Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: unblock Please unblock package monitoring-plugins as discussed on IRC earlier today. This upload has 3 patches (one liner) from upstream 'maint' branch fixing grave coding errors. The full debdiff stat is: debian/patches/10_check_apt_fix_memset.dpatch | 31 +++++++++++++++++++ debian/patches/10_check_ntp_null_termination.dpatch | 29 +++++++++++++++++ debian/patches/10_check_real_null_termination.dpatch | 29 +++++++++++++++++ monitoring-plugins-2.1/debian/changelog | 10 ++++++ monitoring-plugins-2.1/debian/patches/00list | 3 + 5 files changed, 102 insertions(+) The changelog is: monitoring-plugins (2.1-2) unstable; urgency=high . * [d4bbd4c] Applying patches from upstream 'maint' branch fixing grave coding errors - 10_check_apt_fix_memset.dpatch - 10_check_ntp_null_termination.dpatch - 10_check_real_null_termination.dpatch The source debdiff is attached. Many thanks, Jan. -- Never write mail to <waja@spamfalle.info>, you have been warned! -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GIT d-- s+: a C+++ UL++++ P+ L+++ E--- W+++ N+++ o++ K++ w--- O M V- PS PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h---- r+++ y++++ ------END GEEK CODE BLOCK------
diff -u monitoring-plugins-2.1/debian/changelog monitoring-plugins-2.1/debian/changelog --- monitoring-plugins-2.1/debian/changelog +++ monitoring-plugins-2.1/debian/changelog @@ -1,3 +1,13 @@ +monitoring-plugins (2.1-2) unstable; urgency=high + + * [d4bbd4c] Applying patches from upstream 'maint' branch + fixing grave coding errors + - 10_check_apt_fix_memset.dpatch + - 10_check_ntp_null_termination.dpatch + - 10_check_real_null_termination.dpatch + + -- Jan Wagner <waja@cyconet.org> Sat, 29 Nov 2014 11:12:58 +0100 + monitoring-plugins (2.1-1) unstable; urgency=medium * [060ec72] Imported Upstream version 2.1 (Closes: #758662) diff -u monitoring-plugins-2.1/debian/patches/00list monitoring-plugins-2.1/debian/patches/00list --- monitoring-plugins-2.1/debian/patches/00list +++ monitoring-plugins-2.1/debian/patches/00list @@ -2,0 +3,3 @@ +10_check_apt_fix_memset.dpatch +10_check_ntp_null_termination.dpatch +10_check_real_null_termination.dpatch only in patch2: unchanged: --- monitoring-plugins-2.1.orig/debian/patches/10_check_apt_fix_memset.dpatch +++ monitoring-plugins-2.1/debian/patches/10_check_apt_fix_memset.dpatch @@ -0,0 +1,31 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 10_check_apt_fix_memset.dpatch by Jan Wagner <waja@cyconet.org> + +From b7fc2eb15aa02da234e9fd2f4ab021bfff6c00c2 Mon Sep 17 00:00:00 2001 +From: Sebastian Herbszt <herbszt@gmx.de> +Date: Wed, 26 Nov 2014 23:51:00 +0100 +Subject: [PATCH] check_apt: fix memset +Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/b7fc2eb15aa02da234e9fd2f4ab021bfff6c00c2.patch + +Fix memset introduced by commit 9ce7369 ("plugins/check_apt.c - Print uninitialized ereg"). + +@DPATCH@ + +Signed-off-by: Sebastian Herbszt <herbszt@gmx.de> +--- + plugins/check_apt.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plugins/check_apt.c b/plugins/check_apt.c +index 07622c2..8747f90 100644 +--- a/plugins/check_apt.c ++++ b/plugins/check_apt.c +@@ -224,7 +224,7 @@ int run_upgrade(int *pkgcount, int *secpkgcount){ + char *cmdline=NULL, rerrbuf[64]; + + /* initialize ereg as it is possible it is printed while uninitialized */ +- memset(&ereg, "\0", sizeof(ereg.buffer)); ++ memset(&ereg, '\0', sizeof(ereg.buffer)); + + if(upgrade==NO_UPGRADE) return STATE_OK; + only in patch2: unchanged: --- monitoring-plugins-2.1.orig/debian/patches/10_check_ntp_null_termination.dpatch +++ monitoring-plugins-2.1/debian/patches/10_check_ntp_null_termination.dpatch @@ -0,0 +1,29 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 10_check_ntp_null_termination.dpatch by Jan Wagner <waja@cyconet.org> + +From a4a1b37be0ff96492d13e87ce59c82482d961f56 Mon Sep 17 00:00:00 2001 +From: Sebastian Herbszt <herbszt@gmx.de> +Date: Wed, 26 Nov 2014 23:54:49 +0100 +Subject: [PATCH] check_ntp: fix null termination +Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/a4a1b37be0ff96492d13e87ce59c82482d961f56.patch + +Fix null termination introduced by commit a04df3e ("plugins/check_ntp.c - Verify struct from response"). + +Signed-off-by: Sebastian Herbszt <herbszt@gmx.de> +--- + plugins/check_ntp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c +index 09a923e..546802a 100644 +--- a/plugins/check_ntp.c ++++ b/plugins/check_ntp.c +@@ -616,7 +616,7 @@ double jitter_request(const char *host, int *status){ + if (bytes_read != ntp_cm_ints + req.count) + die(STATE_UNKNOWN, _("Invalid NTP response: %d bytes read does not equal %d plus %d data segment"), bytes_read, ntp_cm_ints, req.count); + /* else null terminate */ +- strncpy(req.data[req.count], "\0", 1); ++ req.data[req.count] = '\0'; + + DBG(print_ntp_control_message(&req)); + only in patch2: unchanged: --- monitoring-plugins-2.1.orig/debian/patches/10_check_real_null_termination.dpatch +++ monitoring-plugins-2.1/debian/patches/10_check_real_null_termination.dpatch @@ -0,0 +1,29 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 10_check_real_null_termination.dpatch by Jan Wagner <waja@cyconet.org> + +From 30f0eeed578a1606eb53e135c1c5417d61d56295 Mon Sep 17 00:00:00 2001 +From: Sebastian Herbszt <herbszt@gmx.de> +Date: Thu, 27 Nov 2014 00:03:23 +0100 +Subject: [PATCH] check_real: fix null termination +Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/30f0eeed578a1606eb53e135c1c5417d61d56295.patch + +Fix null termination introduced by commit b61f51a ("plugins/check_real.c - recv string null terminate"). + +Signed-off-by: Sebastian Herbszt <herbszt@gmx.de> +--- + plugins/check_real.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plugins/check_real.c b/plugins/check_real.c +index 36f6413..1816bf5 100644 +--- a/plugins/check_real.c ++++ b/plugins/check_real.c +@@ -178,7 +178,7 @@ main (int argc, char **argv) + + /* watch for the REAL connection string */ + result = recv (sd, buffer, MAX_INPUT_BUFFER - 1, 0); +- buffer[result] = "\0"; /* null terminate recieved buffer */ ++ buffer[result] = '\0'; /* null terminate recieved buffer */ + + /* return a CRITICAL status if we couldn't read any data */ + if (result == -1) {
Attachment:
signature.asc
Description: OpenPGP digital signature