valid = TRUE; } /* we found the hostgroup argument */ - else if (!strcmp(key, "hostgroup")) { + else if (!strcmp(key, "hostgroup") && value != NULL) { query_type = DISPLAY_HOSTGROUPS; - if (value == NULL) { - error = TRUE; - break; - } + if ((query_hostgroup_name = strdup(value)) == NULL) query_hostgroup_name = ""; strip_html_brackets(query_hostgroup_name); + + temp_request_item->is_valid = TRUE; } /* we found the servicegroup argument */ - else if (!strcmp(key, "servicegroup")) { + else if (!strcmp(key, "servicegroup") && value != NULL) { query_type = DISPLAY_SERVICEGROUPS; - if (value == NULL) { - error = TRUE; - break; - } + if ((query_servicegroup_name = strdup(value)) == NULL) query_servicegroup_name = ""; strip_html_brackets(query_servicegroup_name); + + temp_request_item->is_valid = TRUE; } /* we found the notification type argument */ - else if (!strcmp(key, "type")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "type") && value != NULL) { notification_options = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found first time argument */ - else if (!strcmp(key, "ts_start")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "ts_start") && value != NULL) { ts_start = (time_t)strtoul(value, NULL, 10); + + temp_request_item->is_valid = TRUE; } /* we found last time argument */ - else if (!strcmp(key, "ts_end")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "ts_end") && value != NULL) { ts_end = (time_t)strtoul(value, NULL, 10); + + temp_request_item->is_valid = TRUE; } /* we found the start time */ - else if (!strcmp(key, "start_time")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "start_time") && value != NULL) { - start_time_string = (char *)malloc(strlen(value) + 1); - if (start_time_string == NULL) + if ((start_time_string = (char *)strdup(value)) == NULL) { start_time_string = ""; - else - strcpy(start_time_string, value); + } + + temp_request_item->is_valid = TRUE; } /* we found the end time */ - else if (!strcmp(key, "end_time")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "end_time") && value != NULL) { - end_time_string = (char *)malloc(strlen(value) + 1); - if (end_time_string == NULL) + if ((end_time_string = (char *)strdup(value)) == NULL) { end_time_string = ""; - else - strcpy(end_time_string, value); + } + + temp_request_item->is_valid = TRUE; } /* we found the standard timeperiod argument */ - else if (!strcmp(key, "timeperiod")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "timeperiod") && value != NULL) { if (!strcmp(value, "today")) timeperiod_type = TIMEPERIOD_TODAY; @@ -543,66 +508,76 @@ int process_cgivars(void) { continue; convert_timeperiod_to_times(timeperiod_type, &ts_start, &ts_end); + + temp_request_item->is_valid = TRUE; } /* we found the order argument */ - else if (!strcmp(key, "order")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "order") && value != NULL) { if (!strcmp(value, "new2old")) reverse = FALSE; else if (!strcmp(value, "old2new")) reverse = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the CSV output option */ else if (!strcmp(key, "csvoutput")) { display_header = FALSE; content_type = CSV_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the JSON output option */ else if (!strcmp(key, "jsonoutput")) { display_header = FALSE; content_type = JSON_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the embed option */ - else if (!strcmp(key, "embedded")) + else if (!strcmp(key, "embedded")) { embedded = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the noheader option */ - else if (!strcmp(key, "noheader")) + else if (!strcmp(key, "noheader")) { display_header = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nodaemoncheck option */ - else if (!strcmp(key, "nodaemoncheck")) + else if (!strcmp(key, "nodaemoncheck")) { daemon_check = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* start num results to skip on displaying statusdata */ - else if (!strcmp(key, "start")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "start") && value != NULL) { result_start = atoi(value); if (result_start < 1) result_start = 1; + + temp_request_item->is_valid = TRUE; } /* amount of results to display */ - else if (!strcmp(key, "limit")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "limit") && value != NULL) { get_result_limit = atoi(value); + + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } } @@ -622,10 +597,7 @@ int process_cgivars(void) { find_all = TRUE; } - /* free memory allocated to the CGI variables */ - free_cgivars(variables); - - return error; + return; } void display_notifications(void) { diff --git a/cgi/outages.c b/cgi/outages.c index 7ab88c8..ebd2048 100644 --- a/cgi/outages.c +++ b/cgi/outages.c @@ -71,7 +71,7 @@ typedef struct hostoutagesort_struct { struct hostoutagesort_struct *next; } hostoutagesort; -int process_cgivars(void); +void process_cgivars(void); void display_network_outages(void); void find_hosts_causing_outages(void); @@ -88,6 +88,8 @@ void add_affected_host(char *); authdata current_authdata; +html_request *html_request_list = NULL; /**< contains html requested data */ + hostoutage *hostoutage_list = NULL; hostoutagesort *hostoutagesort_list = NULL; hostoutage *currently_checked_host = NULL; @@ -120,6 +122,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -129,6 +132,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -138,6 +142,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -147,6 +152,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_STATUS_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); free_memory(); return ERROR; } @@ -191,80 +197,80 @@ int main(void) { free_comment_data(); /* free all allocated memory */ + free_html_request(html_request_list); free_memory(); return OK; } -int process_cgivars(void) { - char **variables; +void process_cgivars(void) { char *key = NULL; char *value = NULL; - int error = FALSE; - int x; + html_request *temp_request_item = NULL; - variables = getcgivars(); + html_request_list = getcgivars(); - for (x = 0; variables[x] != NULL; x+=2) { - key = variables[x]; - value = variables[x+1]; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { - /* do some basic length checking on the variable identifier to prevent buffer overflows */ - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = 1; - break; - } - if (value != NULL) - if (strlen(value) >= MAX_INPUT_BUFFER - 1) { - error = 1; - break; - } + key = temp_request_item->option; + value = temp_request_item->value; /* we found the service severity divisor option */ - if (!strcmp(key, "service_divisor")) { - if (value == NULL) { - error = TRUE; - break; - } + if (!strcmp(key, "service_divisor") && value != NULL) { service_severity_divisor = atoi(value); if (service_severity_divisor < 1) service_severity_divisor = 1; + + temp_request_item->is_valid = TRUE; } /* we found the CSV output option */ else if (!strcmp(key, "csvoutput")) { display_header = FALSE; content_type = CSV_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } else if (!strcmp(key, "jsonoutput")) { display_header = FALSE; content_type = JSON_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the embed option */ - else if (!strcmp(key, "embedded")) + else if (!strcmp(key, "embedded")) { embedded = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the noheader option */ - else if (!strcmp(key, "noheader")) + else if (!strcmp(key, "noheader")) { display_header = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the pause option */ - else if (!strcmp(key, "paused")) + else if (!strcmp(key, "paused")) { refresh = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nodaemoncheck option */ - else if (!strcmp(key, "nodaemoncheck")) + else if (!strcmp(key, "nodaemoncheck")) { daemon_check = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } } - /* free memory allocated to the CGI variables */ - free_cgivars(variables); - - return error; + return; } /* shows all hosts that are causing network outages */ diff --git a/cgi/showlog.c b/cgi/showlog.c index 3ebba96..799f06d 100644 --- a/cgi/showlog.c +++ b/cgi/showlog.c @@ -85,17 +85,16 @@ time_t ts_end = 0L; /**< end time as unix timestamp */ authdata current_authdata; /**< struct to hold current authentication data */ +html_request *html_request_list = NULL; /**< contains html requested data */ + int CGI_ID = SHOWLOG_CGI_ID; /**< ID to identify the cgi for functions in cgiutils.c */ /** @} */ /** @brief Parses the requested GET/POST variables - * @return wether parsing was successful or not - * @retval TRUE - * @retval FALSE * * @n This function parses the request and set's the necessary variables **/ -int process_cgivars(void); +void process_cgivars(void); /** @brief displays the requested log entries * @@ -126,6 +125,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -135,6 +135,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -144,6 +145,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -224,102 +226,73 @@ int main(void) { /* free allocated memory */ free_memory(); + free_html_request(html_request_list); return OK; } -int process_cgivars(void) { - char **variables; +void process_cgivars(void) { char *key = NULL; char *value = NULL; - int error = FALSE; - int x; + html_request *temp_request_item = NULL; - variables = getcgivars(); + html_request_list = getcgivars(); - for (x = 0; variables[x] != NULL; x+=2) { - key = variables[x]; - value = variables[x+1]; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { - /* do some basic length checking on the variable identifier to prevent buffer overflows */ - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } - if (value != NULL) - if (strlen(value) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } + key = temp_request_item->option; + value = temp_request_item->value; /* found query string */ - if (!strcmp(key, "query_string")) { - if (value == NULL) { - error = TRUE; - break; - } + if (!strcmp(key, "query_string") && value != NULL) { query_string = strdup(value); strip_html_brackets(query_string); if (strlen(query_string) == 0) my_free(query_string); + + temp_request_item->is_valid = TRUE; } /* we found first time argument */ - else if (!strcmp(key, "ts_start")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "ts_start") && value != NULL) { ts_start = (time_t)strtoul(value, NULL, 10); + + temp_request_item->is_valid = TRUE; } /* we found last time argument */ - else if (!strcmp(key, "ts_end")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "ts_end") && value != NULL) { ts_end = (time_t)strtoul(value, NULL, 10); + + temp_request_item->is_valid = TRUE; } /* we found the start time */ - else if (!strcmp(key, "start_time")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "start_time") && value != NULL) { - start_time_string = (char *)malloc(strlen(value) + 1); - if (start_time_string == NULL) + if ((start_time_string = (char *)strdup(value)) == NULL) { start_time_string = ""; - else - strcpy(start_time_string, value); + } + + temp_request_item->is_valid = TRUE; } /* we found the end time */ - else if (!strcmp(key, "end_time")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "end_time") && value != NULL) { - end_time_string = (char *)malloc(strlen(value) + 1); - if (end_time_string == NULL) + if ((end_time_string = (char *)strdup(value)) == NULL) { end_time_string = ""; - else - strcpy(end_time_string, value); + } + + temp_request_item->is_valid = TRUE; } /* we found the standard timeperiod argument */ - else if (!strcmp(key, "timeperiod")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "timeperiod") && value != NULL) { if (!strcmp(value, "today")) timeperiod_type = TIMEPERIOD_TODAY; @@ -349,186 +322,174 @@ int process_cgivars(void) { continue; convert_timeperiod_to_times(timeperiod_type, &ts_start, &ts_end); + + temp_request_item->is_valid = TRUE; } /* we found the order argument */ - else if (!strcmp(key, "order")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "order") && value != NULL) { if (!strcmp(value, "new2old")) reverse = FALSE; else if (!strcmp(value, "old2new")) reverse = TRUE; + + temp_request_item->is_valid = TRUE; } /* show filter */ - else if (!strcmp(key, "display_filter")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "display_filter") && value != NULL) { if (!strcmp(value, "true")) display_filter = TRUE; + + temp_request_item->is_valid = TRUE; } /* notification filter */ - else if (!strcmp(key, "noti")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "noti") && value != NULL) { if (!strcmp(value, "off")) show_notifications = FALSE; + + temp_request_item->is_valid = TRUE; } /* host status filter */ - else if (!strcmp(key, "hst")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "hst") && value != NULL) { if (!strcmp(value, "off")) show_host_status = FALSE; + + temp_request_item->is_valid = TRUE; } /* service status filter */ - else if (!strcmp(key, "sst")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "sst") && value != NULL) { if (!strcmp(value, "off")) show_service_status = FALSE; + + temp_request_item->is_valid = TRUE; } /* external commands filter */ - else if (!strcmp(key, "cmd")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "cmd") && value != NULL) { if (!strcmp(value, "off")) show_external_commands = FALSE; + + temp_request_item->is_valid = TRUE; } /* system messages filter */ - else if (!strcmp(key, "sms")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "sms") && value != NULL) { if (!strcmp(value, "off")) show_system_messages = FALSE; + + temp_request_item->is_valid = TRUE; } /* event handler filter */ - else if (!strcmp(key, "evh")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "evh") && value != NULL) { if (!strcmp(value, "off")) show_event_handler = FALSE; + + temp_request_item->is_valid = TRUE; } /* flapping filter */ - else if (!strcmp(key, "flp")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "flp") && value != NULL) { if (!strcmp(value, "off")) show_flapping = FALSE; + + temp_request_item->is_valid = TRUE; } /* downtime filter */ - else if (!strcmp(key, "dwn")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "dwn") && value != NULL) { if (!strcmp(value, "off")) show_downtime = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the CSV output option */ else if (!strcmp(key, "csvoutput")) { display_header = FALSE; content_type = CSV_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the CSV output option */ else if (!strcmp(key, "jsonoutput")) { display_header = FALSE; content_type = JSON_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the embed option */ - else if (!strcmp(key, "embedded")) + else if (!strcmp(key, "embedded")) { embedded = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the noheader option */ - else if (!strcmp(key, "noheader")) + else if (!strcmp(key, "noheader")) { display_header = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nofrills option */ - else if (!strcmp(key, "nofrills")) + else if (!strcmp(key, "nofrills")) { display_frills = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the notimebreaks option */ - else if (!strcmp(key, "notimebreaks")) + else if (!strcmp(key, "notimebreaks")) { display_timebreaks = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nodaemoncheck option */ - else if (!strcmp(key, "nodaemoncheck")) + else if (!strcmp(key, "nodaemoncheck")) { daemon_check = FALSE; - + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* start num results to skip on displaying statusdata */ - else if (!strcmp(key, "start")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "start") && value != NULL) { result_start = atoi(value); if (result_start < 1) result_start = 1; + + temp_request_item->is_valid = TRUE; } /* amount of results to display */ - else if (!strcmp(key, "limit")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "limit") && value != NULL) { get_result_limit = atoi(value); - } - - /* we received an invalid argument */ - else - error = TRUE; + temp_request_item->is_valid = TRUE; + } } - /* free memory allocated to the CGI variables */ - free_cgivars(variables); - - return error; + return; } void display_logentries() { diff --git a/cgi/status.c b/cgi/status.c index f90e649..f1170ab 100644 --- a/cgi/status.c +++ b/cgi/status.c @@ -290,6 +290,8 @@ time_t current_time; /**< current timestamp (calculated once in main) */ authdata current_authdata; /**< struct to hold current authentication data */ +html_request *html_request_list = NULL; /**< contains html requested data */ + struct namedlist req_hosts[NUM_NAMED_ENTRIES]; /**< initialze list of requested hosts */ struct namedlist req_hostgroups[NUM_NAMED_ENTRIES]; /**< initialze list of requested hostgroups */ struct namedlist req_servicegroups[NUM_NAMED_ENTRIES]; /**< initialze list of requested servicegroups */ @@ -564,13 +566,10 @@ void show_filters(void); /** @brief Parses the requested GET/POST variables - * @retval TRUE - * @retval FALSE - * @return wether parsing was successful or not * * @n This function parses the request and set's the necessary variables **/ -int process_cgivars(void); +void process_cgivars(void); /** @brief print's the table header for differnt styles @@ -635,6 +634,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -644,6 +644,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -653,6 +654,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -662,6 +664,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_STATUS_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); free_memory(); return ERROR; } @@ -1657,6 +1660,7 @@ int main(void) { document_footer(CGI_ID); /* free all allocated memory */ + free_html_request(html_request_list); free_memory(); free_comment_data(); @@ -1683,66 +1687,47 @@ int main(void) { return OK; } -int process_cgivars(void) { - char **variables; +void process_cgivars(void) { char *temp_buffer = NULL; char *key = NULL; char *value = NULL; - int error = FALSE; - int x; + html_request *temp_request_item = NULL; - variables = getcgivars(); + html_request_list = getcgivars(); - for (x = 0; variables[x] != NULL; x+=2) { - key = variables[x]; - value = variables[x+1]; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { - /* do some basic length checking on the variable identifier to prevent buffer overflows */ - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } - /* likewise, check the value if it exists (NULL is valid if it does not) */ - if (value != NULL) - if (strlen(value) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } + key = temp_request_item->option; + value = temp_request_item->value; /* we found the search_string argument */ - if (!strcmp(key, "search_string")) { - if (value == NULL) { - error = TRUE; - break; - } + if (!strcmp(key, "search_string") && value != NULL) { group_style_type = STYLE_HOST_SERVICE_DETAIL; search_string = strdup(value); + + temp_request_item->is_valid = TRUE; } /* we found the servicefilter argument */ - else if (!strcmp(key, "servicefilter")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "servicefilter") && value != NULL) { service_filter = (char *)strdup(value); + + temp_request_item->is_valid = TRUE; } /* we found the navbar search argument */ /* kept for backwards compatibility */ - else if (!strcmp(key, "navbarsearch")) { + else if (!strcmp(key, "navbarsearch") && value != NULL) { navbar_search = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the hostgroup argument */ - else if (!strcmp(key, "hostgroup")) { + else if (!strcmp(key, "hostgroup") && value != NULL) { display_type = DISPLAY_HOSTGROUPS; - if (value == NULL) { - error = TRUE; - break; - } temp_buffer = (char *)strdup(value); strip_html_brackets(temp_buffer); @@ -1751,15 +1736,13 @@ int process_cgivars(void) { req_hostgroups[num_req_hostgroups++].entry = strdup(temp_buffer); my_free(temp_buffer); + + temp_request_item->is_valid = TRUE; } /* we found the servicegroup argument */ - else if (!strcmp(key, "servicegroup")) { + else if (!strcmp(key, "servicegroup") && value != NULL) { display_type = DISPLAY_SERVICEGROUPS; - if (value == NULL) { - error = TRUE; - break; - } temp_buffer = strdup(value); strip_html_brackets(temp_buffer); @@ -1768,15 +1751,13 @@ int process_cgivars(void) { req_servicegroups[num_req_servicegroups++].entry = strdup(temp_buffer); my_free(temp_buffer); + + temp_request_item->is_valid = TRUE; } /* we found the host argument */ - else if (!strcmp(key, "host")) { + else if (!strcmp(key, "host") && value != NULL) { display_type = DISPLAY_HOSTS; - if (value == NULL) { - error = TRUE; - break; - } temp_buffer = strdup(value); strip_html_brackets(temp_buffer); @@ -1785,66 +1766,54 @@ int process_cgivars(void) { req_hosts[num_req_hosts++].entry = strdup(temp_buffer); my_free(temp_buffer); + + temp_request_item->is_valid = TRUE; } /* we found the columns argument */ - else if (!strcmp(key, "columns")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "columns") && value != NULL) { overview_columns = atoi(value); if (overview_columns <= 0) overview_columns = 1; + + temp_request_item->is_valid = TRUE; } /* we found the service status type argument */ - else if (!strcmp(key, "servicestatustypes")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "servicestatustypes") && value != NULL) { service_status_types = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the host status type argument */ - else if (!strcmp(key, "hoststatustypes")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "hoststatustypes") && value != NULL) { host_status_types = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the service properties argument */ - else if (!strcmp(key, "serviceprops")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "serviceprops") && value != NULL) { service_properties = strtoul(value, NULL, 10); + + temp_request_item->is_valid = TRUE; } /* we found the host properties argument */ - else if (!strcmp(key, "hostprops")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "hostprops") && value != NULL) { host_properties = strtoul(value, NULL, 10); + + temp_request_item->is_valid = TRUE; } /* we found the host or service group style argument */ - else if (!strcmp(key, "style")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "style") && value != NULL) { if (!strcmp(value, "overview")) group_style_type = STYLE_OVERVIEW; @@ -1860,36 +1829,30 @@ int process_cgivars(void) { group_style_type = STYLE_HOST_SERVICE_DETAIL; else group_style_type = STYLE_SERVICE_DETAIL; + + temp_request_item->is_valid = TRUE; } /* we found the sort type argument */ - else if (!strcmp(key, "sorttype")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "sorttype") && value != NULL) { sort_type = atoi(value); user_sorted_manually = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the sort option argument */ - else if (!strcmp(key, "sortoption")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "sortoption") && value != NULL) { sort_option = atoi(value); user_sorted_manually = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the sort object argument */ - else if (!strcmp(key, "sortobject")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "sortobject") && value != NULL) { if (!strcmp(value, "hosts")) sort_object = HOST_STATUS; @@ -1897,30 +1860,45 @@ int