From 591967c72cde08b77e66553579c4caf213e5cb68 Mon Sep 17 00:00:00 2001
From: Jan Wagner <waja@cyconet.org>
Date: Thu, 14 May 2009 19:54:24 +0000
Subject: [PATCH] fix buffer overflow

---
 debian/changelog                             |  2 ++
 debian/patches/00list                        |  1 +
 debian/patches/43_check_ntp_segfaults.dpatch | 32 ++++++++++++++++++++
 3 files changed, 35 insertions(+)
 create mode 100644 debian/patches/43_check_ntp_segfaults.dpatch

diff --git a/debian/changelog b/debian/changelog
index 019a216..98bf673 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,8 @@ nagios-plugins (1.4.12-6) UNRELEASED; urgency=low
   * add trailing $ to check_httpname, thanks Daniel Pocock (Closes: #524629)
   * add informations into README.Debian how to use plugins (Closes: #525168)
   * add check_nscp which uses the default port of NSClient++ (Closes: #528262)
+  * add 43_check_ntp_segfaults.dpatch to fix buffer overflow in check_ntp and
+    check_ntp_peer, thanks to Andreas Olsson (Closes: #528686)
 
  -- Jan Wagner <waja@cyconet.org>  Sun, 01 Feb 2009 03:19:57 +0100
 
diff --git a/debian/patches/00list b/debian/patches/00list
index 0d29d8f..495887a 100644
--- a/debian/patches/00list
+++ b/debian/patches/00list
@@ -17,4 +17,5 @@
 40_check_http_status_line.dpatch
 41_check_http_fix_http_header.dpatch
 42_check_ups_logoutfix.dpatch
+43_check_ntp_segfaults.dpatch
 50_misc_typos.dpatch
diff --git a/debian/patches/43_check_ntp_segfaults.dpatch b/debian/patches/43_check_ntp_segfaults.dpatch
new file mode 100644
index 0000000..750f342
--- /dev/null
+++ b/debian/patches/43_check_ntp_segfaults.dpatch
@@ -0,0 +1,32 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 43_check_ntp_segfaults.dpatch by Thierry Carrez <thierry.carrez@ubuntu.com>
+##
+## DP: Fixes check_ntp and check_ntp_peer segfaults (LP: #291265)
+## Patch originally from Thomas Guyot, extracted from upstream SVN at:
+## http://nagiosplug.svn.sourceforge.net/viewvc/nagiosplug?view=rev&revision=2086
+
+@DPATCH@
+diff -urNad nagios-plugins-1.4.12~/plugins/check_ntp.c nagios-plugins-1.4.12/plugins/check_ntp.c
+--- nagios-plugins-1.4.12~/plugins/check_ntp.c	2008-05-07 10:02:42.000000000 +0000
++++ nagios-plugins-1.4.12/plugins/check_ntp.c	2008-11-19 16:38:06.000000000 +0000
+@@ -198,7 +198,7 @@
+ /* NTP control message header is 12 bytes, plus any data in the data
+  * field, plus null padding to the nearest 32-bit boundary per rfc.
+  */
+-#define SIZEOF_NTPCM(m) (12+ntohs(m.count)+((m.count)?4-(ntohs(m.count)%4):0))
++#define SIZEOF_NTPCM(m) (12+ntohs(m.count)+((ntohs(m.count)%4)?4-(ntohs(m.count)%4):0))
+ 
+ /* finally, a little helper or two for debugging: */
+ #define DBG(x) do{if(verbose>1){ x; }}while(0);
+diff -urNad nagios-plugins-1.4.12~/plugins/check_ntp_peer.c nagios-plugins-1.4.12/plugins/check_ntp_peer.c
+--- nagios-plugins-1.4.12~/plugins/check_ntp_peer.c	2008-05-07 10:02:42.000000000 +0000
++++ nagios-plugins-1.4.12/plugins/check_ntp_peer.c	2008-11-19 16:38:06.000000000 +0000
+@@ -130,7 +130,7 @@
+ /* NTP control message header is 12 bytes, plus any data in the data
+  * field, plus null padding to the nearest 32-bit boundary per rfc.
+  */
+-#define SIZEOF_NTPCM(m) (12+ntohs(m.count)+((m.count)?4-(ntohs(m.count)%4):0))
++#define SIZEOF_NTPCM(m) (12+ntohs(m.count)+((ntohs(m.count)%4)?4-(ntohs(m.count)%4):0))
+ 
+ /* finally, a little helper or two for debugging: */
+ #define DBG(x) do{if(verbose>1){ x; }}while(0);