[Pkg-nagios-changes] [pkg-monitoring-plugins] 01/02: Applying more patches from upstream 'maint' branch fixing the check_ntp fix and a small escape in check_tcp - 10_check_tcp_fix_help_escape.dpatch - 11_check_ntp_revert_n-p_coverty_fix.dpatch - 12_check_ntp_null_termination_jitter.dpatch
Jan Wagner
waja at moszumanska.debian.org
Mon Dec 1 08:04:58 UTC 2014
This is an automated email from the git hooks/post-receive script.
waja pushed a commit to branch master
in repository pkg-monitoring-plugins.
commit fecca17e8cfa03ce4f23b9791289a7bbe2830f11
Author: Jan Wagner <waja at cyconet.org>
Date: Mon Dec 1 08:40:52 2014 +0100
Applying more patches from upstream 'maint' branch fixing the check_ntp fix and a small escape in check_tcp
- 10_check_tcp_fix_help_escape.dpatch
- 11_check_ntp_revert_n-p_coverty_fix.dpatch
- 12_check_ntp_null_termination_jitter.dpatch
---
debian/patches/00list | 6 ++-
debian/patches/10_check_tcp_fix_help_escape.dpatch | 31 ++++++++++++
.../11_check_ntp_revert_n-p_coverty_fix.dpatch | 56 ++++++++++++++++++++++
.../12_check_ntp_null_termination_jitter.dpatch | 48 +++++++++++++++++++
4 files changed, 140 insertions(+), 1 deletion(-)
diff --git a/debian/patches/00list b/debian/patches/00list
index afdf8b5..98d6acd 100644
--- a/debian/patches/00list
+++ b/debian/patches/00list
@@ -1,5 +1,9 @@
02_check_icmp_links.dpatch
# commited upstream
10_check_apt_fix_memset.dpatch
-10_check_ntp_null_termination.dpatch
+10_check_tcp_fix_help_escape.dpatch
10_check_real_null_termination.dpatch
+10_check_ntp_null_termination.dpatch
+11_check_ntp_revert_n-p_coverty_fix.dpatch
+12_check_ntp_null_termination_jitter.dpatch
+
diff --git a/debian/patches/10_check_tcp_fix_help_escape.dpatch b/debian/patches/10_check_tcp_fix_help_escape.dpatch
new file mode 100644
index 0000000..d958d27
--- /dev/null
+++ b/debian/patches/10_check_tcp_fix_help_escape.dpatch
@@ -0,0 +1,31 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 10_check_tcp_fix_help_escape.dpatch by Jan Wagner <waja at cyconet.org>
+
+From 22dfca20fd83da319ec23160e0092a602b6c1eea Mon Sep 17 00:00:00 2001
+From: Sebastian Herbszt <herbszt at gmx.de>
+Date: Sun, 30 Nov 2014 23:57:47 +0100
+Subject: [PATCH] check_tcp: fix help description regarding escape option
+Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/22dfca20fd83da319ec23160e0092a602b6c1eea.patch
+
+The help description should print '\\' for backslash not just '\'.
+
+ at DPATCH@
+
+Signed-off-by: Sebastian Herbszt <herbszt at gmx.de>
+---
+ plugins/check_tcp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c
+index fc0adba..63f9fd9 100644
+--- a/plugins/check_tcp.c
++++ b/plugins/check_tcp.c
+@@ -643,7 +643,7 @@ print_help (void)
+ printf (UT_IPv46);
+
+ printf (" %s\n", "-E, --escape");
+- printf (" %s\n", _("Can use \\n, \\r, \\t or \\ in send or quit string. Must come before send or quit option"));
++ printf (" %s\n", _("Can use \\n, \\r, \\t or \\\\ in send or quit string. Must come before send or quit option"));
+ printf (" %s\n", _("Default: nothing added to send, \\r\\n added to end of quit"));
+ printf (" %s\n", "-s, --send=STRING");
+ printf (" %s\n", _("String to send to the server"));
diff --git a/debian/patches/11_check_ntp_revert_n-p_coverty_fix.dpatch b/debian/patches/11_check_ntp_revert_n-p_coverty_fix.dpatch
new file mode 100644
index 0000000..0886e15
--- /dev/null
+++ b/debian/patches/11_check_ntp_revert_n-p_coverty_fix.dpatch
@@ -0,0 +1,56 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 11_check_ntp_revert_n-p_coverty_fix.dpatch by Jan Wagner <waja at cyconet.org>
+From 5871123e0a5f520f810b2cfe03cef16c4c5a1aee Mon Sep 17 00:00:00 2001
+From: Holger Weiss <holger at zedat.fu-berlin.de>
+Date: Sun, 30 Nov 2014 23:39:59 +0100
+Subject: [PATCH] Revert "plugins/check_ntp.c - Verify struct from response"
+Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/5871123e0a5f520f810b2cfe03cef16c4c5a1aee.patch
+
+This reverts commit a04df3e1b67dc5eab3adc202cc89901f801cdeaa. The "fix"
+was bogus in many ways and broke jitter checking.
