nagios 3.0rc2 crash when using utf8 chars in service description

Guillaume Rousse Guillaume.Rousse at inria.fr
Tue Feb 26 11:12:03 CET 2008 

The following configuration triggers a buffer overflow when accessing
the service list cgi:

define service {
    use                 network-service
    host_name           gw-ors
    service_description Température
    check_command       check_temperature
}

Here are apache error logs:

[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57] *** buffer
overflow detected ***: /usr/lib64/nagios/cgi/status.cgi terminated
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57] =======
Backtrace: =========
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
/lib64/libc.so.6(__chk_fail+0x2c)[0x2b19b179ac4c]
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
/lib64/libc.so.6[0x2b19b179a209]
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
/lib64/libc.so.6(_IO_default_xsputn+0x8e)[0x2b19b172362e]
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
/lib64/libc.so.6(_IO_vfprintf+0x1647)[0x2b19b16fadf7]
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
/lib64/libc.so.6(__vsprintf_chk+0x9d)[0x2b19b179a2ad]
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
/lib64/libc.so.6(__sprintf_chk+0x80)[0x2b19b179a1f0]
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
/usr/lib64/nagios/cgi/status.cgi[0x414a15]
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
/usr/lib64/nagios/cgi/status.cgi[0x40fc65]
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
/usr/lib64/nagios/cgi/status.cgi[0x411dbb]
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
/lib64/libc.so.6(__libc_start_main+0xf4)[0x2b19b16d5ae4]
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
/usr/lib64/nagios/cgi/status.cgi[0x405519]
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57] ======= Memory
map: ========
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
00400000-00443000 r-xp 00000000 03:01 689732
 /usr/lib64/nagios/cgi/status.cgi
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
00643000-00645000 rw-p 00043000 03:01 689732
 /usr/lib64/nagios/cgi/status.cgi
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
00645000-006af000 rw-p 00645000 00:00 0
 [heap]
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
2b19b149d000-2b19b14b7000 r-xp 00000000 03:01 573614
 /lib64/ld-2.6.1.so
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
2b19b14b7000-2b19b14b8000 rw-p 2b19b14b7000 00:00 0
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
2b19b14be000-2b19b14c0000 rw-p 2b19b14be000 00:00 0
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
2b19b16b6000-2b19b16b7000 r--p 00019000 03:01 573614
 /lib64/ld-2.6.1.so
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
2b19b16b7000-2b19b16b8000 rw-p 0001a000 03:01 573614
 /lib64/ld-2.6.1.so
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
2b19b16b8000-2b19b17fe000 r-xp 00000000 03:01 573448
 /lib64/libc-2.6.1.so
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
2b19b17fe000-2b19b19fd000 ---p 00146000 03:01 573448
 /lib64/libc-2.6.1.so
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
2b19b19fd000-2b19b1a00000 r--p 00145000 03:01 573448
 /lib64/libc-2.6.1.so
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
2b19b1a00000-2b19b1a02000 rw-p 00148000 03:01 573448
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
/lib64/libc-2.6.1.so
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
2b19b1a02000-2b19b1a08000 rw-p 2b19b1a02000 00:00 0
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
2b19b1a08000-2b19b1a15000 r-xp 00000000 03:01 573442
 /lib64/libgcc_s-4.2.2.so.1
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
2b19b1a15000-2b19b1c14000 ---p 0000d000 03:01 573442
 /lib64/libgcc_s-4.2.2.so.1
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
2b19b1c14000-2b19b1c15000 rw-p 0000c000 03:01 573442
 /lib64/libgcc_s-4.2.2.so.1
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
7ffff95f8000-7ffff960d000 rw-p 7ffff95f8000 00:00 0
 [stack]
[Mon Feb 25 17:12:51 2008] [error] [client 195.83.212.57]
ffffffffff600000-ffffffffffe00000 ---p 00000000 00:00 0
 [vdso]


This is happening on mandriva 2008.0 64 bits, using nagios 3.0rc2
-- 
Guillaume Rousse
Moyens Informatiques - INRIA Futurs
Tel: 01 69 35 69 62

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

More information about the Developers mailing list