Package: tmpreaper
Version: 1.6.17
Severity: normal
Tags: patch
A wrong index variable is used when building protect_table, leading to
potentially misleading debug messages.
An off-by-one error when scanning protect_table causes comparison of
inode numbers to a bogus value read from the stack, sometimes resulting
in obsolete files living forever.
The following patch addresses both.
Best regards,
g.b.
--- tmpreaper.c.old 2021-12-14 11:53:19.000000000 +0100
+++ tmpreaper.c 2024-11-22 10:00:01.189522656 +0100
@@ -521,7 +521,7 @@
if (FLAGS_PROTECT_P (flags)) {
skip = i = 0;
- do {
+ for (i = 0; protect_table[i].name; i++) {
if (sb.st_ino == protect_table[i].inode) {
message (LOG_VERBOSE,
"Entry matching `--protect' pattern
skipped. `%s'\n",
@@ -529,7 +529,7 @@
skip = 1;
break;
}
- } while (protect_table[i++].name);
+ }
if (skip)
continue;
}
@@ -1056,7 +1056,7 @@
continue;
}
protect_table[j].inode = sb.st_ino;
- protect_table[j].name = protect_glob.gl_pathv[j];
+ protect_table[j].name = protect_glob.gl_pathv[i];
j++;
}
protect_table[j].name = NULL;
-- System Information:
Debian Release: 12.8
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-27-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled
Versions of packages tmpreaper depends on:
ii debconf [debconf-2.0] 1.5.82
ii libc6 2.36-9+deb12u9
ii libmount1 2.38.1-5+deb12u2
tmpreaper recommends no packages.
tmpreaper suggests no packages.
-- Configuration Files:
/etc/tmpreaper.conf changed [not included]
-- debconf information excluded
