--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
Please pre-approval unblock package monitoring-plugins.
I uploaded the version 2.1-2 which fixed some not unserious issues some
days ago. Unfortunately this fixes was uncomplete.
Upstream this issues was addressed in the 'maint' branch[1].
This upload has 2 patches from upstream 'maint' branch fixing check_ntp
regressions from 2.1-2 and one small bugfix for check_tcp help output.
There is also a upstream release 2.1.1 expected in the next days
(hopefully tomorrow) including all but only the changed from the
upstream 'maint' branch. Should I just try to grab this new release or
stick with 2.1 upstream and just deliver the patches from this branch?
Anyways this should be the same codebase (after apllying patches) in
both cases.
The full debdiff stat is:
changelog | 13 ++++
patches/00list | 6 +-
patches/10_check_ntp_null_termination.dpatch | 2
patches/10_check_real_null_termination.dpatch | 2
patches/10_check_tcp_fix_help_escape.dpatch | 31 +++++++++++
patches/11_check_ntp_revert_n-p_coverty_fix.dpatch | 56
++++++++++++++++++++
patches/12_check_ntp_null_termination_jitter.dpatch | 48
+++++++++++++++++
7 files changed, 157 insertions(+), 1 deletion(-)
The changelog is:
monitoring-plugins (2.1-3) unstable; urgency=high
* [fecca17] Applying more patches from upstream 'maint' branch fixing the
check_ntp fix and a small escape in check_tcp
- 10_check_tcp_fix_help_escape.dpatch
- 11_check_ntp_revert_n-p_coverty_fix.dpatch
- 12_check_ntp_null_termination_jitter.dpatch
* [92d5f60] Fixing dpatch macro
- 10_check_ntp_null_termination.dpatch
- 10_check_real_null_termination.dpatch
-- Jan Wagner <w...@cyconet.org> Mon, 01 Dec 2014 21:29:16 +0100
The source debdiff is attached.
Many thanks, Jan.
[1] https://github.com/monitoring-plugins/monitoring-plugins/commits/maint
--
Never write mail to <w...@spamfalle.info>, you have been warned!
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GIT d-- s+: a C+++ UL++++ P+ L+++ E--- W+++ N+++ o++ K++ w--- O M V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h---- r+++ y++++
------END GEEK CODE BLOCK------
diff --git a/debian/changelog b/debian/changelog
index 89fa83d..4f8e3be 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,16 @@
+monitoring-plugins (2.1-3) unstable; urgency=high
+
+ * [fecca17] Applying more patches from upstream 'maint' branch fixing the
+ check_ntp fix and a small escape in check_tcp
+ - 10_check_tcp_fix_help_escape.dpatch
+ - 11_check_ntp_revert_n-p_coverty_fix.dpatch
+ - 12_check_ntp_null_termination_jitter.dpatch
+ * [92d5f60] Fixing dpatch macro
+ - 10_check_ntp_null_termination.dpatch
+ - 10_check_real_null_termination.dpatch
+
+ -- Jan Wagner <w...@cyconet.org> Mon, 01 Dec 2014 21:29:16 +0100
+
monitoring-plugins (2.1-2) unstable; urgency=high
* [d4bbd4c] Applying patches from upstream 'maint' branch
diff --git a/debian/patches/00list b/debian/patches/00list
index afdf8b5..98d6acd 100644
--- a/debian/patches/00list
+++ b/debian/patches/00list
@@ -1,5 +1,9 @@
02_check_icmp_links.dpatch
# commited upstream
10_check_apt_fix_memset.dpatch
-10_check_ntp_null_termination.dpatch
+10_check_tcp_fix_help_escape.dpatch
10_check_real_null_termination.dpatch
+10_check_ntp_null_termination.dpatch
+11_check_ntp_revert_n-p_coverty_fix.dpatch
+12_check_ntp_null_termination_jitter.dpatch
+
diff --git a/debian/patches/10_check_ntp_null_termination.dpatch b/debian/patches/10_check_ntp_null_termination.dpatch
index 5856bfd..88d8cef 100644
--- a/debian/patches/10_check_ntp_null_termination.dpatch
+++ b/debian/patches/10_check_ntp_null_termination.dpatch
@@ -9,6 +9,8 @@ Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commi
Fix null termination introduced by commit a04df3e ("plugins/check_ntp.c - Verify struct from response").
