Commit f5d9ddaa authored by Sophie Brun's avatar Sophie Brun

New upstream version 5.0.7

parent afe71d41
openvas-scanner 5.0.7 (2016-09-06)
This is the seventh maintenance release of the openvas-scanner 5.0 module for
the Open Vulnerability Assessment System release 8 (OpenVAS-8).
This release addresses a segmentation fault discovered after the release of
OpenVAS Scanner 5.0.6 which could result in hanging or failing scans under
certain circumstances.
Many thanks to everyone who contributed to this release:
Timo Pollmeier.
Main changes compared to 5.0.6:
* An issue which caused memory to be freed too early in the plugin launch
process potentially leading to segmentation faults has been addressed.
openvas-scanner 5.0.6 (2016-08-30)
This is the sixth maintenance release of the openvas-scanner 5.0 module for
the Open Vulnerability Assessment System release 8 (OpenVAS-8).
This release adds support for the 'scanner_plugins_timeout' and 'timeout_retry'
preferences, addresses a number of memory leaks and improves signal handling in
scanner processes.
Many thanks to everyone who contributed to this release:
Hani Benhabiles and Matthew Mundell.
Main changes compared to 5.0.5:
* Support for the 'scanner_plugins_timeout' preference has been added.
* Support for the 'timeout_retry' preference has been added.
* A number of memory leaks have been fixed.
* Signal handling in scanner processes has been improved.
* Documentation has been updated.
openvas-scanner 5.0.5 (2015-12-21)
This is the fifth maintenance release of the openvas-scanner 5.0 module for
......
......@@ -85,7 +85,7 @@ set (CPACK_PACKAGE_VERSION_MAJOR "5")
set (CPACK_PACKAGE_VERSION_MINOR "0")
# Use this scheme for stable releases
set (CPACK_PACKAGE_VERSION_PATCH "5${SVN_REVISION}")
set (CPACK_PACKAGE_VERSION_PATCH "7${SVN_REVISION}")
set (CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}")
# Use this scheme for +betaN and +rcN releases:
#set (CPACK_PACKAGE_VERSION_PATCH "+beta1${SVN_REVISION}")
......@@ -179,6 +179,7 @@ set (OPENVASSD_DEBUGMSG "${OPENVAS_LOG_DIR}/openvassd.dump")
set (OPENVASSD_CONF "${OPENVAS_SYSCONF_DIR}/openvassd.conf")
set (NVT_TIMEOUT "320")
set (SCANNER_NVT_TIMEOUT "36000")
message ("-- Install prefix: ${CMAKE_INSTALL_PREFIX}")
......
2016-09-06 Michael Wiegand <michael.wiegand@greenbone.net>
Preparing the openvas-scanner 5.0.7 release.
* CHANGES: Updated.
2016-09-01 Timo Pollmeier <timo.pollmeier@greenbone.net>
* src/nasl_plugins.c (nasl_plugin_launch): Do not free plugin arglist.
2016-08-30 Michael Wiegand <michael.wiegand@greenbone.net>
Post release version bump.
* CMakeLists.txt: Set version to 5.0.7.
2016-08-30 Michael Wiegand <michael.wiegand@greenbone.net>
Preparing the openvas-scanner 5.0.6 release.
* CHANGES: Updated.
2016-07-28 Matthew Mundell <matthew.mundell@greenbone.net>
Revert part of the r25384 backport.
* src/sighand.c (attack_start): Remove free, this is a stack array.
2016-07-28 Matthew Mundell <matthew.mundell@greenbone.net>
Backport r25859.
* src/sighand.c (sighand_segv): Raise signal again, to enable core
dumps.
2016-06-13 Matthew Mundell <matthew.mundell@greenbone.net>
Backport r25483.
* src/sighand.c (print_trace): Handle write return correctly, as it may
only write part of the string.
2016-06-13 Hani Benhabiles <hani.benhabiles@greenbone.net>
* src/pluginscheduler.c (hash_fill_deps): Remove backported part from
r25417.
2016-06-09 Hani Benhabiles <hani.benhabiles@greenbone.net>
Backport r25481.
* src/sighand.c (print_trace): Add loop around write() call to handle
signal interrupts. Don't return on error.
2016-06-09 Hani Benhabiles <hani.benhabiles@greenbone.net>
Backport r25470.
* src/log.c (log_get_fd): New function.
* src/log.h: Add new function prototype.
* src/sighand.c (print_trace, sighand_segv): Make function
async-signal-safe.
2016-05-30 Hani Benhabiles <hani.benhabiles@greenbone.net>
Backport r25384, r25394 and r25397.
* src/attack.c (attack_start): Fix memory leak.
* src/nasl_plugins.c (nasl_plugin_launch): Fix memory leak.
* src/pluginscheduler.c (hash_fill_deps): Fix memory leak.
