Bug#771412: unblock: monitoring-plugins/2.1-2

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#771412: unblock: monitoring-plugins/2.1-2
From: Jan Wagner <waja@cyconet.org>
Date: Sat, 29 Nov 2014 11:47:18 +0100
Message-id: <[🔎] 5479A436.2060002@cyconet.org>
Reply-to: Jan Wagner <waja@cyconet.org>, 771412@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package monitoring-plugins as discussed on IRC earlier today.

This upload has 3 patches (one liner) from upstream 'maint' branch
fixing grave coding errors.

The full debdiff stat is:

 debian/patches/10_check_apt_fix_memset.dpatch        |   31
+++++++++++++++++++
 debian/patches/10_check_ntp_null_termination.dpatch  |   29
+++++++++++++++++
 debian/patches/10_check_real_null_termination.dpatch |   29
+++++++++++++++++
 monitoring-plugins-2.1/debian/changelog              |   10 ++++++
 monitoring-plugins-2.1/debian/patches/00list         |    3 +
 5 files changed, 102 insertions(+)

The changelog is:

 monitoring-plugins (2.1-2) unstable; urgency=high
 .
   * [d4bbd4c] Applying patches from upstream 'maint' branch
     fixing grave coding errors
     - 10_check_apt_fix_memset.dpatch
     - 10_check_ntp_null_termination.dpatch
     - 10_check_real_null_termination.dpatch

The source debdiff is attached.

Many thanks, Jan.
-- 
Never write mail to <waja@spamfalle.info>, you have been warned!
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GIT d-- s+: a C+++ UL++++ P+ L+++ E--- W+++ N+++ o++ K++ w--- O M V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h---- r+++ y++++
------END GEEK CODE BLOCK------

diff -u monitoring-plugins-2.1/debian/changelog monitoring-plugins-2.1/debian/changelog
--- monitoring-plugins-2.1/debian/changelog
+++ monitoring-plugins-2.1/debian/changelog
@@ -1,3 +1,13 @@
+monitoring-plugins (2.1-2) unstable; urgency=high
+
+  * [d4bbd4c] Applying patches from upstream 'maint' branch
+    fixing grave coding errors
+    - 10_check_apt_fix_memset.dpatch
+    - 10_check_ntp_null_termination.dpatch
+    - 10_check_real_null_termination.dpatch
+
+ -- Jan Wagner <waja@cyconet.org>  Sat, 29 Nov 2014 11:12:58 +0100
+
 monitoring-plugins (2.1-1) unstable; urgency=medium
 
