2010-07-08 Ramon Novoa <rnovoa@artica.es>

* lib/PandoraFMS/PluginServer.pm: Quote the command passed to pandora_exec. * bin/pandora_exec: Do not verify the command to allow pipes and complex commands. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@2981 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2010-07-08 15:10:12 +00:00 · 2010-07-08 15:10:12 +00:00 · 207e8625b9
parent f0941042e1
commit 207e8625b9
3 changed files with 12 additions and 11 deletions
--- a/pandora_server/ChangeLog
+++ b/pandora_server/ChangeLog
@ -1,3 +1,11 @@
+2010-07-08  Ramon Novoa  <rnovoa@artica.es>
+
+	* lib/PandoraFMS/PluginServer.pm: Quote the command passed to
+	  pandora_exec.
+
+	* bin/pandora_exec: Do not verify the command to allow pipes and complex
+	  commands.
+
 2010-07-07  Ramon Novoa  <rnovoa@artica.es>

 	* lib/PandoraFMS/Core.pm: Verify that log4x data is available
--- a/pandora_server/bin/pandora_exec
+++ b/pandora_server/bin/pandora_exec
@ -6,7 +6,7 @@
 # execution times out or the command does not exist nothing is printed
 # to stdout. This is part of Pandora FMS Plugin server, do not delete!.
 #
-# Usage: pandora_exec <timeout in seconds> <command> [arguments]
+# Usage: pandora_exec <timeout in seconds> <command>
 ##########################################################################
 # Copyright (c) 2008 Ramon Novoa, rnovoa@gmail.com
 #           (c) 2008 Artica Soluciones Tecnologicas S.L
@ -34,23 +34,16 @@ if ($#ARGV < 1) {

 my @opts = @ARGV;
 my $timeout = shift(@opts);
-my $command = quotemeta(shift(@opts));
-my $arguments = join(' ', @opts);
+my $command = join(' ', @opts);
 my $output = '';
 my $ReturnCode = 0;

-
-# Check that the command exists
-if (system("$command >/dev/null 2>&1") == 32512) {
-	exit 2;
-}
-
 # Execute the command
 eval {
 	local $SIG{ALRM} = sub { die "alarm\n" };
 	alarm $timeout;

-	$output = `$command $arguments`;
+	$output = `$command`;
 	$ReturnCode = ($? >> 8) & 0xff;
 	alarm 0;
 };
--- a/pandora_server/lib/PandoraFMS/PluginServer.pm
+++ b/pandora_server/lib/PandoraFMS/PluginServer.pm
@ -168,7 +168,7 @@ sub data_consumer ($$) {
 	logger ($pa_config, "Executing AM # $module_id plugin command '$command'", 9);

 	# Execute command
-	$command = $pa_config->{'plugin_exec'} . ' ' . $timeout . ' ' . $command;
+	$command = $pa_config->{'plugin_exec'} . ' ' . $timeout . ' ' . quotemeta ($command);

 	my $module_data = `$command`;
 	my $ReturnCode = ($? >> 8) & 0xff;