[pkg-nagios-changes] [Git][nagios-team/pkg-nrpe][upstream] New upstream version 4.0.2
Bas Couwenberg
gitlab at salsa.debian.org
Mon Mar 23 05:21:51 GMT 2020
Bas Couwenberg pushed to branch upstream at Debian Nagios Maintainer Group / pkg-nrpe
Commits:
e718e494 by Bas Couwenberg at 2020-03-23T06:00:13+01:00
New upstream version 4.0.2
- - - - -
10 changed files:
- CHANGELOG.md
- README.md
- configure
- configure.ac
- include/common.h.in
- nrpe.spec.in
- sample-config/nrpe.cfg.in
- src/check_nrpe.c
- src/nrpe.c
- update-version
Changes:
=====================================
CHANGELOG.md
=====================================
@@ -1,6 +1,17 @@
NRPE Changelog
==============
+[4.0.2](https://github.com/NagiosEnterprises/nrpe/releases/tag/nrpe-4.0.2) - 2020-03-11
+---------------------------------------------------------------------------------------
+**FIXES**
+- Fixed buffer length calculations/writing past memory boundaries on some systems (#227, #228) (Andreas Baumann, hariwe, Sebastian Wolf)
+- Fixed use of uninitialized variable when validating requests (#229) (hariwe, Sebastian Wolf)
+
+[4.0.1](https://github.com/NagiosEnterprises/nrpe/releases/tag/nrpe-4.0.1) - 2020-01-22
+---------------------------------------------------------------------------------------
+**FIXES**
+* Fixed syslog flooding with CRC-checking errors when both plugin and agent were updated to version 4 (Sebastian Wolf)
+
[4.0.0](https://github.com/NagiosEnterprises/nrpe/releases/tag/nrpe-4.0.0) - 2019-01-13
---------------------------------------------------------------------------------------
Note: This update includes security fixes which affect both the check_nrpe plugin and
=====================================
README.md
=====================================
@@ -2,11 +2,12 @@
[](https://travis-ci.org/NagiosEnterprises/nrpe)
-NRPE
-====
-
-## Nagios Remote Plugin Executor
+ 🔴 🔴 🔴
+***Notice: As of NRPE version 4.0.1, this project is deprecated. It will not receive any more bugfixes or features, except to resolve security issues.***
+ 🔴 🔴 🔴
+Nagios Remote Plugin Executor (NRPE)
+====================================
For installation instructions and information on the design overview
of the NRPE addon, please read the PDF documentation that is found in
=====================================
configure
=====================================
@@ -2487,9 +2487,9 @@ ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var.
PKG_NAME=nrpe
-PKG_VERSION="4.0.0"
+PKG_VERSION="4.0.2"
PKG_HOME_URL="http://www.nagios.org/"
-PKG_REL_DATE="2020-01-15"
+PKG_REL_DATE="2020-03-09"
RPM_RELEASE=1
LANG=C
=====================================
configure.ac
=====================================
@@ -11,9 +11,9 @@ AC_CONFIG_AUX_DIR([build-aux])
AC_PREFIX_DEFAULT(/usr/local/nagios)
PKG_NAME=nrpe
-PKG_VERSION="4.0.0"
+PKG_VERSION="4.0.2"
PKG_HOME_URL="http://www.nagios.org/"
-PKG_REL_DATE="2020-01-15"
+PKG_REL_DATE="2020-03-09"
RPM_RELEASE=1
LANG=C
=====================================
include/common.h.in
=====================================
@@ -37,8 +37,8 @@
# endif
#endif
-#define PROGRAM_VERSION "4.0.0"
-#define MODIFICATION_DATE "2020-01-15"
+#define PROGRAM_VERSION "4.0.2"
+#define MODIFICATION_DATE "2020-03-09"
#define OK 0
#define ERROR -1
=====================================
nrpe.spec.in
=====================================
@@ -22,7 +22,7 @@
%define _sysconfdir /etc/nagios
%define name @PACKAGE_NAME@
-%define version 4.0.0
+%define version 4.0.2
%define release @RPM_RELEASE@
%define nsusr @nrpe_user@
%define nsgrp @nrpe_group@
=====================================
sample-config/nrpe.cfg.in
=====================================
@@ -361,3 +361,9 @@ command[check_total_procs]=@pluginsdir@/check_procs -w 150 -c 200
#include_dir=<somedirectory>
#include_dir=<someotherdirectory>
+
+# KEEP ENVIRONMENT VARIABLES
+# This directive allows you to retain specific variables from the environment
+# when starting the NRPE daemon.