process_cgivars(void) { sort_object = SERVICE_STATUS; user_sorted_manually = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the embed option */ - else if (!strcmp(key, "embedded")) + else if (!strcmp(key, "embedded")) { embedded = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the noheader option */ - else if (!strcmp(key, "noheader")) + else if (!strcmp(key, "noheader")) { display_header = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nostatusheader option */ - else if (!strcmp(key, "nostatusheader")) + else if (!strcmp(key, "nostatusheader")) { nostatusheader_option = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the CSV output option */ else if (!strcmp(key, "csvoutput")) { display_header = FALSE; content_type = CSV_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the JSON output option */ else if (!strcmp(key, "jsonoutput")) { display_header = FALSE; content_type = JSON_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the pause option */ @@ -1928,45 +1906,55 @@ int process_cgivars(void) { return_live_search_data = TRUE; display_header = FALSE; content_type = JSON_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the pause option */ - else if (!strcmp(key, "paused")) + else if (!strcmp(key, "paused")) { refresh = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nodaemoncheck option */ - else if (!strcmp(key, "nodaemoncheck")) + else if (!strcmp(key, "nodaemoncheck")) { daemon_check = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nodaemoncheck option */ - else if (!strcmp(key, "allunhandledproblems")) + else if (!strcmp(key, "allunhandledproblems")) { display_all_unhandled_problems = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nodaemoncheck option */ - else if (!strcmp(key, "allproblems")) + else if (!strcmp(key, "allproblems")) { display_all_problems = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* start num results to skip on displaying statusdata */ - else if (!strcmp(key, "start")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "start") && value != NULL) { result_start = atoi(value); if (result_start < 1) result_start = 1; + + temp_request_item->is_valid = TRUE; } /* amount of results to display */ - else if (!strcmp(key, "limit")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "limit") && value != NULL) { get_result_limit = atoi(value); + + temp_request_item->is_valid = TRUE; } } @@ -1975,10 +1963,7 @@ int process_cgivars(void) { req_servicegroups[num_req_servicegroups].entry = NULL; req_hosts[num_req_hosts].entry = NULL; - /* free memory allocated to the CGI variables */ - free_cgivars(variables); - - return error; + return; } @@ -7231,8 +7216,7 @@ void print_displayed_names(int style) { void status_page_num_selector(int local_result_start, int status_type) { char link[MAX_INPUT_BUFFER] = ""; - char stripped_query_string[MAX_INPUT_BUFFER] = ""; - char *temp_buffer; + char temp_buffer[MAX_INPUT_BUFFER] = ""; int total_pages = 1; int current_page = 1; // int next_page = 0; @@ -7240,34 +7224,30 @@ void status_page_num_selector(int local_result_start, int status_type) { int display_total = 0; int display_from = 0; int display_to = 0; + html_request *temp_request_item = NULL; /* define base url */ - strcat(link, STATUS_CGI); + strncat(link, STATUS_CGI, sizeof(link)); + link[sizeof(link) - 1] = '\x0'; - /* get url options but filter out "limit" and "status" */ - if (getenv("QUERY_STRING") != NULL && strcmp(getenv("QUERY_STRING"), "")) { - if(strlen(getenv("QUERY_STRING")) > MAX_INPUT_BUFFER - 1) { - write_to_cgi_log("status_page_num_selector(): Query string exceeds max length. Returning without displaying page num selector.\n"); - return; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { + + if (temp_request_item->is_valid == FALSE || temp_request_item->option == NULL) { + continue; } - strcpy(stripped_query_string, getenv("QUERY_STRING")); - strip_html_brackets(stripped_query_string); - /* check if concatenated strings exceed MAX_INPUT_BUFFER */ - if (strlen(link) + strlen(stripped_query_string) + 1 > MAX_INPUT_BUFFER - 1) { - write_to_cgi_log("status_page_num_selector(): Full query string exceeds max length. Returning without displaying page num selector.\n"); - return; + /* filter out "limit" and "start" */ + if (!strcmp(temp_request_item->option, "limit") || !strcmp(temp_request_item->option, "start")) { + continue; } - for (temp_buffer = my_strtok(stripped_query_string, "&"); temp_buffer != NULL; temp_buffer = my_strtok(NULL, "&")) { - if (strncmp(temp_buffer, "limit=", 6) != 0 && strncmp(temp_buffer, "start=", 6) != 0) { - if (strstr(link, "?")) - strcat(link, "&"); - else - strcat(link, "?"); - strcat(link, temp_buffer); - } + strncpy(temp_buffer, link, sizeof(temp_buffer)); + if (temp_request_item->value != NULL) { + snprintf(link, sizeof(link) - 1, "%s%s%s=%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", url_encode(temp_request_item->option), url_encode(temp_request_item->value)); + } else { + snprintf(link, sizeof(link) - 1, "%s%s%s", temp_buffer, (strstr(temp_buffer, "?")) ? "&" : "?", url_encode(temp_request_item->option)); } + link[sizeof(link) - 1] = '\x0'; } /* calculate pages */ diff --git a/cgi/statusmap.c b/cgi/statusmap.c index d88f0b1..2f3ef10 100644 --- a/cgi/statusmap.c +++ b/cgi/statusmap.c @@ -91,7 +91,7 @@ typedef struct layer_struct { struct layer_struct *next; } layer; -int process_cgivars(void); +void process_cgivars(void); void display_page_header(void); void display_map(void); @@ -142,6 +142,8 @@ char physical_logo_images_path[MAX_FILENAME_LENGTH]; authdata current_authdata; +html_request *html_request_list = NULL; /**< contains html requested data */ + extern int content_type; gdImagePtr unknown_logo_image = NULL; @@ -256,6 +258,7 @@ int main(int argc, char **argv) { document_header(CGI_ID, FALSE, "Error"); print_error(main_config_file, ERROR_CGI_MAIN_CFG, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -265,6 +268,7 @@ int main(int argc, char **argv) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -274,6 +278,7 @@ int main(int argc, char **argv) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_STATUS_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); free_memory(); return ERROR; } @@ -293,43 +298,27 @@ int main(int argc, char **argv) { document_footer(CGI_ID); /* free all allocated memory */ + free_html_request(html_request_list); free_memory(); free_layer_list(); return OK; } -int process_cgivars(void) { - char **variables; +void process_cgivars(void) { char *key = NULL; char *value = NULL; - int error = FALSE; - int x; + html_request *temp_request_item = NULL; - variables = getcgivars(); + html_request_list = getcgivars(); - for (x = 0; variables[x] != NULL; x+=2) { - key = variables[x]; - value = variables[x+1]; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { - /* do some basic length checking on the variable identifier to prevent buffer overflows */ - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } - /* likewise, check the value if it exists */ - if (value != NULL) - if (strlen(value) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } + key = temp_request_item->option; + value = temp_request_item->value; /* we found the host argument */ - if (!strcmp(key, "host")) { - if (value == NULL) { - error = TRUE; - break; - } + if (!strcmp(key, "host") && value != NULL) { if ((host_name = (char *)strdup(value)) == NULL) host_name = "all"; @@ -340,160 +329,174 @@ int process_cgivars(void) { show_all_hosts = TRUE; else show_all_hosts = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the image creation option */ else if (!strcmp(key, "createimage")) { content_type = IMAGE_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the embed option */ - else if (!strcmp(key, "embedded")) + else if (!strcmp(key, "embedded")) { embedded = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the noheader option */ - else if (!strcmp(key, "noheader")) + else if (!strcmp(key, "noheader")) { display_header = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the canvas origin */ - else if (!strcmp(key, "canvas_x")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "canvas_x") && value != NULL) { + canvas_x = atoi(value); user_supplied_canvas = TRUE; - } else if (!strcmp(key, "canvas_y")) { - if (value == NULL) { - error = TRUE; - break; - } + + temp_request_item->is_valid = TRUE; + + } else if (!strcmp(key, "canvas_y") && value != NULL) { + canvas_y = atoi(value); user_supplied_canvas = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the canvas size */ - else if (!strcmp(key, "canvas_width")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "canvas_width") && value != NULL) { + canvas_width = atoi(value); user_supplied_canvas = TRUE; - } else if (!strcmp(key, "canvas_height")) { - if (value == NULL) { - error = TRUE; - break; - } + + temp_request_item->is_valid = TRUE; + + } else if (!strcmp(key, "canvas_height") && value != NULL) { + canvas_height = atoi(value); user_supplied_canvas = TRUE; - } else if (!strcmp(key, "proximity_width")) { - if (value == NULL) { - error = TRUE; - break; - } + + temp_request_item->is_valid = TRUE; + + } else if (!strcmp(key, "proximity_width") && value != NULL) { + proximity_width = atoi(value); if (proximity_width < 0) proximity_width = DEFAULT_PROXIMITY_WIDTH; - } else if (!strcmp(key, "proximity_height")) { - if (value == NULL) { - error = TRUE; - break; - } + + temp_request_item->is_valid = TRUE; + } else if (!strcmp(key, "proximity_height") && value != NULL) { + proximity_height = atoi(value); if (proximity_height < 0) proximity_height = DEFAULT_PROXIMITY_HEIGHT; + + temp_request_item->is_valid = TRUE; } /* we found the scaling factor */ - else if (!strcmp(key, "scaling_factor")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "scaling_factor") && value != NULL) { + user_scaling_factor = strtod(value, NULL); if (user_scaling_factor > 0.0) user_supplied_scaling = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the max image size */ - else if (!strcmp(key, "max_width")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "max_width") && value != NULL) { + max_image_width = atoi(value); - } else if (!strcmp(key, "max_height")) { - if (value == NULL) { - error = TRUE; - break; - } + + temp_request_item->is_valid = TRUE; + + } else if (!strcmp(key, "max_height") && value != NULL) { + max_image_height = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the layout method option */ - else if (!strcmp(key, "layout")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "layout") && value != NULL) { + layout_method = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the no links argument*/ - else if (!strcmp(key, "nolinks")) + else if (!strcmp(key, "nolinks")) { use_links = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the no text argument*/ - else if (!strcmp(key, "notext")) + else if (!strcmp(key, "notext")) { use_text = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the no highlights argument*/ - else if (!strcmp(key, "nohighlights")) + else if (!strcmp(key, "nohighlights")) { use_highlights = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the no popups argument*/ - else if (!strcmp(key, "nopopups")) + else if (!strcmp(key, "nopopups")) { display_popups = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the layer inclusion/exclusion argument */ - else if (!strcmp(key, "layermode")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "layermode") && value != NULL) { if (!strcmp(value, "include")) exclude_layers = FALSE; else exclude_layers = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the layer argument */ - else if (!strcmp(key, "layer")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "layer") && value != NULL) { strip_html_brackets(value); add_layer(value); + + temp_request_item->is_valid = TRUE; } /* we found the pause option */ - else if (!strcmp(key, "paused")) + else if (!strcmp(key, "paused")) { refresh = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nodaemoncheck option */ - else if (!strcmp(key, "nodaemoncheck")) + else if (!strcmp(key, "nodaemoncheck")) { daemon_check = FALSE; - + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } } - /* free memory allocated to the CGI variables */ - free_cgivars(variables); - - return error; + return; } diff --git a/cgi/summary.c b/cgi/summary.c index 0466a0e..2001923 100644 --- a/cgi/summary.c +++ b/cgi/summary.c @@ -110,13 +110,15 @@ void display_recent_alerts(void); void display_top_alerts(void); void display_alerts(void); -int process_cgivars(void); +void process_cgivars(void); archived_event *event_list = NULL; alert_producer *producer_list = NULL; authdata current_authdata; +html_request *html_request_list = NULL; /**< contains html requested data */ + time_t t1; time_t t2; @@ -609,6 +611,7 @@ int main(int argc, char **argv) { document_footer(CGI_ID); /* free all other allocated memory */ + free_html_request(html_request_list); free_memory(); free_event_list(); free_producer_list(); @@ -616,61 +619,40 @@ int main(int argc, char **argv) { return OK; } -int process_cgivars(void) { - char **variables; +void process_cgivars(void) { char *key = NULL; char *value = NULL; - int error = FALSE; - int x; + html_request *temp_request_item = NULL; - variables = getcgivars(); + html_request_list = getcgivars(); - for (x = 0; variables[x] != NULL; x+=2) { - key = variables[x]; - value = variables[x+1]; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { - /* do some basic length checking on the variable identifier to prevent buffer overflows */ - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } - /* likewise, check the value if it exists */ - if (value != NULL) - if (strlen(value) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } + key = temp_request_item->option; + value = temp_request_item->value; /* we found first time argument */ - if (!strcmp(key, "t1")) { - if (value == NULL) { - error = TRUE; - break; - } + if (!strcmp(key, "t1") && value != NULL) { t1 = (time_t)strtoul(value, NULL, 10); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found first time argument */ - else if (!strcmp(key, "t2")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "t2") && value != NULL) { t2 = (time_t)strtoul(value, NULL, 10); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the standard timeperiod argument */ - else if (!strcmp(key, "timeperiod")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "timeperiod") && value != NULL) { if (!strcmp(value, "today")) timeperiod_type = TIMEPERIOD_TODAY; @@ -705,38 +687,49 @@ int process_cgivars(void) { convert_timeperiod_to_times(timeperiod_type, &t1, &t2); compute_time_from_parts = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the CSV output option */ else if (!strcmp(key, "csvoutput")) { display_header = FALSE; content_type = CSV_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the JSON output option */ else if (!strcmp(key, "jsonoutput")) { display_header = FALSE; content_type = JSON_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the embed option */ - else if (!strcmp(key, "embedded")) + else if (!strcmp(key, "embedded")) { embedded = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the noheader option */ - else if (!strcmp(key, "noheader")) + else if (!strcmp(key, "noheader")) { display_header = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nodaemoncheck option */ - else if (!strcmp(key, "nodaemoncheck")) + else if (!strcmp(key, "nodaemoncheck")) { daemon_check = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found time argument */ - else if (!strcmp(key, "smon")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "smon") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -744,14 +737,12 @@ int process_cgivars(void) { start_month = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "sday")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "sday") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -759,14 +750,12 @@ int process_cgivars(void) { start_day = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "syear")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "syear") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -774,14 +763,12 @@ int process_cgivars(void) { start_year = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "smin")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "smin") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -789,14 +776,12 @@ int process_cgivars(void) { start_minute = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "ssec")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "ssec") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -804,14 +789,12 @@ int process_cgivars(void) { start_second = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "shour")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "shour") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -819,15 +802,13 @@ int process_cgivars(void) { start_hour = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "emon")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "emon") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -835,14 +816,12 @@ int process_cgivars(void) { end_month = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "eday")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "eday") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -850,14 +829,12 @@ int process_cgivars(void) { end_day = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "eyear")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "eyear") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -865,14 +842,12 @@ int process_cgivars(void) { end_year = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "emin")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "emin") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -880,14 +855,12 @@ int process_cgivars(void) { end_minute = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "esec")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "esec") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -895,14 +868,12 @@ int process_cgivars(void) { end_second = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "ehour")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "ehour") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -910,95 +881,77 @@ int process_cgivars(void) { end_hour = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the item limit argument */ - else if (!strcmp(key, "limit")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "limit") && value != NULL) { item_limit = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the state types argument */ - else if (!strcmp(key, "statetypes")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "statetypes") && value != NULL) { state_types = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the alert types argument */ - else if (!strcmp(key, "alerttypes")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "alerttypes") && value != NULL) { alert_types = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the host states argument */ - else if (!strcmp(key, "hoststates")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "hoststates") && value != NULL) { host_states = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the service states argument */ - else if (!strcmp(key, "servicestates")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "servicestates") && value != NULL) { service_states = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the generate report argument */ - else if (!strcmp(key, "report")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "report") && value != NULL) { generate_report = (atoi(value) > 0) ? TRUE : FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the display type argument */ - else if (!strcmp(key, "displaytype")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "displaytype") && value != NULL) { display_type = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the standard report argument */ - else if (!strcmp(key, "standardreport")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "standardreport") && value != NULL) { standard_report = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the hostgroup argument */ - else if (!strcmp(key, "hostgroup")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "hostgroup") && value != NULL) { if ((target_hostgroup_name = (char *)strdup(value)) == NULL) target_hostgroup_name = ""; @@ -1010,14 +963,12 @@ int process_cgivars(void) { show_all_hostgroups = FALSE; target_hostgroup = find_hostgroup(target_hostgroup_name); } + + temp_request_item->is_valid = TRUE; } /* we found the servicegroup argument */ - else if (!strcmp(key, "servicegroup")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "servicegroup") && value != NULL) { if ((target_servicegroup_name = (char *)strdup(value)) == NULL) target_servicegroup_name = ""; @@ -1029,14 +980,12 @@ int process_cgivars(void) { show_all_servicegroups = FALSE; target_servicegroup = find_servicegroup(target_servicegroup_name); } + + temp_request_item->is_valid = TRUE; } /* we found the host argument */ - else if (!strcmp(key, "host")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "host") && value != NULL) { if ((target_host_name = (char *)strdup(value)) == NULL) target_host_name = ""; @@ -1048,13 +997,12 @@ int process_cgivars(void) { show_all_hosts = FALSE; target_host = find_host(target_host_name); } + + temp_request_item->is_valid = TRUE; } } - /* free memory allocated to the CGI variables */ - free_cgivars(variables); - - return error; + return; } /* reads log files for archived event data */ diff --git a/cgi/tac.c b/cgi/tac.c index b42b882..0548f6e 100644 --- a/cgi/tac.c +++ b/cgi/tac.c @@ -97,6 +97,9 @@ typedef struct hostoutage_struct { hostoutage *hostoutage_list = NULL; /**< list of all host outage elements */ authdata current_authdata; /**< struct to hold current authentication data */ + +html_request *html_request_list = NULL; /**< contains html requested data */ + int CGI_ID = TAC_CGI_ID; /**< ID to identify the cgi for functions in cgiutils.c */ /** @name outages counters @@ -345,13 +348,10 @@ int services_critical_disabled_unacknowledged_host_down = 0; /** @brief Parses the requested GET/POST variables - * @retval TRUE - * @retval FALSE - * @return wether parsing was successful or not * * @n This function parses the request and set's the necessary variables **/ -int process_cgivars(void); +void process_cgivars(void); /** @brief fills all the counters @@ -432,6 +432,7 @@ int main(void) { if (result == ERROR) { document_header(CGI_ID, FALSE, "Error"); print_error(get_cgi_config_location(), ERROR_CGI_CFG_FILE, tac_header); + free_html_request(html_request_list); document_footer(CGI_ID); return ERROR; } @@ -446,6 +447,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(main_config_file, ERROR_CGI_MAIN_CFG, tac_header); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -459,6 +461,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_OBJECT_DATA, tac_header); document_footer(CGI_ID); + free_html_request(html_request_list); return ERROR; } @@ -472,6 +475,7 @@ int main(void) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_STATUS_DATA, tac_header); document_footer(CGI_ID); + free_html_request(html_request_list); free_memory(); return