2016-03-30 Hani Benhabiles <hani.benhabiles@greenbone.net>
Backport r24812.
* src/openvassd.c (openvassd_defaults): Add timeout_retry preference.
* doc/openvassd.8.in: Update documentation.
2016-03-07 Hani Benhabiles <hani.benhabiles@greenbone.net>
Backport r24613.
* src/openvassd.c (openvassd_defaults): Add scanner_plugins_timeout
preference.
* src/pluginlaunch.c (plugin_launch): Use scanner_plugins_timeout as the
default value for scanner plugins.
* CMakeLists.txt: Add SCANNER_NVT_TIMEOUT variable.
* doc/openvassd.8.in: Update documentation.
2015-12-21 Michael Wiegand <michael.wiegand@greenbone.net>
Post release version bump.
* CMakeLists.txt: Set version to 5.0.6.
2015-12-21 Michael Wiegand <michael.wiegand@greenbone.net>
Preparing the openvas-scanner 5.0.5 release.
......@@ -782,7 +885,7 @@
* src/pluginload.c (plugins_reload_from_dir): Adapt to new proto of
nasl_plugin_add.
* src/pluginload.h: Adjust proto accodingly.
* src/plugs_req.c (get_closed_ports, get_closed_udp_ports): Get global
......@@ -1214,7 +1317,7 @@
glib functions.
* src/pluginlaunch.c (process_internal_msg): Replace efree() by
g_free() and set buffer to NULL.
g_free() and set buffer to NULL.
* src/comm.c (send_plug_info): Replaced estrdup() by g_strdup(),
emalloc() by g_malloc0() and efree by g_free().
......@@ -1393,7 +1496,7 @@
arglist to string array.
(requirements_plugin): Changed type of internal variables from
arglist to string array.
2014-08-25 Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
Get rid of some arglist uses in the scheduler plugins.
......
......@@ -128,11 +128,17 @@ By default, openvassd does not trust the remote host banners. It means that it w
.IP checks_read_timeout
Number of seconds that the security checks will wait for when doing a recv(). You should increase this value if you are running openvassd across a slow network slink (testing a host via a dialup connection for instance)
.IP timeout_retry
Number of retries when a socket connection attempt timesout.
.IP non_simult_ports
Some services (in particular SMB) do not appreciate multiple connections at the same time coming from the same host. This option allows you to prevent openvassd to make two connections on the same given ports at the same time. The syntax of this option is "port1[, port2....]". Note that you can use the KB notation of openvassd to designate a service formally. Ex: "139, Services/www", will prevent openvassd from making two connections at the same time on port 139 and on every port which hosts a web server.
.IP plugins_timeout
This is the maximum lifetime, in seconds of a plugin. It may happen that some plugins are slow because of the way they are written or the way the remote server behaves. This option allows you to make sure your scan is never caught in an endless loop because of a non-finishing plugin.
This is the maximum lifetime, in seconds of a plugin. It may happen that some plugins are slow because of the way they are written or the way the remote server behaves. This option allows you to make sure your scan is never caught in an endless loop because of a non-finishing plugin. Doesn't affect ACT_SCANNER plugins.
.IP scanner_plugins_timeout
Like plugins_timeout, but for ACT_SCANNER plugins.
.IP safe_checks
Most of the time, openvassd attempts to reproduce an exceptional condition to determine if the remote services are vulnerable to certain flaws. This includes the reproduction of buffer overflows or format strings, which may make the remote server crash. If you set this option to 'yes', openvassd will disable the plugins which have the potential to crash the remote services, and will at the same time make several checks rely on the banner of the service tested instead of its behavior towards a certain input. This reduces false positives and makes openvassd nicer towards your network, however this may make you miss important vulnerabilities (as a vulnerability affecting a given service may also affect another one).
......
/* OpenVAS
* $Id: attack.c 22719 2015-07-08 09:56:25Z mwiegand $
* $Id: attack.c 25861 2016-07-28 14:33:01Z mattm $
* Description: Launches the plugins, and manages multithreading.
*
* Authors: - Renaud Deraison <deraison@nessus.org> (Original pre-fork develoment)
......
/* OpenVAS
* $Id: log.c 22376 2015-05-13 23:36:56Z kroosec $
* $Id: log.c 25471 2016-06-09 00:54:05Z kroosec $
* Description: Manages the logfile of OpenVAS.
*
* Authors: - Renaud Deraison <deraison@nessus.org> (Original pre-fork develoment)
......@@ -39,7 +39,7 @@
#include "utils.h"
#include "log.h"
static FILE *log;
static FILE *log = NULL;
/**
* @brief Initialization of the log file.
......@@ -75,6 +75,16 @@ log_init (const char *filename)
}
/**
* @brief Get the open log file descriptor.
*
* @param[out] Return the log file descriptor.
