Hi,

When receiving a malformed request, sent by Thruk for generating an
availability report based on a custom time period, livestatus broker
module crashes :

    GET log
    Columns: class time type state host_name service_description
plugin_output message contact_name command_name state_type
current_host_groups current_service_groups
    Filter: time >= 0
    Filter: time <= 
    And: 2
    Filter: host_name = shinken
    Filter: type = HOST ALERT
    Filter: options ~ ;HARD;
    Filter: type = INITIAL HOST STATE
    Filter: options ~ ;HARD;
    Filter: type = CURRENT HOST STATE
    Filter: options ~ ;HARD;
    Filter: type = HOST DOWNTIME ALERT
    Or: 7
    And: 2
    Filter: host_name = shinken
    Filter: type = SERVICE ALERT
    Filter: options ~ ;HARD;
    Filter: type = INITIAL SERVICE STATE
    Filter: options ~ ;HARD;
    Filter: type = CURRENT SERVICE STATE
    Filter: options ~ ;HARD;
    Filter: type = SERVICE DOWNTIME ALERT
    Or: 7
    And: 2
    Filter: class = 2
    Or: 3
    OutputFormat: json
    ResponseHeader: fixed16

This request is malformed (the second 'time' filter lacks a value, it
should be the current date & time), and the livestatus module crashes
when calling the int() converter on '' :

    Traceback (most recent call last):
      File "/usr/lib/python2.6/multiprocessing/process.py", line 232, in
_bootstrap
        self.run()
      File "/usr/lib/python2.6/multiprocessing/process.py", line 88, in
run
        self._target(*self._args, **self._kwargs)
      File
"/usr/local/lib/python2.6/dist-packages/Shinken-0.4-py2.6.egg/shinken/modules/livestatus_broker/livestatus_broker.py",
 line 866, in main
        response, keepalive =
self.livestatus.handle_request(open_connections[socketid]['buffer'].rstrip())
      File
"/usr/local/lib/python2.6/dist-packages/Shinken-0.4-py2.6.egg/shinken/modules/livestatus_broker/livestatus.py",
 line 6105, in handle_request
        reference = converter(reference)
    ValueError: invalid literal for int() with base 10: ''


I also spotted that livestatus crashes when received more generally
malformed livestatus requests like :

  toto GET hosts


I attached a little fix to livestatus.py that replace non-specified
value in filters by :
 * current date & time if attribute is 'time'
 * 0 if the attribute should be an integer or a float
 * '' else

This fix adds also a little piece of code to help detect and deal with
malformed requests.


Hope this helps,

Laurent

6051a6052,6055
> 
>         # Did we see the "GET" directive ?
>         _get_directive_seen = False
> 
6054c6058
<             if line.find('GET ') != -1:
---
>             if not _get_directive_seen and line.startswith('GET '):
6057c6061,6062
<             elif line.find('Columns: ') != -1:
---
>                 _get_directive_seen = True
>             elif _get_directive_seen and line.startswith('Columns: '):
6063c6068
<             elif line.find('ResponseHeader:') != -1:
---
>             elif _get_directive_seen and line.startswith('ResponseHeader:'):
6067c6072
<             elif line.find('OutputFormat:') != -1:
---
>             elif _get_directive_seen and line.startswith('OutputFormat:'):
6072c6077
<             elif line.find('KeepAlive:') != -1:
---
>             elif _get_directive_seen and line.startswith('KeepAlive:'):
6075c6080
<             elif line.find('ColumnHeaders:') != -1:
---
>             elif _get_directive_seen and line.startswith('ColumnHeaders:'):
6078c6083
<             elif line.find('Limit:') != -1:
---
>             elif _get_directive_seen and line.startswith('Limit:'):
6081c6086
<             elif line.find('Filter:') != -1:
---
>             elif _get_directive_seen and line.startswith('Filter:'):
6084a6090,6091
>                     # Malformed filter : missing a value after the operator !!
>                     print "Missing value in filter: %s" % line
6098a6106,6112
>                     # try to correct the value in case of malformed filter (no value specified)
>                     if reference == '':
>                         if attribute == 'time':
>                             reference = time.time()
>                         elif converter == int or converter == float :
>                             reference = 0
>                         print "Filter corrected to: %s %s" % (line, reference)
6108c6122
<             elif line.find('And: ', 0, 5) != -1:
---
>             elif _get_directive_seen and line.startswith('And: '):
6114c6128
<             elif line.find('Or: ', 0, 4) != -1:
---
>             elif _get_directive_seen and line.startswith('Or: '):
6120c6134
<             elif line.find('StatsGroupBy: ') != -1:
---
>             elif _get_directive_seen and line.startswith('StatsGroupBy: '):
6127c6141
<             elif line.find('Stats: ') != -1:
---
>             elif _get_directive_seen and line.startswith('Stats: '):
6159c6173
<             elif line.find('StatsAnd: ') != -1:
---
>             elif _get_directive_seen and line.startswith('StatsAnd: '):
6162c6176
<             elif line.find('StatsOr: ') != -1:
---
>             elif _get_directive_seen and line.startswith('StatsOr: '):
6165c6179
<             elif line.find('Separators: ') != -1:
---
>             elif _get_directive_seen and line.startswith('Separators: '):
6168c6182
<             elif line.find('COMMAND') != -1:
---
>             elif _get_directive_seen and line.startswith('COMMAND'):
6174a6189,6193
>         if not _get_directive_seen:
>             # We did not received a valid request
>             print "Malformed request, giving up..."
>             return '\n', keepalive
> 
6232c6251,6252
< 
---
>                 return '\n', keepalive
>                 
6238c6258
<             print "REQUEST", data
---
>             #print "REQUEST", data

------------------------------------------------------------------------------
Gaining the trust of online customers is vital for the success of any company
that requires sensitive data to be transmitted over the Web.   Learn how to 
best implement a security strategy that keeps consumers' information secure 
and instills the confidence they need to proceed with transactions.
http://p.sf.net/sfu/oracle-sfdevnl 
_______________________________________________
Shinken-devel mailing list
Shinken-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shinken-devel

Reply via email to