[rrdtool-maint] Bug#952964: Security update breaks graph generation: 'range out of order in character class'
Hans van Kranenburg
hans at knorrie.org
Mon Mar 2 12:26:34 GMT 2020
Package: rrdtool
Version: 1.4.8-1.2+deb8u1
Hi, the patch in the Jessie security update that was just released
properly breaks creating graphs.
The patch contains the following line:
#define FLOAT_STRING "%[+- 0#]?[0-9]*([.][0-9]+)?l[eEfF]"
Now, [+- 0#] is not a valid character class for a regex, because the -
defines a range, and a range from '+' to ' ' is not valid.
[RRD ERROR] Unable to graph
/var/lib/munin/cgi-tmp/munin-cgi-graph/[...].png : cannot compile
regular expression: Error while compiling regular expression
^(?:[^%]+|%%)*%[+-
0#]?[0-9]*([.][0-9]+)?l[eEfF](?:[^%]+|%%)*%s(?:[^%]+|%%)*$ at char 18:
range out of order in character class (^(?:[^%]+|%%)*%[+-
0#]?[0-9]*([.][0-9]+)?l[eEfF](?:[^%]+|%%)*%s(?:[^%]+|%%)*$)
Upstream did a fixup commit, 1615689e259bfd67e43cf7711948abc23f998ca9
which you missed to include:
https://github.com/oetiker/rrdtool-1.x/commit/1615689e259bfd67e43cf7711948abc23f998ca9
Thanks,
Hans van Kranenburg
More information about the pkg-rrdtool-maint
mailing list