   * [060ec72] Imported Upstream version 2.1 (Closes: #758662)
diff -u monitoring-plugins-2.1/debian/patches/00list monitoring-plugins-2.1/debian/patches/00list
--- monitoring-plugins-2.1/debian/patches/00list
+++ monitoring-plugins-2.1/debian/patches/00list
@@ -2,0 +3,3 @@
+10_check_apt_fix_memset.dpatch
+10_check_ntp_null_termination.dpatch
+10_check_real_null_termination.dpatch
only in patch2:
unchanged:
--- monitoring-plugins-2.1.orig/debian/patches/10_check_apt_fix_memset.dpatch
+++ monitoring-plugins-2.1/debian/patches/10_check_apt_fix_memset.dpatch
@@ -0,0 +1,31 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 10_check_apt_fix_memset.dpatch by Jan Wagner <waja@cyconet.org>
+
+From b7fc2eb15aa02da234e9fd2f4ab021bfff6c00c2 Mon Sep 17 00:00:00 2001
+From: Sebastian Herbszt <herbszt@gmx.de>
+Date: Wed, 26 Nov 2014 23:51:00 +0100
+Subject: [PATCH] check_apt: fix memset
+Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/b7fc2eb15aa02da234e9fd2f4ab021bfff6c00c2.patch
+
+Fix memset introduced by commit 9ce7369 ("plugins/check_apt.c - Print uninitialized ereg").
+
+@DPATCH@
+
+Signed-off-by: Sebastian Herbszt <herbszt@gmx.de>
+---
+ plugins/check_apt.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/plugins/check_apt.c b/plugins/check_apt.c
+index 07622c2..8747f90 100644
+--- a/plugins/check_apt.c
++++ b/plugins/check_apt.c
+@@ -224,7 +224,7 @@ int run_upgrade(int *pkgcount, int *secpkgcount){
+ 	char *cmdline=NULL, rerrbuf[64];
+ 
+ 	/* initialize ereg as it is possible it is printed while uninitialized */
+-	memset(&ereg, "\0", sizeof(ereg.buffer));
++	memset(&ereg, '\0', sizeof(ereg.buffer));
+ 
+ 	if(upgrade==NO_UPGRADE) return STATE_OK;
+ 
only in patch2:
unchanged:
--- monitoring-plugins-2.1.orig/debian/patches/10_check_ntp_null_termination.dpatch
+++ monitoring-plugins-2.1/debian/patches/10_check_ntp_null_termination.dpatch
@@ -0,0 +1,29 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 10_check_ntp_null_termination.dpatch by Jan Wagner <waja@cyconet.org>
+
+From a4a1b37be0ff96492d13e87ce59c82482d961f56 Mon Sep 17 00:00:00 2001
+From: Sebastian Herbszt <herbszt@gmx.de>
+Date: Wed, 26 Nov 2014 23:54:49 +0100
+Subject: [PATCH] check_ntp: fix null termination
+Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/a4a1b37be0ff96492d13e87ce59c82482d961f56.patch
+
+Fix null termination introduced by commit a04df3e ("plugins/check_ntp.c - Verify struct from response").
+
+Signed-off-by: Sebastian Herbszt <herbszt@gmx.de>
+---
+ plugins/check_ntp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c
+index 09a923e..546802a 100644
+--- a/plugins/check_ntp.c
++++ b/plugins/check_ntp.c
+@@ -616,7 +616,7 @@ double jitter_request(const char *host, int *status){
+ 				if (bytes_read != ntp_cm_ints + req.count)
+ 					die(STATE_UNKNOWN, _("Invalid NTP response: %d bytes read does not equal %d plus %d data segment"), bytes_read, ntp_cm_ints, req.count); 
+ 				/* else null terminate */
+-				strncpy(req.data[req.count], "\0", 1);
++				req.data[req.count] = '\0';
+ 
+ 				DBG(print_ntp_control_message(&req));
+ 
only in patch2:
unchanged:
--- monitoring-plugins-2.1.orig/debian/patches/10_check_real_null_termination.dpatch
+++ monitoring-plugins-2.1/debian/patches/10_check_real_null_termination.dpatch
@@ -0,0 +1,29 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 10_check_real_null_termination.dpatch by Jan Wagner <waja@cyconet.org>
+
+From 30f0eeed578a1606eb53e135c1c5417d61d56295 Mon Sep 17 00:00:00 2001
+From: Sebastian Herbszt <herbszt@gmx.de>
+Date: Thu, 27 Nov 2014 00:03:23 +0100
+Subject: [PATCH] check_real: fix null termination
+Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/30f0eeed578a1606eb53e135c1c5417d61d56295.patch
+
+Fix null termination introduced by commit b61f51a ("plugins/check_real.c - recv string null terminate").
+
+Signed-off-by: Sebastian Herbszt <herbszt@gmx.de>
+---
+ plugins/check_real.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/plugins/check_real.c b/plugins/check_real.c
+index 36f6413..1816bf5 100644
+--- a/plugins/check_real.c
++++ b/plugins/check_real.c
+@@ -178,7 +178,7 @@ main (int argc, char **argv)
+ 
+ 		/* watch for the REAL connection string */
+ 		result = recv (sd, buffer, MAX_INPUT_BUFFER - 1, 0);
+-		buffer[result] = "\0"; /* null terminate recieved buffer */
++		buffer[result] = '\0'; /* null terminate recieved buffer */
+ 
+ 		/* return a CRITICAL status if we couldn't read any data */
+ 		if (result == -1) {

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Bug#771412: marked as done (unblock: monitoring-plugins/2.1-2)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Processed: tagging 771374
Next by Date: Bug#771061: marked as done (unblock: android-platform-system-core/21-6)
Previous by thread: Processed: tagging 771374
Next by thread: Bug#771412: marked as done (unblock: monitoring-plugins/2.1-2)
Index(es):
- Date
- Thread