[pkgsrc/trunk]: pkgsrc/net/nagios-plugins Crash fix: initialize variable, che...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/net/nagios-plugins Crash fix: initialize variable, che...
From: manu <manu%pkgsrc.org@localhost>
Date: Wed, 15 Jan 2020 09:42:53 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/7d9a3c74de62
branches:  trunk
changeset: 383532:7d9a3c74de62
user:      manu <manu%pkgsrc.org@localhost>
date:      Fri Aug 03 14:03:09 2018 +0000

description:
Crash fix: initialize variable, check bounds on string copy.

diffstat:

 net/nagios-plugins/distinfo                             |   3 +-
 net/nagios-plugins/patches/patch-plugins_check_nagios.c |  29 +++++++++++++++++
 2 files changed, 31 insertions(+), 1 deletions(-)

diffs (47 lines):

diff -r 4b0aff3c65ee -r 7d9a3c74de62 net/nagios-plugins/distinfo
--- a/net/nagios-plugins/distinfo       Fri Aug 03 09:19:56 2018 +0000
+++ b/net/nagios-plugins/distinfo       Fri Aug 03 14:03:09 2018 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.23 2017/11/08 03:20:48 taca Exp $
+$NetBSD: distinfo,v 1.24 2018/08/03 14:03:09 manu Exp $
 
 SHA1 (nagios-plugins-2.2.1.tar.gz) = 0d3fc8876343a906f0dcc2c00850e4ad956a150a
 RMD160 (nagios-plugins-2.2.1.tar.gz) = 39c364ac08854a1829d47562d4add1ae58a49334
@@ -15,3 +15,4 @@
 SHA1 (patch-plugins-scripts_check__wave.pl) = 535b008877cad780afa2ed3429ffb84e7da3ec28
 SHA1 (patch-plugins__check_swap.c) = b822de3488ecace977a739ebcfc56229763cd945
 SHA1 (patch-plugins_check__radius.c) = 3f86bac4f7aa52931bad46d9ee4a421c2ee744f3
+SHA1 (patch-plugins_check_nagios.c) = a137ba674b2b61daa3af9a7be705d30af4a48aa8
diff -r 4b0aff3c65ee -r 7d9a3c74de62 net/nagios-plugins/patches/patch-plugins_check_nagios.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/nagios-plugins/patches/patch-plugins_check_nagios.c   Fri Aug 03 14:03:09 2018 +0000
@@ -0,0 +1,29 @@
+$NetBSD: patch-plugins_check_nagios.c,v 1.1 2018/08/03 14:03:09 manu Exp $
+
+Crash fix: initialize variable, check bounds on string copy.
+
+--- plugins/check_nagios.c.orig
++++ plugins/check_nagios.c
+@@ -71,9 +71,9 @@
+       char procstat[8];
+ #ifdef PS_USES_PROCETIME
+       char procetime[MAX_INPUT_BUFFER];
+ #endif /* PS_USES_PROCETIME */
+-      char procprog[MAX_INPUT_BUFFER];
++      char procprog[MAX_INPUT_BUFFER] = { '\0' };
+       char *procargs;
+       int pos, cols;
+       int expected_cols = PS_COLS - 1;
+       const char *zombie = "Z";
+@@ -143,9 +143,10 @@
+ 
+                       /* Some ps return full pathname for command. This removes path */
+                       temp_string = strtok ((char *)procprog, "/");
+                       while (temp_string) {
+-                              strcpy(procprog, temp_string);
++                              strncpy(procprog, temp_string, sizeof(procprog));
++                              procprog[sizeof(procprog) - 1] = '\0';
+                               temp_string = strtok (NULL, "/");
+                       }
+ 
+                       /* May get empty procargs */

Prev by Date: [pkgsrc/trunk]: pkgsrc/net/gallery-dl gallery-dl: Update net/gallery-dl to 1.5.0
Next by Date: [pkgsrc/trunk]: pkgsrc/devel/js_of_ocaml Added dependency to camlp4 option fo...
Previous by Thread: [pkgsrc/trunk]: pkgsrc/net/gallery-dl gallery-dl: Update net/gallery-dl to 1.5.0
Next by Thread: [pkgsrc/trunk]: pkgsrc/devel/js_of_ocaml Added dependency to camlp4 option fo...
Indexes:

Home | Main Index | Thread Index | Old Index