ERROR; } @@ -540,6 +544,7 @@ int main(void) { free_hostoutage_list(); /* free allocated memory */ + free_html_request(html_request_list); free_memory(); #ifdef DEBUG @@ -557,69 +562,61 @@ int main(void) { return OK; } -int process_cgivars(void) { - char **variables; +void process_cgivars(void) { char *key = NULL; - char *value = NULL; - int error = FALSE; - int x; - - variables = getcgivars(); - - for (x = 0; variables[x] != NULL; x+=2) { - key = variables[x]; - value = variables[x+1]; - - /* do some basic length checking on the variable identifier to prevent buffer overflows */ - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } - /* likewise, check the value if it exists */ - if (value != NULL) { - if (strlen(value) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } - } + html_request *temp_request_item = NULL; + html_request_list = getcgivars(); + + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { + + key = temp_request_item->option; /* we found the embed option */ - if (!strcmp(key, "embedded")) + if (!strcmp(key, "embedded")) { embedded = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the noheader option */ - else if (!strcmp(key, "noheader")) + else if (!strcmp(key, "noheader")) { display_header = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the pause option */ - else if (!strcmp(key, "paused")) + else if (!strcmp(key, "paused")) { refresh = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the nodaemoncheck option */ - else if (!strcmp(key, "nodaemoncheck")) + else if (!strcmp(key, "nodaemoncheck")) { daemon_check = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the tac_header option */ - else if (!strcmp(key, "tac_header")) + else if (!strcmp(key, "tac_header")) { tac_header = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } /* we found the JSON output option */ else if (!strcmp(key, "jsonoutput")) { display_header = FALSE; content_type = JSON_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } - - /* we received an invalid argument */ - else - error = TRUE; - } - /* free memory allocated to the CGI variables */ - free_cgivars(variables); - - return error; + return; } void analyze_status_data(void) { diff --git a/cgi/trends.c b/cgi/trends.c index 72c46dd..b33b435 100644 --- a/cgi/trends.c +++ b/cgi/trends.c @@ -86,6 +86,8 @@ extern skiplist *object_skiplists[NUM_OBJECT_SKIPLISTS]; authdata current_authdata; +html_request *html_request_list = NULL; /**< contains html requested data */ + typedef struct archived_state_struct { time_t time_stamp; int entry_type; @@ -151,7 +153,7 @@ void scan_log_file_for_archived_state_data_old(char *); void compute_report_times(void); void get_time_breakdown_string(unsigned long, unsigned long, char *, char *buffer, int); -int process_cgivars(void); +void process_cgivars(void); gdImagePtr trends_image = 0; int color_white = 0; @@ -305,6 +307,7 @@ int main(int argc, char **argv) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_OBJECT_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); } return ERROR; } @@ -316,6 +319,7 @@ int main(int argc, char **argv) { document_header(CGI_ID, FALSE, "Error"); print_error(NULL, ERROR_CGI_STATUS_DATA, FALSE); document_footer(CGI_ID); + free_html_request(html_request_list); } return ERROR; } @@ -617,6 +621,7 @@ int main(int argc, char **argv) { document_footer(CGI_ID); free_memory(); + free_html_request(html_request_list); return ERROR; } #endif @@ -626,6 +631,7 @@ int main(int argc, char **argv) { document_footer(CGI_ID); free_memory(); + free_html_request(html_request_list); return ERROR; } @@ -1101,220 +1107,183 @@ int main(int argc, char **argv) { free_archived_state_list(); /* free all other allocated memory */ + free_html_request(html_request_list); free_memory(); return OK; } -int process_cgivars(void) { - char **variables; +void process_cgivars(void) { char *key = NULL; char *value = NULL; char *temp_buffer = NULL; - int error = FALSE; - int x; + html_request *temp_request_item = NULL; - variables = getcgivars(); + html_request_list = getcgivars(); - for (x = 0; variables[x] != NULL; x+=2) { - key = variables[x]; - value = variables[x+1]; + for (temp_request_item = html_request_list; temp_request_item != NULL; temp_request_item = temp_request_item->next) { - /* do some basic length checking on the variable identifier to prevent buffer overflows */ - if (strlen(key) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } - /* likewise check the value if it exists */ - if (value != NULL) - if (strlen(value) >= MAX_INPUT_BUFFER - 1) { - error = TRUE; - break; - } + key = temp_request_item->option; + value = temp_request_item->value; /* we found the host argument */ - if (!strcmp(key, "host")) { - if (value == NULL) { - error = TRUE; - break; - } + if (!strcmp(key, "host") && value != NULL) { if ((host_name = (char *)strdup(value)) == NULL) host_name = ""; strip_html_brackets(host_name); display_type = DISPLAY_HOST_TRENDS; + + temp_request_item->is_valid = TRUE; } /* we found the node width argument */ - else if (!strcmp(key, "service")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "service") && value != NULL) { if ((service_desc = (char *)strdup(value)) == NULL) service_desc = ""; strip_html_brackets(service_desc); display_type = DISPLAY_SERVICE_TRENDS; + + temp_request_item->is_valid = TRUE; } /* we found a combined host/service */ - else if (!strcmp(key, "hostservice")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "hostservice") && value != NULL) { temp_buffer = strtok(value, "^"); - if ((host_name = (char *)strdup(temp_buffer)) == NULL) - host_name = ""; - else + if ((host_name = (char *)strdup(temp_buffer)) == NULL) { + continue; + } else { strip_html_brackets(host_name); + } temp_buffer = strtok(NULL, ""); - if ((service_desc = (char *)strdup(temp_buffer)) == NULL) - service_desc = ""; - else + if ((service_desc = (char *)strdup(temp_buffer)) == NULL) { + my_free(host_name); + continue; + } else { strip_html_brackets(service_desc); + } display_type = DISPLAY_SERVICE_TRENDS; + + temp_request_item->is_valid = TRUE; } /* we found first time argument */ - else if (!strcmp(key, "t1")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "t1") && value != NULL) { t1 = (time_t)strtoul(value, NULL, 10); timeperiod_type = TIMEPERIOD_CUSTOM; + + temp_request_item->is_valid = TRUE; } /* we found first time argument */ - else if (!strcmp(key, "t2")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "t2") && value != NULL) { t2 = (time_t)strtoul(value, NULL, 10); timeperiod_type = TIMEPERIOD_CUSTOM; + + temp_request_item->is_valid = TRUE; } /* we found the image creation option */ else if (!strcmp(key, "createimage")) { content_type = IMAGE_CONTENT; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the assume initial states option */ - else if (!strcmp(key, "assumeinitialstates")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "assumeinitialstates") && value != NULL) { if (!strcmp(value, "yes")) assume_initial_states = TRUE; else assume_initial_states = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the initial assumed host state option */ - else if (!strcmp(key, "initialassumedhoststate")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "initialassumedhoststate") && value != NULL) { initial_assumed_host_state = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the initial assumed service state option */ - else if (!strcmp(key, "initialassumedservicestate")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "initialassumedservicestate") && value != NULL) { initial_assumed_service_state = atoi(value); + + temp_request_item->is_valid = TRUE; } /* we found the assume state during