tyler.durden
/
centreon-plugins
mirror of https://github.com/centreon/centreon-plugins.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

use safe for most eval (#2686)

This commit is contained in:
qgarnier 2021-03-29 16:17:44 +02:00 committed by GitHub
parent 6daaafd7a8
commit 7e675441c3
2 changed files with 30 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
centreon-plugins/apps/protocols/snmp/mode/collection.pm
View File

@ -26,6 +26,7 @@ use strict;
use warnings; use warnings;
use JSON::XS; use JSON::XS;
use centreon::plugins::statefile; use centreon::plugins::statefile;
use Safe;
sub custom_select_threshold { sub custom_select_threshold {
my ($self, %options) = @_; my ($self, %options) = @_;
@ -37,15 +38,19 @@ sub custom_select_threshold {
local $SIG{__DIE__} = sub { $message = $_[0]; }; local $SIG{__DIE__} = sub { $message = $_[0]; };
if (defined($self->{result_values}->{config}->{critical}) && $self->{result_values}->{config}->{critical} && if (defined($self->{result_values}->{config}->{critical}) && $self->{result_values}->{config}->{critical} &&
eval "$self->{result_values}->{config}->{critical}") { $self->{instance_mode}->{safe}->reval($self->{result_values}->{config}->{critical})) {
$status = 'critical'; $status = 'critical';
} elsif (defined($self->{result_values}->{config}->{warning}) && $self->{result_values}->{config}->{warning} ne '' && } elsif (defined($self->{result_values}->{config}->{warning}) && $self->{result_values}->{config}->{warning} ne '' &&
eval "$self->{result_values}->{config}->{warning}") { $self->{instance_mode}->{safe}->reval($self->{result_values}->{config}->{warning})) {
$status = 'warning'; $status = 'warning';
} elsif (defined($self->{result_values}->{config}->{unknown}) && $self->{result_values}->{config}->{unknown} && } elsif (defined($self->{result_values}->{config}->{unknown}) && $self->{result_values}->{config}->{unknown} &&
eval "$self->{result_values}->{config}->{unknown}") { $self->{instance_mode}->{safe}->reval($self->{result_values}->{config}->{unknown})) {
$status = 'unknown'; $status = 'unknown';
} }
if ($@) {
$self->{output}->add_option_msg(short_msg => 'Unsafe code evaluation: ' . $@);
$self->{output}->option_exit();
}
}; };
if (defined($message)) { if (defined($message)) {
$self->{output}->output_add(long_msg => 'filter status issue: ' . $message); $self->{output}->output_add(long_msg => 'filter status issue: ' . $message);
@ -124,6 +129,7 @@ sub new {
'filter-selection:s%' => { name => 'filter_selection' }, 'filter-selection:s%' => { name => 'filter_selection' },
}); });
$self->{safe} = Safe->new();
$self->{snmp_cache} = centreon::plugins::statefile->new(%options); $self->{snmp_cache} = centreon::plugins::statefile->new(%options);
return $self; return $self;
} }
@ -737,7 +743,12 @@ sub check_filter {
return 0 if (!defined($options{filter}) || $options{filter} eq ''); return 0 if (!defined($options{filter}) || $options{filter} eq '');
$options{filter} =~ s/%\(([a-z-A-Z0-9\.]+?)\)/\$self->{expand}->{'$1'}/g; $options{filter} =~ s/%\(([a-z-A-Z0-9\.]+?)\)/\$self->{expand}->{'$1'}/g;
return 0 if (eval "$options{filter}"); my $result = $self->{safe}->reval("$options{filter}");
if ($@) {
$self->{output}->add_option_msg(short_msg => 'Unsafe code evaluation: ' . $@);
$self->{output}->option_exit();
}
return 0 if ($result);
return 1; return 1;
} }

16
centreon-plugins/centreon/plugins/templates/counter.pm
View File

@ -753,9 +753,23 @@ sub compat_threshold_counter {
sub change_macros { sub change_macros {
my ($self, %options) = @_; my ($self, %options) = @_;
my ($code) = centreon::plugins::misc::mymodule_load(
output => $self->{output}, module => 'Safe',
no_quit => 1
);
my $safe;
$safe = Safe->new() if ($code == 0);
foreach (@{$options{macros}}) { foreach (@{$options{macros}}) {
if (defined($self->{option_results}->{$_})) { if (defined($self->{option_results}->{$_}) && $self->{option_results}->{$_} ne '') {
$self->{option_results}->{$_} =~ s/%\{(.*?)\}/\$self->{result_values}->{$1}/g; $self->{option_results}->{$_} =~ s/%\{(.*?)\}/\$self->{result_values}->{$1}/g;
if ($code == 0) {
my $result = $safe->reval($self->{option_results}->{$_});
if ($@) {
$self->{output}->add_option_msg(short_msg => 'Unsafe code evaluation: ' . $@);
$self->{output}->option_exit();
}
}
} }
} }
} }