[Nagiosplug-devel] [ nagiosplug-Bugs-1742066 ] nagios-plugins-1.4.8 check_smtp

SourceForge.net noreply at sourceforge.net
Sat Jul 14 21:52:31 CEST 2007


Bugs item #1742066, was opened at 2007-06-23 15:44
Message generated for change (Settings changed) made by psychotrahe
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1742066&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Argument proccessing
Group: Release (specify)
>Status: Closed
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Christoph Schell (cschell)
>Assigned to: Matthias Eble (psychotrahe)
Summary: nagios-plugins-1.4.8 check_smtp

Initial Comment:
buffer overflow in argument handling

If I use 

check_smtp -H 127.0.0.1 -C "HELO Nagios" -R 250 -C "MAIL FROM:<user>" -R 250 -C "RCPT TO:<user at domain.com>" -R 250 -C "DATA" -R 354 -C "." -R 250 -t 30

I got a buffer overflow in the argument handling.

I fixed the problem with the attched patch.

Christoph



----------------------------------------------------------------------

>Comment By: Matthias Eble (psychotrahe)
Date: 2007-07-14 21:52

Message:
Logged In: YES 
user_id=1694341
Originator: NO

Hi Cristoph,

I slightly changed your patch and commited it to cvs. The changes were:
1. I use sizeof(char*) instead of sizeof(char**). Is there a reason why
you used **?
2. changed the number in strncpy to 255. Why did you use only 250?

Matthias

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1742066&group_id=29880




More information about the Devel mailing list