+@DPATCH@
+
Signed-off-by: Sebastian Herbszt <herb...@gmx.de>
---
plugins/check_ntp.c | 2 +-
diff --git a/debian/patches/10_check_real_null_termination.dpatch b/debian/patches/10_check_real_null_termination.dpatch
index 86a3bb9..649d9dc 100644
--- a/debian/patches/10_check_real_null_termination.dpatch
+++ b/debian/patches/10_check_real_null_termination.dpatch
@@ -9,6 +9,8 @@ Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commi
Fix null termination introduced by commit b61f51a ("plugins/check_real.c - recv string null terminate").
+@DPATCH@
+
Signed-off-by: Sebastian Herbszt <herb...@gmx.de>
---
plugins/check_real.c | 2 +-
diff --git a/debian/patches/10_check_tcp_fix_help_escape.dpatch b/debian/patches/10_check_tcp_fix_help_escape.dpatch
new file mode 100644
index 0000000..d958d27
--- /dev/null
+++ b/debian/patches/10_check_tcp_fix_help_escape.dpatch
@@ -0,0 +1,31 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 10_check_tcp_fix_help_escape.dpatch by Jan Wagner <w...@cyconet.org>
+
+From 22dfca20fd83da319ec23160e0092a602b6c1eea Mon Sep 17 00:00:00 2001
+From: Sebastian Herbszt <herb...@gmx.de>
+Date: Sun, 30 Nov 2014 23:57:47 +0100
+Subject: [PATCH] check_tcp: fix help description regarding escape option
+Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/22dfca20fd83da319ec23160e0092a602b6c1eea.patch
+
+The help description should print '\\' for backslash not just '\'.
+
+@DPATCH@
+
+Signed-off-by: Sebastian Herbszt <herb...@gmx.de>
+---
+ plugins/check_tcp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c
+index fc0adba..63f9fd9 100644
+--- a/plugins/check_tcp.c
++++ b/plugins/check_tcp.c
+@@ -643,7 +643,7 @@ print_help (void)
+ printf (UT_IPv46);
+
+ printf (" %s\n", "-E, --escape");
+- printf (" %s\n", _("Can use \\n, \\r, \\t or \\ in send or quit string. Must come before send or quit option"));
++ printf (" %s\n", _("Can use \\n, \\r, \\t or \\\\ in send or quit string. Must come before send or quit option"));
+ printf (" %s\n", _("Default: nothing added to send, \\r\\n added to end of quit"));
+ printf (" %s\n", "-s, --send=STRING");
+ printf (" %s\n", _("String to send to the server"));
diff --git a/debian/patches/11_check_ntp_revert_n-p_coverty_fix.dpatch b/debian/patches/11_check_ntp_revert_n-p_coverty_fix.dpatch
new file mode 100644
index 0000000..0886e15
--- /dev/null
+++ b/debian/patches/11_check_ntp_revert_n-p_coverty_fix.dpatch
@@ -0,0 +1,56 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 11_check_ntp_revert_n-p_coverty_fix.dpatch by Jan Wagner <w...@cyconet.org>
+From 5871123e0a5f520f810b2cfe03cef16c4c5a1aee Mon Sep 17 00:00:00 2001
+From: Holger Weiss <hol...@zedat.fu-berlin.de>
+Date: Sun, 30 Nov 2014 23:39:59 +0100
+Subject: [PATCH] Revert "plugins/check_ntp.c - Verify struct from response"
+Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/5871123e0a5f520f810b2cfe03cef16c4c5a1aee.patch
+
+This reverts commit a04df3e1b67dc5eab3adc202cc89901f801cdeaa. The "fix"
+was bogus in many ways and broke jitter checking.
