Sebastien GODARD [Sat, 15 Aug 2015 12:39:21 +0000 (14:39 +0200)]
Check /proc/net/snmp format for ICMP statistics
"InCsumErrors" field was added following "InErrors" in the ICMP line of
statistics. So we may have two different formats to deal with: The old
one, where "InCsumErrors" doesn't exist, and the new one including
"InCsumErrors" field.
This patch adds a check to know which format it is and read the various
statistics at their right position.
The program could exit without freeing variable buffer. Yet this
variable could have been allocated on a previous iteration in the loop.
So free it before leaving.
There is a race condition in sysstat that
sometimes causes it to record events that
happen at 23:59:59 as if they actually happened at 00:00:00 and
they end up in the report for the wrong day.
This change prevents isag from choking on the bug.
cifsiostat: Fix possible integer overflowed argument
In io_sys_init(): cifs_nr is used as argument to calloc() function
though it may have a negative value (adding NR_CIFS_PREALLOC constant
may make it overflow). So test the value before using it.
Sebastien GODARD [Fri, 22 May 2015 19:26:54 +0000 (21:26 +0200)]
sa_conv.c: Fix untrusted loop bound
Variable file_hdr.sa_act_nr was used to allocate memory and as
a loop boundary in upgrade_header_section() function.
Its value is read from an untrusted source, so check its value before
using it.
Sebastien GODARD [Fri, 22 May 2015 19:06:09 +0000 (21:06 +0200)]
sa_common.c: Fix untrusted values used as arguments
In check_file_actlst() function: file_magic->header_size and
file_hdr->sa_act_nr values were used as arguments to allocate memory via
SREALLOC although they hadn't been tested before.
The argument could be controlled by an attacker, who could invoke the
function with arbitrary values (for example, a very high or negative
buffer size).
In open_ofile() function: the file's existence was checked (using the
access() syscall) before being opened if present. An attacker could
change the filename's file association or other attributes between the
check and use.
Sebastien GODARD [Mon, 11 May 2015 06:28:19 +0000 (08:28 +0200)]
Fix untrusted loop bound in sar.c
Variable file_hdr.sa_act_nr was used as a loop boundary in
read_header_data() function. Its value is read from data sent by the
data collector (sadc). Check its value before using it.
Peter Schiffer [Tue, 5 May 2015 13:33:55 +0000 (15:33 +0200)]
Check value of variable "major" read from file
Variables "major" and "indirect" cannot be bigger than "MAX_BLKDEV" because they
are used as array index in "ioconf" and "ioc_refnr" arrays with size "MAX_BLKDEV
+ 1"
Update/improve functions used to count number of FC hosts:
1) Move code used to count hosts from sa_wrap.c to its normal location
(count.c).
2) Preallocate FC host structures to take into account a possibly
dynamically registerd host. No structures are allocated only if
/sys/class/fc_host directory is not found.
Various fixes in function used to display FC/HBA statistics:
1) Only one function is necessary to display FC/HBA statistics. So
remove print_avg_fchost_stats() function.
2) At the end of the report, display average statistics per host, not a
summary.
3) Update column width used to display statistics (10 characters wide)
to be consistent with other activities display.
4) Move FCHOST column to the right because the host name length may be
greater than 10 characters.
5) Fix timestamp displayed with header line.
6) Remove extra carriage return at the end of display.
By default sa2 now generates summary for YESTERDAY
This can be overriden by setting YESTERDAY=no in the configuration.
The compile time option was removed to make it clear that this is
controlled in one place, which also led to to logic simplification
and code removal.
This change fixes the following issues:
* Previously summary was being generated at 23:53, which caused up to 7
datapoints lost if sa1 logging was set to 1 or 5 minute intervals.
* To amend the previous problem, some distributions were compiling with
YESTERDAY set as a compile-time option, but shipped the cron jobs
as-is. This caused the additional issue that the report of a day was being
delayed up to 23:53 of the next day.
* Finally there is a subtle race condition that might happen if sadc tries to
write to the file while sar is reading it to generate the summary, which
might cause corrupted sar summaries. This does not occur when reading
yesterday's files, since they are not written any more.
Reimplemented most of the functionality of "sargraph" without any XML
transformations. Tweaked the graphs to be more meaningful and more beautiful,
and enabled optional output to file.
YESTERDAY variable can now be changed in the generic configuration file.
For people logging every 1 min, generating the summary at 23:53 is not good
enough: 7 minutes of data points are lost. What is needed is to generate
the summary early in the next day. In order to generate yesterday's
summary without recompiling you can now add the following line in config:
YESTERDAY="--date=yesterday"
Sebastien GODARD [Mon, 30 Mar 2015 16:42:03 +0000 (18:42 +0200)]
Make JSON output consistent with XML one
Use only header "cpu-load" for both "sar -u" and "sar -u ALL"
statistics (header "cpu-load-all" is removed). This is what is
done in XML output. So do the same here for JSON output.
Sebastien GODARD [Sun, 29 Mar 2015 15:27:31 +0000 (17:27 +0200)]
XML output modified to enable proper validation
XML document header modified so that it can be validated against the XSD
document.
Also always use cpu-load header for CPU activity (cpu-load-all has been
removed).
Sebastien GODARD [Sun, 29 Mar 2015 15:23:30 +0000 (17:23 +0200)]
DTD and XSD documents updated
DTD and XSD documents updated so that XML data, as displayed by sadf -x,
can now be properly validated against them.
Several typos have also been corrected.
Some missing elements or attributes (for memory activity, filesystem
activity) have been added.
projects / sysstat / log