Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Downtime::AddDowntime(): NULL-check pointer before deref not to crash #10049

Merged
merged 4 commits into from
May 6, 2024
Merged

Downtime::AddDowntime(): NULL-check pointer before deref not to crash #10049

merged 4 commits into from
May 6, 2024

Conversation

Al2Klimov
Copy link
Member

@Al2Klimov Al2Klimov commented Apr 23, 2024
edited
Loading

The method already checks whether triggeredBy is empty before GetByName(triggeredBy). But a non-empty string doesn't necessarily name an existing Downtime. I.e. the pointer from GetByName(triggeredBy) must be NULL-checked.

ref/IP/46868

(gdb) frame 7
#7  icinga::Downtime::AddDowntime (checkable=..., author=..., comment=...,
    startTime=1713696054, endTime=1713699654, fixed=<optimized out>,
    triggeredBy=..., duration=3600, scheduledDowntime=..., scheduledBy=...,
    parent=..., id=..., origin=...)
    at /usr/src/debug/icinga2-2.14.0-1.el8.x86_64/lib/icinga/downtime.cpp:331
331			Array::Ptr triggers = parentDowntime->GetTriggers();
(gdb) p parentDowntime
$1 = {px = 0x0}
(gdb)

CC @tbauriedel

Edit

Btw. complain on such bad input via API.

@Al2Klimov Al2Klimov added bug Something isn't working area/api REST API core/crash Shouldn't happen, requires attention ref/IP consider backporting Should be considered for inclusion in a bugfix release labels Apr 23, 2024
@cla-bot cla-bot bot added the cla/signed label Apr 23, 2024
@tbauriedel
Copy link
Member

ref/NC/789598

@Al2Klimov
[Refactor] l_LegacyDowntimesCache: store Downtime objects, not just t…
28b0f7a 
…heir names

to avoid names of vanished objects.
@Al2Klimov
Copy link
Member Author 

> POST /v1/actions/schedule-downtime HTTP/1.1
> Host: 127.0.0.1:5665
> Authorization: Basic cm9vdDoxMjM0NTY=
> User-Agent: curl/8.4.0
> Accept: application/json
> Content-Length: 147
> Content-Type: application/x-www-form-urlencoded
>
< HTTP/1.1 404 Not Found
< Server: Icinga/v2.14.0-158-g5ba652af9
< Content-Type: application/json
< Content-Length: 937
<
* Connection #0 to host 127.0.0.1 left intact
{"results":[{"code":404,"status":"Won't schedule downtime with non-existent trigger downtime."},{"code":404,"status":"Won't schedule downtime with non-existent trigger downtime."},{"code":404,"status":"Won't schedule downtime with non-existent trigger downtime."},{"code":404,"status":"Won't schedule downtime with non-existent trigger downtime."},{"code":404,"status":"Won't schedule downtime with non-existent trigger downtime."},{"code":404,"status":"Won't schedule downtime with non-existent trigger downtime."},{"code":404,"status":"Won't schedule downtime with non-existent trigger downtime."},{"code":404,"status":"Won't schedule downtime with non-existent trigger downtime."},{"code":404,"status":"Won't schedule downtime with non-existent trigger downtime."},{"code":404,"status":"Won't schedule downtime with non-existent trigger downtime."},{"code":404,"status":"Won't schedule downtime with non-existent trigger downtime."}]}

👍

julianbrost
julianbrost requested changes Apr 25, 2024
View reviewed changes
lib/icinga/apiactions.cpp Outdated Show resolved Hide resolved
lib/icinga/downtime.cpp Show resolved Hide resolved
lib/icinga/downtime.cpp Show resolved Hide resolved
@Al2Klimov
[Refactor] Downtime::GetDowntimeIDFromLegacyID(): return the Downtime…
f0b5239 
… itself

not just its name.
@Al2Klimov
/v1/actions/schedule-downtime: reject request on invalid trigger_name
c0f87dd 
For this purpose lookup the specified Downtime. Also pass Downtime objects,
not just names, to Downtime::AddDowntime() not to lookup it twice.
@Al2Klimov
l_LegacyDowntimesCache: delete removed objects not to leak memory
5f80ac1
@Al2Klimov Al2Klimov added this to the 2.15.0 milestone Apr 25, 2024
@Al2Klimov Al2Klimov merged commit 8c2eb3c into master May 6, 2024
26 checks passed
@Al2Klimov Al2Klimov deleted the AddDowntime-trigger_name branch May 6, 2024 08:26
This was referenced Aug 21, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@julianbrost julianbrost julianbrost approved these changes

Assignees
No one assigned
Labels
area/api REST API bug Something isn't working cla/signed consider backporting Should be considered for inclusion in a bugfix release core/crash Shouldn't happen, requires attention ref/IP
Projects
None yet
Milestone
2.15.0
Development

Successfully merging this pull request may close these issues.
3 participants
@Al2Klimov @tbauriedel @julianbrost