+
+#keep_env_vars=NRPE_MULTILINESUPPORT,NRPE_PROGRAMVERSION
=====================================
src/check_nrpe.c
=====================================
@@ -1230,7 +1230,9 @@ int send_request()
v3_send_packet->packet_version = htons(packet_ver);
v3_send_packet->packet_type = htons(QUERY_PACKET);
v3_send_packet->alignment = 0;
- v3_send_packet->buffer_length = htonl(pkt_size - sizeof(v3_packet) + 1);
+ v3_send_packet->buffer_length = pkt_size - sizeof(v3_packet);
+ v3_send_packet->buffer_length += (packet_ver == NRPE_PACKET_VERSION_4 ? NRPE_V4_PACKET_SIZE_OFFSET : NRPE_V3_PACKET_SIZE_OFFSET);
+ v3_send_packet->buffer_length = htonl(v3_send_packet->buffer_length);
strcpy(&v3_send_packet->buffer[0], query);
/* calculate the crc 32 value of the packet */
@@ -1373,7 +1375,7 @@ int read_response()
/* get the return code from the remote plugin */
/* and print the output returned by the daemon */
- if (packet_ver == NRPE_PACKET_VERSION_3) {
+ if (packet_ver >= NRPE_PACKET_VERSION_3) {
result = ntohs(v3_receive_packet->result_code);
if (v3_receive_packet->buffer_length == 0) {
printf("CHECK_NRPE: No output returned from daemon.\n");
@@ -1592,10 +1594,9 @@ int read_packet(int sock, void *ssl_ptr, v2_packet ** v2_pkt, v3_packet ** v3_pk
break;
bytes_read += rc;
bytes_to_recv -= rc;
+ tot_bytes += rc;
}
- buff_ptr[bytes_read] = 0;
-
if (rc < 0 || bytes_read != buffer_size) {
if (packet_ver >= NRPE_PACKET_VERSION_3) {
free(*v3_pkt);
@@ -1612,8 +1613,7 @@ int read_packet(int sock, void *ssl_ptr, v2_packet ** v2_pkt, v3_packet ** v3_pk
}
}
return -1;
- } else
- tot_bytes += rc;
+ }
}
#endif
=====================================
src/nrpe.c
=====================================
@@ -1912,9 +1912,9 @@ void handle_connection(int sock)
} else {
- pkt_size = (sizeof(v3_packet) - NRPE_V4_PACKET_SIZE_OFFSET) + strlen(send_buff);
+ pkt_size = (sizeof(v3_packet) - NRPE_V4_PACKET_SIZE_OFFSET) + strlen(send_buff) + 1;
if (packet_ver == NRPE_PACKET_VERSION_3) {
- pkt_size = (sizeof(v3_packet) - NRPE_V3_PACKET_SIZE_OFFSET) + strlen(send_buff);
+ pkt_size = (sizeof(v3_packet) - NRPE_V3_PACKET_SIZE_OFFSET) + strlen(send_buff) + 1;
}
v3_send_packet = calloc(1, pkt_size);
send_pkt = (char *)v3_send_packet;
@@ -1923,7 +1923,7 @@ void handle_connection(int sock)
v3_send_packet->packet_type = htons(RESPONSE_PACKET);
v3_send_packet->result_code = htons(result);
v3_send_packet->alignment = 0;
- v3_send_packet->buffer_length = htonl(strlen(send_buff));
+ v3_send_packet->buffer_length = htonl(strlen(send_buff) + 1);
strcpy(&v3_send_packet->buffer[0], send_buff);
/* calculate the crc 32 value of the packet */
@@ -2748,10 +2748,6 @@ int validate_request(v2_packet * v2pkt, v3_packet * v3pkt)
if (packet_ver >= NRPE_PACKET_VERSION_3) {
buffer_size = ntohl(v3pkt->buffer_length);
- if (buffer_size < 0 || buffer_size > INT_MAX - pkt_size) {
- logit(LOG_ERR, "Error: Request packet had invalid buffer size.");
- return ERROR;
- }
pkt_size = sizeof(v3_packet);
pkt_size -= (packet_ver == NRPE_PACKET_VERSION_3 ? NRPE_V3_PACKET_SIZE_OFFSET : NRPE_V4_PACKET_SIZE_OFFSET);
=====================================
update-version
=====================================
@@ -28,10 +28,10 @@ else
fi
# Current version number
-CURRENTVERSION=4.0.0
+CURRENTVERSION=4.0.2
# Last date
-LASTDATE=2020-01-15
+LASTDATE=2020-03-09
if [ "x$1" = "x" ]
then
View it on GitLab: https://salsa.debian.org/nagios-team/pkg-nrpe/-/commit/e718e494ed1addfe8239034be4c82fb1b7f144c9
--
View it on GitLab: https://salsa.debian.org/nagios-team/pkg-nrpe/-/commit/e718e494ed1addfe8239034be4c82fb1b7f144c9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-nagios-changes/attachments/20200323/303f3116/attachment-0001.html>
More information about the pkg-nagios-changes
mailing list