*/
int
log_get_fd ()
{
return log ? fileno (log) : -1;
}
void
log_close ()
......
......@@ -36,6 +36,7 @@
void log_init (const char *);
void log_close (void);
int log_get_fd ();
#ifdef __GNUC__
void log_vwrite (const char *, va_list) __attribute__ ((format (printf, 1, 0)));
void log_write (const char *, ...) __attribute__ ((format (printf, 1, 2)));
......
/* OpenVAS
* $Id: nasl_plugins.c 22432 2015-05-22 15:00:12Z kroosec $
* $Id: nasl_plugins.c 26177 2016-09-01 16:07:30Z timopollmeier $
* Description: Launches NASL plugins.
*
* Authors: - Renaud Deraison <deraison@nessus.org> (Original pre-fork develoment)
......
/* OpenVAS
* $Id: openvassd.c 23155 2015-08-25 20:54:35Z kroosec $
* $Id: openvassd.c 25076 2016-04-25 12:49:37Z kroosec $
* Description: Runs the OpenVAS-scanner.
*
* Authors: - Renaud Deraison <deraison@nessus.org> (Original pre-fork develoment)
......@@ -108,6 +108,7 @@ static openvassd_option openvassd_defaults[] = {
{"network_scan", "no"},
{"non_simult_ports", "139, 445"},
{"plugins_timeout", G_STRINGIFY (NVT_TIMEOUT)},
{"scanner_plugins_timeout", G_STRINGIFY (SCANNER_NVT_TIMEOUT)},
{"safe_checks", "yes"},
{"auto_enable_dependencies", "yes"},
{"use_mac_addr", "no"},
......@@ -124,6 +125,7 @@ static openvassd_option openvassd_defaults[] = {
{"key_file", SCANNERKEY},
{"ca_file", CACERT},
{"kb_location", KB_PATH_DEFAULT},
{"timeout_retry", "3"},
{NULL, NULL}
};
......
/* OpenVAS
* $Id: pluginlaunch.c 22168 2015-04-20 15:01:36Z kroosec $
* $Id: pluginlaunch.c 24614 2016-03-07 11:01:22Z kroosec $
* Description: Manages the launching of plugins within processes.
*
* Authors: - Renaud Deraison <deraison@nessus.org> (Original pre-fork develoment)
......@@ -437,12 +437,12 @@ plugin_launch (struct arglist *globals, struct scheduler_plugin *plugin,
processes[p].timeout = plugin->timeout;
// Disable timeout if NVT is a scanner, set it to preferences otherwise
if (processes[p].timeout == 0)
{
int category = plugin->category;
if (category == ACT_SCANNER)
processes[p].timeout = -1;
processes[p].timeout = atoi (prefs_get ("scanner_plugins_timeout")
?: "-1");
else
processes[p].timeout = atoi (prefs_get ("plugins_timeout") ?: "-1");
}
......
/* OpenVAS
* $Id: pluginscheduler.c 21159 2014-12-10 23:44:27Z kroosec $
* $Id: pluginscheduler.c 25491 2016-06-13 11:18:03Z kroosec $
* Description: Tells openvassd which plugin should be executed next.
*
* Authors: - Renaud Deraison <deraison@nessus.org> (Original pre-fork develoment)
......
/* OpenVAS
* $Id: sighand.c 21730 2015-02-27 14:49:27Z kroosec $
* $Id: sighand.c 25860 2016-07-28 14:16:57Z mattm $
* Description: Provides signal handling functions.
*
* Authors: - Renaud Deraison <deraison@nessus.org> (Original pre-fork develoment)
......@@ -35,6 +35,7 @@
#include "log.h"
#include "sighand.h"
#include "utils.h"
#include "string.h"
#include <openvas/base/pidfile.h>
......@@ -116,24 +117,38 @@ static void
print_trace ()
{
void *array[10];
size_t size;
char **symbols;
size_t i;
size = backtrace (array, 10);
symbols = backtrace_symbols (array, size);
for (i = 0; i < size; i++)
log_write ("%s\n", symbols[i]);
g_free (symbols);
int fd, ret = 0, left;
char *message = "SIGSEGV occured !\n";
fd = log_get_fd ();
if (fd < 0)
return;
left = strlen (message);
while (left)
{
ret = write (fd, message, left);
if (ret == -1)
{
if (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK)
continue;
break;
}
left -= ret;
message += ret;
}
ret = backtrace (array, 10);
backtrace_symbols_fd (array, ret, fd);
}
void
sighand_segv ()
sighand_segv (int given_signal)
{
signal (SIGSEGV, _exit);
log_write ("SIGSEGV occured !");
print_trace ();
make_em_die (SIGTERM);
log_close ();
_exit (0);
/* Raise signal again, to exit with the correct return value,
* and to enable core dumping. */
openvas_signal (given_signal, SIG_DFL);
raise (given_signal);
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment