cifsiostat: Fix possible integer overflowed argument
In io_sys_init(): cifs_nr is used as argument to calloc() function
though it may have a negative value (adding NR_CIFS_PREALLOC constant
may make it overflow). So test the value before using it.
Sebastien GODARD [Fri, 22 May 2015 19:26:54 +0000 (21:26 +0200)]
sa_conv.c: Fix untrusted loop bound
Variable file_hdr.sa_act_nr was used to allocate memory and as
a loop boundary in upgrade_header_section() function.
Its value is read from an untrusted source, so check its value before
using it.
Sebastien GODARD [Fri, 22 May 2015 19:06:09 +0000 (21:06 +0200)]
sa_common.c: Fix untrusted values used as arguments
In check_file_actlst() function: file_magic->header_size and
file_hdr->sa_act_nr values were used as arguments to allocate memory via
SREALLOC although they hadn't been tested before.
The argument could be controlled by an attacker, who could invoke the
function with arbitrary values (for example, a very high or negative
buffer size).
In open_ofile() function: the file's existence was checked (using the
access() syscall) before being opened if present. An attacker could
change the filename's file association or other attributes between the
check and use.
Sebastien GODARD [Mon, 11 May 2015 06:28:19 +0000 (08:28 +0200)]
Fix untrusted loop bound in sar.c
Variable file_hdr.sa_act_nr was used as a loop boundary in
read_header_data() function. Its value is read from data sent by the
data collector (sadc). Check its value before using it.
Peter Schiffer [Tue, 5 May 2015 13:33:55 +0000 (15:33 +0200)]
Check value of variable "major" read from file
Variables "major" and "indirect" cannot be bigger than "MAX_BLKDEV" because they
are used as array index in "ioconf" and "ioc_refnr" arrays with size "MAX_BLKDEV
+ 1"
Update/improve functions used to count number of FC hosts:
1) Move code used to count hosts from sa_wrap.c to its normal location
(count.c).
2) Preallocate FC host structures to take into account a possibly
dynamically registerd host. No structures are allocated only if
/sys/class/fc_host directory is not found.
Various fixes in function used to display FC/HBA statistics:
1) Only one function is necessary to display FC/HBA statistics. So
remove print_avg_fchost_stats() function.
2) At the end of the report, display average statistics per host, not a
summary.
3) Update column width used to display statistics (10 characters wide)
to be consistent with other activities display.
4) Move FCHOST column to the right because the host name length may be
greater than 10 characters.
5) Fix timestamp displayed with header line.
6) Remove extra carriage return at the end of display.
By default sa2 now generates summary for YESTERDAY
This can be overriden by setting YESTERDAY=no in the configuration.
The compile time option was removed to make it clear that this is
controlled in one place, which also led to to logic simplification
and code removal.
This change fixes the following issues:
* Previously summary was being generated at 23:53, which caused up to 7
datapoints lost if sa1 logging was set to 1 or 5 minute intervals.
* To amend the previous problem, some distributions were compiling with
YESTERDAY set as a compile-time option, but shipped the cron jobs
as-is. This caused the additional issue that the report of a day was being
delayed up to 23:53 of the next day.
* Finally there is a subtle race condition that might happen if sadc tries to
write to the file while sar is reading it to generate the summary, which
might cause corrupted sar summaries. This does not occur when reading
yesterday's files, since they are not written any more.
Reimplemented most of the functionality of "sargraph" without any XML
transformations. Tweaked the graphs to be more meaningful and more beautiful,
and enabled optional output to file.
YESTERDAY variable can now be changed in the generic configuration file.
For people logging every 1 min, generating the summary at 23:53 is not good
enough: 7 minutes of data points are lost. What is needed is to generate
the summary early in the next day. In order to generate yesterday's
summary without recompiling you can now add the following line in config:
YESTERDAY="--date=yesterday"
Sebastien GODARD [Mon, 30 Mar 2015 16:42:03 +0000 (18:42 +0200)]
Make JSON output consistent with XML one
Use only header "cpu-load" for both "sar -u" and "sar -u ALL"
statistics (header "cpu-load-all" is removed). This is what is
done in XML output. So do the same here for JSON output.
Sebastien GODARD [Sun, 29 Mar 2015 15:27:31 +0000 (17:27 +0200)]
XML output modified to enable proper validation
XML document header modified so that it can be validated against the XSD
document.
Also always use cpu-load header for CPU activity (cpu-load-all has been
removed).
Sebastien GODARD [Sun, 29 Mar 2015 15:23:30 +0000 (17:23 +0200)]
DTD and XSD documents updated
DTD and XSD documents updated so that XML data, as displayed by sadf -x,
can now be properly validated against them.
Several typos have also been corrected.
Some missing elements or attributes (for memory activity, filesystem
activity) have been added.
Sebastien GODARD [Fri, 27 Mar 2015 15:52:27 +0000 (16:52 +0100)]
Use proper length for mountp string
We read 256 chars for the mountpoint name to (try to) be sure to get it
all, and so ths statvfs() function won't fail in read_filesystem()
function.
Yet only MAX_FS_LEN chars should be saved in stats_filesystem structure.
Sebastien GODARD [Thu, 19 Mar 2015 20:22:55 +0000 (21:22 +0100)]
Call chkconfig only if $(COPY_ONLY) is set to no
Call chkconfig (or create corresponding links) only if
$(COPY_ONLY) variable is set to no.
The chkconfig command doesn't take into account the $(DESTDIR) variable
contents, trying to create links outside the $(DESTDIR) tree, which can
be considered as a way to activate sysstat service.
Sebastien GODARD [Thu, 12 Mar 2015 20:39:58 +0000 (21:39 +0100)]
pidstat: Don't stop if gtime and cgtime fields are unavailable
With some old 2.6 kernels, fields "gtime" and "cgtime" (which are
expected to be read from /proc/#/stat file) may not be present.
pidstat used to stop should this case happens.
Fix this since these fields are not mandatory for pidstat to display its
statistics.
sysstat init script may sometimes be called rc.sysstat
In some distros sysstat init script is called rc.sysstat.
So use that name with chkconfig and when uninstalling, remove links with
names like S??rc.sysstat and K??rc.sysstat.
projects / sysstat / log