archive/netdata_netdata
0
0
Fork 0
mirror of https://github.com/netdata/netdata.git synced 2025-04-06 06:25:32 +00:00
Code Issues Projects Releases Wiki Activity

Fix crash in malloc ()

Browse source 
* Server Crashing: URL search path

The system was setting NULL in an address without to have the values

* Server Crashing: URL script

After to fix the SSL, the script were not 100% compatible, so I am bringing the solution here

* Server Crashing:

Fixes reported in the issue related a possible NULL value to be kept and wrong variable

* Server Crashing: Readable code and missing if

It was a missing if yet, so I changed it, no less important I inverted the check order inside if to be more readable
This commit is contained in:
thiagoftsm 2019-08-01 15:05:31 +00:00 committed by Paul Emm. Katsoulakis
parent deb3623fdc
commit 2db6d758f8
2 changed files with 9 additions and 10 deletions
tests/urls
request.sh.in
web/server
web_client.c

10
tests/urls/request.sh.in
View file

@ -212,7 +212,7 @@ netdata_create_directory $OUTEDIR
netdata_create_directory $OUTOPTDIR
netdata_create_directory $ERRDIR
wget --execute="robots = off" --mirror --convert-links --no-parent http://127.0.0.1:19999
wget --no-check-certificate --execute="robots = off" --mirror --convert-links --no-parent $MURL
TEST=$?
if [ $TEST -ne "0" ] ; then
echo "Cannot connect to Netdata"
@ -232,9 +232,9 @@ netdata_download_various_with_options $MURL "api/v1/info" "info"
netdata_download_various $MURL "api/v1/info?this%20could%20not%20be%20here" "err_info"
netdata_print_header "Getting all the netdata charts"
CHARTS=$( netdata_download_charts "http://127.0.0.1:19999" "api/v1/charts" )
WCHARTS=$( netdata_download_charts "http://127.0.0.1:19999" "api/v1/charts?this%20could%20not%20be%20here" )
WCHARTS2=$( netdata_download_charts "http://127.0.0.1:19999" "api/v1/charts%3fthis%20could%20not%20be%20here" )
CHARTS=$( netdata_download_charts "$MURL" "api/v1/charts" )
WCHARTS=$( netdata_download_charts "$MURL" "api/v1/charts?this%20could%20not%20be%20here" )
WCHARTS2=$( netdata_download_charts "$MURL" "api/v1/charts%3fthis%20could%20not%20be%20here" )
if [ ${#CHARTS[@]} -ne ${#WCHARTS[@]} ]; then
echo "The number of charts does not match with division not encoded.";
@ -295,8 +295,6 @@ for I in $CHARTS ; do
break;
done
#http://arch-esxi:19999/api/v1/(*@&$!$%%5E)!$*%&)!$*%%5E*!%5E%!%5E$%!%5E%(!*%5E*%5E%(*@&$%5E%(!%5E#*&!^#$*&!^%)@($%^)!*&^(!*&^#$&#$)!$%^)!$*%&)#$!^#*$^!(*#^#)!%^!)$*%&!(*&$!^#$*&^!*#^$!*^)%(!*&$%)(!&#$!^*#&$^!*^%)!$%)!(&#$!^#*&^$
WHITE='\033[0;37m'
echo -e "${WHITE}ALL the URLS got 200 as answer!"

9
web/server/web_client.c
View file

@ -929,7 +929,6 @@ void web_client_split_path_query(struct web_client *w, char *s) {
w->separator = 0x00;
w->url_path_length = strlen(s);
w->url_search_path = NULL;
}
/**
@ -1035,20 +1034,22 @@ static inline HTTP_VALIDATION http_request_validate(struct web_client *w) {
// a valid complete HTTP request found
*ue = '\0';
//This is to avoid crash in line
w->url_search_path = NULL;
if(w->mode != WEB_CLIENT_MODE_NORMAL) {
if(!url_decode_r(w->decoded_url, encoded_url, NETDATA_WEB_REQUEST_URL_SIZE + 1))
return HTTP_VALIDATION_MALFORMED_URL;
} else {
web_client_split_path_query(w, encoded_url);
if (w->separator) {
if (w->url_search_path && w->separator) {
*w->url_search_path = 0x00;
}
if(!url_decode_r(w->decoded_url, encoded_url, NETDATA_WEB_REQUEST_URL_SIZE + 1))
return HTTP_VALIDATION_MALFORMED_URL;
if (w->separator) {
if (w->url_search_path && w->separator) {
*w->url_search_path = w->separator;
char *from = (encoded_url + w->url_path_length);
@ -1064,7 +1065,7 @@ static inline HTTP_VALIDATION http_request_validate(struct web_client *w) {
// copy the URL - we are going to overwrite parts of it
// TODO -- ideally we we should avoid copying buffers around
strncpyz(w->last_url, w->decoded_url, NETDATA_WEB_REQUEST_URL_SIZE);
if (w->separator) {
if (w->url_search_path && w->separator) {
*w->url_search_path = 0x00;
}
#ifdef ENABLE_HTTPS