Private GIT

Skip to content
Snippets Groups Projects
Commit 32c935fb authored by Maximilien Bersoult's avatar Maximilien Bersoult Committed by Adrien Morais
Browse files

fix(sec): Fix execution command by rrdtool command line 

* Fix execution command by rrdtool command line in Virtual Metrics
* Fix execution command by rrdtool command line in graph images
parent 360da08e
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
www/class/centreonGraph.class.php
+ 47
41
View file @ 32c935fb
......@@ -749,10 +749,8 @@ class CentreonGraph
$this->RRDoptions["upper-limit"]
);
}
$this->addArgument(
"DEF:vi" . $cpt . "=" . $this->dbPath . $key . ".rrd:value:AVERAGE CDEF:v" . $cpt .
"=vi" . $cpt . ",-1,*"
);
$this->addArgument('DEF:vi' . $cpt . '=' . $this->dbPath . $key . '.rrd:value:AVERAGE');
$this->addArgument('CDEF:v' . $cpt . '=vi' . $cpt . ',-1,*');
if (isset($tm["warn"]) && $tm["warn"] != 0) {
$tm["warn"] *= -1;
}
......@@ -880,7 +878,14 @@ class CentreonGraph
}
$rpn_values .= $this->vname[$tm["metric"]] . ",UN,0," . $this->vname[$tm["metric"]] . ",IF,";
$rpn_expr .= ",+";
if (strpos($arg, ' ') === false) {
$this->addArgument($arg);
} else {
$args = explode(' ', $arg);
foreach ($args as $arg2) {
$this->addArgument($arg2);
}
}
if ($this->onecurve && isset($tm["warn"]) &&
$tm["warn"] != 0 && isset($tm["crit"]) && $tm["crit"] != 0) {
$this->addArgument("AREA:ow" . $nb . $tm["ds_color_area_warn"] . "CF::STACK");
......@@ -894,7 +899,7 @@ class CentreonGraph
} else {
$arg = "LINE" . $tm["ds_tickness"] . ":vc" . $cpt;
}
$arg .= $tm["ds_color_line"] . ":'";
$arg .= $tm["ds_color_line"] . ":";
}
if (!$this->checkcurve) {
......@@ -906,11 +911,10 @@ class CentreonGraph
if (!$this->onecurve && isset($tm["ds_hidecurve"]) && $tm["ds_hidecurve"] == 1) {
$arg .= " ";
}
$arg .= "'";
$this->addArgument($arg);
$vdefs = "";
$prints = "";
$vdefs = array();
$prints = array();
foreach (array("last" => "LAST", "min" => "MINIMUM", "max" => "MAXIMUM",
......@@ -919,31 +923,36 @@ class CentreonGraph
continue;
}
$dispname = ucfirst($name);
$vdefs .= "VDEF:" . $this->vname[$tm["metric"]] . $dispname . "=" .
$this->vname[$tm["metric"]] . "," . $cf . " ";
$vdefs[] = "VDEF:" . $this->vname[$tm["metric"]] . $dispname . "=" .
$this->vname[$tm["metric"]] . "," . $cf;
if (($name == "min" || $name == "max") &&
(isset($tm['ds_minmax_int']) && $tm['ds_minmax_int'])) {
$displayformat = "%7.0lf";
} else {
$displayformat = "%7.2lf";
}
$prints .= "GPRINT:" . $this->vname[$tm["metric"]] . $dispname.":\"" .
$dispname . "\:" . $displayformat . ($this->gprintScaleOption) . "\" ";
$prints[] = "GPRINT:" . $this->vname[$tm["metric"]] . $dispname.":" .
$dispname . "\:" . $displayformat . ($this->gprintScaleOption);
}
foreach ($vdefs as $vdef) {
$this->addArgument($vdef);
}
$this->addArgument($vdefs);
$this->addArgument($prints . "COMMENT:\"\\l\"");
foreach ($prints as $print) {
$this->addArgument($print);
}
$this->addArgument("COMMENT:\\l");
if ($this->onecurve) {
if (isset($tm["warn"]) && !empty($tm["warn"]) && $tm["warn"] != 0) {
$this->addArgument(
"HRULE:" . $tm["warn"] . $tm["ds_color_area_warn"] . ":\"Warning \: " .
$this->humanReadable($tm["warn"], $tm["unit"]) . "\\l\" "
"HRULE:" . $tm["warn"] . $tm["ds_color_area_warn"] . ":Warning \: " .
$this->humanReadable($tm["warn"], $tm["unit"]) . "\\l "
);
}
if (isset($tm["crit"]) && !empty($tm["crit"]) && $tm["crit"] != 0) {
$this->addArgument(
"HRULE:" . $tm["crit"] . $tm["ds_color_area_crit"] . ":\"Critical \: " .
$this->humanReadable($tm["crit"], $tm["unit"]) . "\""
"HRULE:" . $tm["crit"] . $tm["ds_color_area_crit"] . ":Critical \: " .
$this->humanReadable($tm["crit"], $tm["unit"])
);
}
}
......@@ -953,7 +962,7 @@ class CentreonGraph
$tm["ds_jumpline"] = 0;
}
while ($cline < $tm["ds_jumpline"]) {
$this->addArgument("COMMENT:\"\\c\"");
$this->addArgument("COMMENT:\\c");
$cline++;
}
}
......@@ -1257,9 +1266,6 @@ class CentreonGraph
*/
public function setRRDOption($name, $value = null)
{
if (strpos($value, " ")!==false) {
$value = "'".$value."'";
}
$this->RRDoptions[$name] = $value;
}
......@@ -1366,17 +1372,17 @@ class CentreonGraph
}
foreach ($this->RRDoptions as $key => $value) {
$commandLine .= "--".$key;
$commandLine .= '--' . $key;
if (isset($value)) {
$commandLine .= "=".$value;
$commandLine .= '=' . escapeshellarg($value);
}
$commandLine .= " ";
$commandLine .= ' ';
}
foreach ($this->colors as $key => $value) {
$commandLine .= "--color ".$key.$value." ";
$commandLine .= '--color ' . escapeshellarg($key . $value) . ' ';
}
foreach ($this->fonts as $key => $value) {
$commandLine .= "--font ".$key.$value." ";
$commandLine .= '--font ' . escapeshellarg($key . $value) . ' ';
}
/*
......@@ -1387,10 +1393,10 @@ class CentreonGraph
$rrd_time = str_replace(":", "\:", $rrd_time);
$rrd_time2 = addslashes($this->GMT->getDate("Y\/m\/d G:i", $this->RRDoptions["end"])) ;
$rrd_time2 = str_replace(":", "\:", $rrd_time2);
$commandLine .= " COMMENT:\" From $rrd_time to $rrd_time2 \\c\" ";
$commandLine .= escapeshellarg('COMMENT: From ' . $rrd_time . ' to ' . $rrd_time2 . ' \\c');
}
foreach ($this->arguments as $arg) {
$commandLine .= " ".$arg." ";
$commandLine .= ' ' . escapeshellarg($arg) . ' ';
}
$gmt_export = "";
$commandLine = preg_replace("/(\\\$|`)/", "", $commandLine);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment

Another place to be (or not)