From d4bbd4cbaa63f4495e93ae92b8f3230beaef73d5 Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Sat, 29 Nov 2014 11:11:20 +0100 Subject: [PATCH] Applying patches from upstream 'maint' branch fixing grave coding errors - 10_check_apt_fix_memset.dpatch - 10_check_ntp_null_termination.dpatch - 10_check_real_null_termination.dpatch --- debian/patches/00list | 3 ++ debian/patches/10_check_apt_fix_memset.dpatch | 31 +++++++++++++++++++ .../10_check_ntp_null_termination.dpatch | 29 +++++++++++++++++ .../10_check_real_null_termination.dpatch | 29 +++++++++++++++++ 4 files changed, 92 insertions(+) create mode 100644 debian/patches/10_check_apt_fix_memset.dpatch create mode 100644 debian/patches/10_check_ntp_null_termination.dpatch create mode 100644 debian/patches/10_check_real_null_termination.dpatch diff --git a/debian/patches/00list b/debian/patches/00list index 35b85ec..afdf8b5 100644 --- a/debian/patches/00list +++ b/debian/patches/00list @@ -1,2 +1,5 @@ 02_check_icmp_links.dpatch # commited upstream +10_check_apt_fix_memset.dpatch +10_check_ntp_null_termination.dpatch +10_check_real_null_termination.dpatch diff --git a/debian/patches/10_check_apt_fix_memset.dpatch b/debian/patches/10_check_apt_fix_memset.dpatch new file mode 100644 index 0000000..fa01474 --- /dev/null +++ b/debian/patches/10_check_apt_fix_memset.dpatch @@ -0,0 +1,31 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 10_check_apt_fix_memset.dpatch by Jan Wagner + +From b7fc2eb15aa02da234e9fd2f4ab021bfff6c00c2 Mon Sep 17 00:00:00 2001 +From: Sebastian Herbszt +Date: Wed, 26 Nov 2014 23:51:00 +0100 +Subject: [PATCH] check_apt: fix memset +Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/b7fc2eb15aa02da234e9fd2f4ab021bfff6c00c2.patch + +Fix memset introduced by commit 9ce7369 ("plugins/check_apt.c - Print uninitialized ereg"). + +@DPATCH@ + +Signed-off-by: Sebastian Herbszt +--- + plugins/check_apt.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plugins/check_apt.c b/plugins/check_apt.c +index 07622c2..8747f90 100644 +--- a/plugins/check_apt.c ++++ b/plugins/check_apt.c +@@ -224,7 +224,7 @@ int run_upgrade(int *pkgcount, int *secpkgcount){ + char *cmdline=NULL, rerrbuf[64]; + + /* initialize ereg as it is possible it is printed while uninitialized */ +- memset(&ereg, "\0", sizeof(ereg.buffer)); ++ memset(&ereg, '\0', sizeof(ereg.buffer)); + + if(upgrade==NO_UPGRADE) return STATE_OK; + diff --git a/debian/patches/10_check_ntp_null_termination.dpatch b/debian/patches/10_check_ntp_null_termination.dpatch new file mode 100644 index 0000000..5856bfd --- /dev/null +++ b/debian/patches/10_check_ntp_null_termination.dpatch @@ -0,0 +1,29 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 10_check_ntp_null_termination.dpatch by Jan Wagner + +From a4a1b37be0ff96492d13e87ce59c82482d961f56 Mon Sep 17 00:00:00 2001 +From: Sebastian Herbszt +Date: Wed, 26 Nov 2014 23:54:49 +0100 +Subject: [PATCH] check_ntp: fix null termination +Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/a4a1b37be0ff96492d13e87ce59c82482d961f56.patch + +Fix null termination introduced by commit a04df3e ("plugins/check_ntp.c - Verify struct from response"). + +Signed-off-by: Sebastian Herbszt +--- + plugins/check_ntp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c +index 09a923e..546802a 100644 +--- a/plugins/check_ntp.c ++++ b/plugins/check_ntp.c +@@ -616,7 +616,7 @@ double jitter_request(const char *host, int *status){ + if (bytes_read != ntp_cm_ints + req.count) + die(STATE_UNKNOWN, _("Invalid NTP response: %d bytes read does not equal %d plus %d data segment"), bytes_read, ntp_cm_ints, req.count); + /* else null terminate */ +- strncpy(req.data[req.count], "\0", 1); ++ req.data[req.count] = '\0'; + + DBG(print_ntp_control_message(&req)); + diff --git a/debian/patches/10_check_real_null_termination.dpatch b/debian/patches/10_check_real_null_termination.dpatch new file mode 100644 index 0000000..86a3bb9 --- /dev/null +++ b/debian/patches/10_check_real_null_termination.dpatch @@ -0,0 +1,29 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 10_check_real_null_termination.dpatch by Jan Wagner + +From 30f0eeed578a1606eb53e135c1c5417d61d56295 Mon Sep 17 00:00:00 2001 +From: Sebastian Herbszt +Date: Thu, 27 Nov 2014 00:03:23 +0100 +Subject: [PATCH] check_real: fix null termination +Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/30f0eeed578a1606eb53e135c1c5417d61d56295.patch + +Fix null termination introduced by commit b61f51a ("plugins/check_real.c - recv string null terminate"). + +Signed-off-by: Sebastian Herbszt +--- + plugins/check_real.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plugins/check_real.c b/plugins/check_real.c +index 36f6413..1816bf5 100644 +--- a/plugins/check_real.c ++++ b/plugins/check_real.c +@@ -178,7 +178,7 @@ main (int argc, char **argv) + + /* watch for the REAL connection string */ + result = recv (sd, buffer, MAX_INPUT_BUFFER - 1, 0); +- buffer[result] = "\0"; /* null terminate recieved buffer */ ++ buffer[result] = '\0'; /* null terminate recieved buffer */ + + /* return a CRITICAL status if we couldn't read any data */ + if (result == -1) {