Hello Richard, the patch you mention was modified by the same author that send patches [28...51] to me.
I also believed that a better review was needed so i forwarded all of them to original author. Upstream was agree to do a deeper review of all patches in the package and include them (or not) in the next release. Greetings, Marcos El dom, 03-10-2021 a las 01:18 +0100, RL escribió: > Marcos Fouces <mar...@debian.org> writes: > > > Hello Richard, > > > > i merged your requests for chkrootkit. > > > > IMHO, the best way to start contributing is exactly what you did! > > (Merge requests) > > Thanks, this is good news :). > > I started looking at the code and bugs, but got side-tracked: It > seems > to me that patch 27 (from july 2020) in debian/patches is > problematic. I > was not able to understand most of what patch 27 is trying to do, but > it > seems to me that: > > 1. Patch 27 is re-introducing an "interesting feature" where chkproc > (a C programme run by chkrootkit) sends kill signals to pid 1 > and 12345 see if they might be rootkits (!). These are in the > upsteam code, but in 2008 debian's patch #5 commented out that code > to > fix https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457828 > > Patch 27 has apparently reversed this fix and the debian version of > chkproc.c (after all debian's patching) includes the kill signals > again. (i think they occur less often than before, so maybe the new > bug is less 'critical') > > 2. Patch 27 is also the sole cause of the "OooPS" messages reported > in > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982998 > > These come from MAX_PROCESSES in chkproc.c being too low. upstream > has > set MAX_PROCESSES to > 4 million since 2014, but patch 27 > apparently > reset it back to 99999. > > I think someone more knowledgable in C than me should look at this > patch > and see whether it is valid or not. >