[Pkg-nagios-changes] [pkg-nsca] 05/11: Add patch by Xiwen Cheng to fix potential buffer overflow. (closes: #685455)
Bas Couwenberg
sebastic at debian.org
Fri Dec 9 17:24:31 UTC 2016
This is an automated email from the git hooks/post-receive script.
sebastic pushed a commit to branch master
in repository pkg-nsca.
commit e7bfb17555c3ecd3de534c436ec8f2d2db5409e6
Author: Bas Couwenberg <sebastic at xs4all.nl>
Date: Fri Dec 9 16:33:57 2016 +0100
Add patch by Xiwen Cheng to fix potential buffer overflow. (closes: #685455)
---
debian/changelog | 2 ++
debian/patches/11_fix-potential-buffer-overflow.patch | 17 +++++++++++++++++
debian/patches/series | 1 +
3 files changed, 20 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index e2d8fb9..b38b446 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -43,6 +43,8 @@ nsca (2.9.1-4) UNRELEASED; urgency=medium
* Add Brazilian Portuguese debconf templates translation
by Adriano Rafael Gomes.
(closes: #824332)
+ * Add patch by Xiwen Cheng to fix potential buffer overflow.
+ (closes: #685455)
-- Bas Couwenberg <sebastic at debian.org> Sun, 04 Dec 2016 00:04:22 +0100
diff --git a/debian/patches/11_fix-potential-buffer-overflow.patch b/debian/patches/11_fix-potential-buffer-overflow.patch
new file mode 100644
index 0000000..087eaca
--- /dev/null
+++ b/debian/patches/11_fix-potential-buffer-overflow.patch
@@ -0,0 +1,17 @@
+Description: Fix potential buffer overflow.
+Author: Xiwen Cheng <xiwen.cheng at mendix.com>
+Bug-Debian: https://bugs.debian.org/685455
+
+--- a/src/send_nsca.c
++++ b/src/send_nsca.c
+@@ -215,6 +215,10 @@ int main(int argc, char **argv){
+ input_buffer[pos] = c;
+ c = getc(stdin);
+ pos++;
++ if(pos>=MAX_INPUT_BUFFER-1){
++ printf("Warning: packet[%d] truncated to %d bytes.\n",total_packets, MAX_INPUT_BUFFER);
++ break;
++ }
+ }
+ input_buffer[pos] = 0;
+ strip(input_buffer);
diff --git a/debian/patches/series b/debian/patches/series
index 1984b7b..56845e2 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -8,3 +8,4 @@
08_race-condition-when-opening-command-file.patch
09_reserved-identifier-violation.patch
10_nsca-close-POLLNVAL-accept-bug-causes-hang.patch
+11_fix-potential-buffer-overflow.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-nagios/pkg-nsca.git
More information about the Pkg-nagios-changes
mailing list