+
+@DPATCH@
+
+Conflicts:
+ plugins/check_ntp.c
+---
+ plugins/check_ntp.c | 13 ++-----------
+ 1 file changed, 2 insertions(+), 11 deletions(-)
+
+diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c
+index 546802a..0a7640a 100644
+--- a/plugins/check_ntp.c
++++ b/plugins/check_ntp.c
+@@ -517,14 +517,13 @@ setup_control_request(ntp_control_message *p, uint8_t opcode, uint16_t seq){
+ double jitter_request(const char *host, int *status){
+ int conn=-1, i, npeers=0, num_candidates=0, syncsource_found=0;
+ int run=0, min_peer_sel=PEER_INCLUDED, num_selected=0, num_valid=0;
+- int peers_size=0, peer_offset=0, bytes_read=0;
++ int peers_size=0, peer_offset=0;
+ ntp_assoc_status_pair *peers=NULL;
+ ntp_control_message req;
+ const char *getvar = "jitter";
+ double rval = 0.0, jitter = -1.0;
+ char *startofvalue=NULL, *nptr=NULL;
+ void *tmp;
+- int ntp_cm_ints = sizeof(uint16_t) * 5 + sizeof(uint8_t) * 2;
+
+ /* Long-winded explanation:
+ * Getting the jitter requires a number of steps:
+@@ -609,15 +608,7 @@ double jitter_request(const char *host, int *status){
+
+ req.count = htons(MAX_CM_SIZE);
+ DBG(printf("recieving READVAR response...\n"));
+-
+- /* cov-66524 - req.data not null terminated before usage. Also covers verifying struct was returned correctly*/
+- if ((bytes_read = read(conn, &req, SIZEOF_NTPCM(req))) == -1)
+- die(STATE_UNKNOWN, _("Cannot read from socket: %s"), strerror(errno));
+- if (bytes_read != ntp_cm_ints + req.count)
+- die(STATE_UNKNOWN, _("Invalid NTP response: %d bytes read does not equal %d plus %d data segment"), bytes_read, ntp_cm_ints, req.count);
+- /* else null terminate */
+- req.data[req.count] = '\0';
+-
++ read(conn, &req, SIZEOF_NTPCM(req));
+ DBG(print_ntp_control_message(&req));
+
+ if(req.op&REM_ERROR && strstr(getvar, "jitter")) {
diff --git a/debian/patches/12_check_ntp_null_termination_jitter.dpatch b/debian/patches/12_check_ntp_null_termination_jitter.dpatch
new file mode 100644
index 0000000..6d5cf50
--- /dev/null
+++ b/debian/patches/12_check_ntp_null_termination_jitter.dpatch
@@ -0,0 +1,48 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 12_check_ntp_null_termination_jitter.dpatch by Jan Wagner <w...@cyconet.org>
+
+From 99b3bfe488a856df059e933c796590eea0baae8d Mon Sep 17 00:00:00 2001
+From: Holger Weiss <hol...@zedat.fu-berlin.de>
+Date: Mon, 1 Dec 2014 01:07:53 +0100
+Subject: [PATCH] check_ntp: Nul-terminate jitter data
+Origin: upstream, https://github.com/monitoring-plugins/monitoring-plugins/commit/99b3bfe488a856df059e933c796590eea0baae8d.patch
+
+Make sure the jitter response is nul-terminated before parsing the data
+using string functions.
+
+@DPATCH@
+
+---
+ plugins/check_ntp.c | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c
+index 0a7640a..a7d278d 100644
+--- a/plugins/check_ntp.c
++++ b/plugins/check_ntp.c
+@@ -590,6 +590,9 @@ double jitter_request(const char *host, int *status){
+ for (i = 0; i < npeers; i++){
+ /* Only query this server if it is the current sync source */
+ if (PEER_SEL(peers[i].status) >= min_peer_sel){
++ char jitter_data[MAX_CM_SIZE+1];
++ size_t jitter_data_count;
++
+ num_selected++;
+ setup_control_request(&req, OP_READVAR, 2);
+ req.assoc = peers[i].assoc;
+@@ -623,7 +626,14 @@ double jitter_request(const char *host, int *status){
+ if(verbose) {
+ printf("parsing jitter from peer %.2x: ", ntohs(peers[i].assoc));
+ }
+- startofvalue = strchr(req.data, '=');
++ if((jitter_data_count = ntohs(req.count)) >= sizeof(jitter_data)){
++ die(STATE_UNKNOWN,
++ _("jitter response too large (%lu bytes)\n"),
++ (unsigned long)jitter_data_count);
++ }
++ memcpy(jitter_data, req.data, jitter_data_count);
++ jitter_data[jitter_data_count] = '\0';
++ startofvalue = strchr(jitter_data, '=');
+ if(startofvalue != NULL) {
+ startofvalue++;
+ jitter = strtod(startofvalue, &nptr);
signature.asc
Description: OpenPGP digital signature
--- End Message ---