+
+ at DPATCH@
+
+Conflicts:
+ plugins/check_ntp.c
+---
+ plugins/check_ntp.c | 13 ++-----------
+ 1 file changed, 2 insertions(+), 11 deletions(-)
+
+diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c
+index 546802a..0a7640a 100644
+--- a/plugins/check_ntp.c
++++ b/plugins/check_ntp.c
+@@ -517,14 +517,13 @@ setup_control_request(ntp_control_message *p, uint8_t opcode, uint16_t seq){
+ double jitter_request(const char *host, int *status){
+ int conn=-1, i, npeers=0, num_candidates=0, syncsource_found=0;
+ int run=0, min_peer_sel=PEER_INCLUDED, num_selected=0, num_valid=0;
+- int peers_size=0, peer_offset=0, bytes_read=0;
++ int peers_size=0, peer_offset=0;
+ ntp_assoc_status_pair *peers=NULL;
+ ntp_control_message req;
+ const char *getvar = "jitter";
+ double rval = 0.0, jitter = -1.0;
+ char *startofvalue=NULL, *nptr=NULL;
+ void *tmp;
+- int ntp_cm_ints = sizeof(uint16_t) * 5 + sizeof(uint8_t) * 2;
+
+ /* Long-winded explanation:
+ * Getting the jitter requires a number of steps:
+@@ -609,15 +608,7 @@ double jitter_request(const char *host, int *status){
+
+ req.count = htons(MAX_CM_SIZE);
+ DBG(printf("recieving READVAR response...\n"));
+-
+- /* cov-66524 - req.data not null terminated before usage. Also covers verifying struct was returned correctly*/
+- if ((bytes_read = read(conn, &req, SIZEOF_NTPCM(req))) == -1)
+- die(STATE_UNKNOWN, _("Cannot read from socket: %s"), strerror(errno));
+- if (bytes_read != ntp_cm_ints + req.count)
+- die(STATE_UNKNOWN, _("Invalid NTP response: %d bytes read does not equal %d plus %d data segment"), bytes_read, ntp_cm_ints, req.count);
+- /* else null terminate */
+- req.data[req.count] = '\0';
+-
++ read(conn, &req, SIZEOF_NTPCM(req));
+ DBG(print_ntp_control_message(&req));
+
+ if(req.op&REM_ERROR && strstr(getvar, "jitter")) {
diff --git a/debian/patches/12_check_ntp_null_termination_jitter.dpatch b/debian/patches/12_check_ntp_null_termination_jitter.dpatch
new file mode 100644
index 0000000..6d5cf50
--- /dev/null
+++ b/debian/patches/12_check_ntp_null_termination_jitter.dpatch
@@ -0,0 +1,48 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 12_check_ntp_null_termination_jitter.dpatch by Jan Wagner <waja at cyconet.org>
+
+From 99b3bfe488a856df059e933c796590eea0baae8d Mon Sep 17 00:00:00 2001
+From: Holger Weiss <holger at zedat.fu-berlin.de>
+Date: Mon, 1 Dec 2014 01:07:53 +0100
+Subject: [PATCH] check_ntp: Nul-terminate jitter data
+Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/99b3bfe488a856df059e933c796590eea0baae8d.patch
+
+Make sure the jitter response is nul-terminated before parsing the data
+using string functions.
+
+ at DPATCH@
+
+---
+ plugins/check_ntp.c | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c
+index 0a7640a..a7d278d 100644
+--- a/plugins/check_ntp.c
++++ b/plugins/check_ntp.c
+@@ -590,6 +590,9 @@ double jitter_request(const char *host, int *status){
+ for (i = 0; i < npeers; i++){
+ /* Only query this server if it is the current sync source */
+ if (PEER_SEL(peers[i].status) >= min_peer_sel){
++ char jitter_data[MAX_CM_SIZE+1];
++ size_t jitter_data_count;
++
+ num_selected++;
+ setup_control_request(&req, OP_READVAR, 2);
+ req.assoc = peers[i].assoc;
+@@ -623,7 +626,14 @@ double jitter_request(const char *host, int *status){
+ if(verbose) {
+ printf("parsing jitter from peer %.2x: ", ntohs(peers[i].assoc));
+ }
+- startofvalue = strchr(req.data, '=');
++ if((jitter_data_count = ntohs(req.count)) >= sizeof(jitter_data)){
++ die(STATE_UNKNOWN,
++ _("jitter response too large (%lu bytes)\n"),
++ (unsigned long)jitter_data_count);
++ }
++ memcpy(jitter_data, req.data, jitter_data_count);
++ jitter_data[jitter_data_count] = '\0';
++ startofvalue = strchr(jitter_data, '=');
+ if(startofvalue != NULL) {
+ startofvalue++;
+ jitter = strtod(startofvalue, &nptr);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-nagios/pkg-monitoring-plugins.git
More information about the Pkg-nagios-changes
mailing list