Fixing NULL pointer dereference in check_nt (Closes: #714281)

2013-07-08 11:16:49 +00:00 · 2013-07-08 11:16:49 +00:00 · 0a5502a8da
parent cdc1b29e69
commit 0a5502a8da
3 changed files with 49 additions and 0 deletions
--- a/debian/changelog
+++ b/debian/changelog
@ -11,6 +11,8 @@ nagios-plugins (1.4.16-2) UNRELEASED; urgency=low
  * Fix FTBFS: do not assume that gets is defined (LP: #1097848).
  * Add performance data to check_apt: 10_check_apt_perfdata.dpatch
    (Closes: #708343)
+  * Fixing NULL pointer dereference in check_nt (Closes: #714281), thanks to
+    Vaclav Ovsik

 -- Jan Wagner <waja@cyconet.org>  Wed, 27 Jun 2012 23:14:40 +0200

--- a/debian/patches/00list
+++ b/debian/patches/00list
@ -1,5 +1,6 @@
 02_check_icmp_links.dpatch
 05_fix_gets_undefined_in_iso_c11.dpatch
 10_check_apt_perfdata.dpatch
+11_check_nt_npe.dpatch
 # commited upstream

--- a/debian/patches/11_check_nt_npe.dpatch
+++ b/debian/patches/11_check_nt_npe.dpatch
@ -0,0 +1,46 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 11_check_nt_npe.dpatch by Vaclav Ovsik <vaclav.ovsik@i.cz>
+##
+## DP: Fixes some NULL pointer dereference in check_nt.
+
+@DPATCH@
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' nagios-plugins-1.4.16~/plugins/check_nt.c nagios-plugins-1.4.16/plugins/check_nt.c
+--- nagios-plugins-1.4.16~/plugins/check_nt.c	2013-06-29 18:11:20.000000000 +0200
+++ nagios-plugins-1.4.16/plugins/check_nt.c	2013-06-29 18:22:52.000000000 +0200
+@@ -94,6 +94,7 @@
+ 	char *description=NULL,*counter_unit = NULL;
+ 	char *minval = NULL, *maxval = NULL, *errcvt = NULL;
+ 	char *fds=NULL, *tds=NULL;
+	char *numstr;
+ 
+ 	double total_disk_space=0;
+ 	double free_disk_space=0;
+@@ -265,7 +266,10 @@
+ 			asprintf(&send_buffer,"%s&%u&%s&%s", req_password,(vars_to_check==CHECK_SERVICESTATE)?5:6,
+ 							 (show_all==TRUE) ? "ShowAll" : "ShowFail",value_list);
+ 			fetch_data (server_address, server_port, send_buffer);
+-			return_code=atoi(strtok(recv_buffer,"&"));
+			numstr = strtok(recv_buffer,"&");
+			if (numstr == NULL)
+				die(STATE_UNKNOWN, _("could not fetch information from server\n"));
+			return_code=atoi(numstr);
+ 			temp_string=strtok(NULL,"&");
+ 			output_message = strdup (temp_string);
+ 		}
+@@ -275,8 +279,14 @@
+ 
+ 		asprintf(&send_buffer,"%s&7", req_password);
+ 		fetch_data (server_address, server_port, send_buffer);
+-		mem_commitLimit=atof(strtok(recv_buffer,"&"));
+-		mem_commitByte=atof(strtok(NULL,"&"));
+		numstr = strtok(recv_buffer,"&");
+		if (numstr == NULL)
+			die(STATE_UNKNOWN, _("could not fetch information from server\n"));
+		mem_commitLimit=atof(numstr);
+		numstr = strtok(NULL,"&");
+		if (numstr == NULL)
+			die(STATE_UNKNOWN, _("could not fetch information from server\n"));
+		mem_commitByte=atof(numstr);
+ 		percent_used_space = (mem_commitByte / mem_commitLimit) * 100;
+ 		warning_used_space = ((float)warning_value / 100) * mem_commitLimit;
+ 		critical_used_space = ((float)critical_value / 100) * mem_commitLimit;