program not running option */ - else if (!strcmp(key, "assumestatesduringnotrunning")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "assumestatesduringnotrunning") && value != NULL) { if (!strcmp(value, "yes")) assume_states_during_notrunning = TRUE; else assume_states_during_notrunning = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the assume state retention option */ - else if (!strcmp(key, "assumestateretention")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "assumestateretention") && value != NULL) { if (!strcmp(value, "yes")) assume_state_retention = TRUE; else assume_state_retention = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the include soft states option */ - else if (!strcmp(key, "includesoftstates")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "includesoftstates") && value != NULL) { if (!strcmp(value, "yes")) include_soft_states = TRUE; else include_soft_states = FALSE; + + temp_request_item->is_valid = TRUE; } /* we found the zoom factor argument */ - else if (!strcmp(key, "zoom")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "zoom") && value != NULL) { zoom_factor = atoi(value); if (zoom_factor == 0) zoom_factor = 1; + + temp_request_item->is_valid = TRUE; } /* we found the backtrack archives argument */ - else if (!strcmp(key, "backtrack")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "backtrack") && value != NULL) { backtrack_archives = atoi(value); if (backtrack_archives < 0) backtrack_archives = 0; if (backtrack_archives > MAX_ARCHIVE_BACKTRACKS) backtrack_archives = MAX_ARCHIVE_BACKTRACKS; + + temp_request_item->is_valid = TRUE; } /* we found the standard timeperiod argument */ - else if (!strcmp(key, "timeperiod")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "timeperiod") && value != NULL) { if (!strcmp(value, "today")) timeperiod_type = TIMEPERIOD_TODAY; @@ -1350,14 +1319,12 @@ int process_cgivars(void) { continue; convert_timeperiod_to_times(timeperiod_type, &t1, &t2); + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "smon")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "smon") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1365,14 +1332,12 @@ int process_cgivars(void) { start_month = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "sday")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "sday") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1380,14 +1345,12 @@ int process_cgivars(void) { start_day = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "syear")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "syear") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1395,14 +1358,12 @@ int process_cgivars(void) { start_year = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "smin")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "smin") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1410,14 +1371,12 @@ int process_cgivars(void) { start_minute = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "ssec")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "ssec") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1425,14 +1384,12 @@ int process_cgivars(void) { start_second = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "shour")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "shour") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1440,15 +1397,13 @@ int process_cgivars(void) { start_hour = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "emon")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "emon") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1456,14 +1411,12 @@ int process_cgivars(void) { end_month = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "eday")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "eday") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1471,14 +1424,12 @@ int process_cgivars(void) { end_day = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "eyear")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "eyear") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1486,14 +1437,12 @@ int process_cgivars(void) { end_year = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "emin")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "emin") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1501,14 +1450,12 @@ int process_cgivars(void) { end_minute = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "esec")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "esec") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1516,14 +1463,12 @@ int process_cgivars(void) { end_second = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found time argument */ - else if (!strcmp(key, "ehour")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "ehour") && value != NULL) { if (timeperiod_type != TIMEPERIOD_CUSTOM) continue; @@ -1531,32 +1476,45 @@ int process_cgivars(void) { end_hour = atoi(value); timeperiod_type = TIMEPERIOD_CUSTOM; compute_time_from_parts = TRUE; + + temp_request_item->is_valid = TRUE; } /* we found the embed option */ - else if (!strcmp(key, "embedded")) + else if (!strcmp(key, "embedded")) { embedded = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } + /* we found the noheader option */ - else if (!strcmp(key, "noheader")) + else if (!strcmp(key, "noheader")) { display_header = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } + /* we found the nopopups option */ - else if (!strcmp(key, "nopopups")) + else if (!strcmp(key, "nopopups")) { display_popups = FALSE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } + /* we found the nomap option */ else if (!strcmp(key, "nomap")) { display_popups = FALSE; use_map = FALSE; + + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); } /* we found the input option */ - else if (!strcmp(key, "input")) { - if (value == NULL) { - error = TRUE; - break; - } + else if (!strcmp(key, "input") && value != NULL) { if (!strcmp(value, "gethost")) input_type = GET_INPUT_HOST_TARGET; @@ -1566,25 +1524,36 @@ int process_cgivars(void) { input_type = GET_INPUT_OPTIONS; else input_type = GET_INPUT_TARGET_TYPE; + + temp_request_item->is_valid = TRUE; } /* we found the small image option */ - else if (!strcmp(key, "smallimage")) + else if (!strcmp(key, "smallimage")) { small_image = TRUE; + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } + /* we found the nodaemoncheck option */ - else if (!strcmp(key, "nodaemoncheck")) + else if (!strcmp(key, "nodaemoncheck")) { daemon_check = FALSE; - else if (!strcmp(key, "ignorerestart")) + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } + + else if (!strcmp(key, "ignorerestart")) { ignore_daemon_restart = TRUE; - } + temp_request_item->is_valid = TRUE; + my_free(temp_request_item->value); + } - /* free memory allocated to the CGI variables */ - free_cgivars(variables); + } - return error; + return; } diff --git a/include/getcgi.h b/include/getcgi.h index 1ad214c..0c7db93 100644 --- a/include/getcgi.h +++ b/include/getcgi.h @@ -22,12 +22,25 @@ * *****************************************************************************/ +#include "../include/cgiutils.h" + #ifdef __cplusplus extern "C" { #endif -char **getcgivars(void); -void free_cgivars(char **); +/** @brief html request struct + * + * structure to hold html reqest data to prevent XSS attacks +**/ +typedef struct html_request_struct { + char *option; /**< pointer to option string */ + char *value; /**< pointer to value string */ + int is_valid; /**< bool to mark if this request is valid */ + struct html_request_struct *next; /**< next html_request entry */ +} html_request; + +html_request *getcgivars(void); +void free_html_request(html_request *); void unescape_cgi_input(char *); void sanitize_cgi_input(char **); unsigned char hex_to_char(char *);