diff options
| author | tonnerre <tonnerre> | 2008-03-22 15:00:14 +0000 |
|---|---|---|
| committer | tonnerre <tonnerre> | 2008-03-22 15:00:14 +0000 |
| commit | 153cfbcfbdef0d6cf6a35d915c1a3fbd79cecd8d (patch) | |
| tree | 02f23fc5646fb482b45683224b1e5c9cec7da28e | |
| parent | ce576eaf0aec97a1142b3a98b3762100390a8aec (diff) | |
| download | pkgsrc-153cfbcfbdef0d6cf6a35d915c1a3fbd79cecd8d.tar.gz | |
Fix SNMP GET reply buffer overflow in nagios-plugin-snmp version 1.4.3nb1
(CVE-2007-5623, ticket #16441)
Approved-by: gdt, joerg
| -rw-r--r-- | net/nagios-plugin-snmp/Makefile | 6 | ||||
| -rw-r--r-- | net/nagios-plugin-snmp/distinfo | 3 | ||||
| -rw-r--r-- | net/nagios-plugin-snmp/patches/patch-aa | 38 |
3 files changed, 43 insertions, 4 deletions
diff --git a/net/nagios-plugin-snmp/Makefile b/net/nagios-plugin-snmp/Makefile index 188ebaf947b..7193a31bfc4 100644 --- a/net/nagios-plugin-snmp/Makefile +++ b/net/nagios-plugin-snmp/Makefile @@ -1,11 +1,11 @@ -# $NetBSD: Makefile,v 1.7 2008/01/18 05:08:45 tnn Exp $ +# $NetBSD: Makefile,v 1.8 2008/03/22 15:00:14 tonnerre Exp $ # PKGNAME= nagios-plugin-snmp-${PLUGINSVERSION} -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= net sysutils -MAINTAINER= pkgsrc-users@NetBSD.org +MAINTAINER= tonnerre@NetBSD.org COMMENT= Nagios snmp plugins DEPENDS+= nagios-plugins-${PLUGINSVERSION}{,nb[0-9]*}:../../net/nagios-plugins diff --git a/net/nagios-plugin-snmp/distinfo b/net/nagios-plugin-snmp/distinfo index 3ad697bbe6f..2144e8a0250 100644 --- a/net/nagios-plugin-snmp/distinfo +++ b/net/nagios-plugin-snmp/distinfo @@ -1,8 +1,9 @@ -$NetBSD: distinfo,v 1.3 2006/10/16 08:40:45 seb Exp $ +$NetBSD: distinfo,v 1.4 2008/03/22 15:00:14 tonnerre Exp $ SHA1 (nagios-plugins-1.4.3.tar.gz) = c26fc2f31d7579c3a8174dcd1965046c4b1c8d37 RMD160 (nagios-plugins-1.4.3.tar.gz) = bc1d4f8cddd481775c514758a462fe533e01e846 Size (nagios-plugins-1.4.3.tar.gz) = 1257775 bytes +SHA1 (patch-aa) = 90672697d121f4fba242d50e87bffd3a4fce8921 SHA1 (patch-ad) = 75bb44093f1fe0d18668cb9aec787d760fe16ad4 SHA1 (patch-ae) = 42a2767b290e4a10c93f170e85138e8c639906dc SHA1 (patch-ak) = c3d9f6ea9a971c45ec4159f800c2a975a3013c82 diff --git a/net/nagios-plugin-snmp/patches/patch-aa b/net/nagios-plugin-snmp/patches/patch-aa new file mode 100644 index 00000000000..6f370f6eb3c --- /dev/null +++ b/net/nagios-plugin-snmp/patches/patch-aa @@ -0,0 +1,38 @@ +$NetBSD: patch-aa,v 1.1 2008/03/22 15:00:14 tonnerre Exp $ + +--- plugins/check_snmp.c.orig 2005-10-31 21:03:19.000000000 +0100 ++++ plugins/check_snmp.c +@@ -203,12 +203,16 @@ main (int argc, char **argv) + + ptr = output; + +- strcat(perfstr, "| "); ++ strncat(perfstr, "| ", sizeof(perfstr)-strlen(perfstr)-1); + while (ptr) { + char *foo; ++ size_t copylen; + + foo = strstr (ptr, delimiter); +- strncat(perfstr, ptr, foo-ptr); ++ copylen = foo-ptr; ++ if (copylen > sizeof(perfstr)-strlen(perfstr)-1) ++ copylen = sizeof(perfstr)-strlen(perfstr)-1; ++ strncat(perfstr, ptr, copylen); + ptr = foo; + + if (ptr == NULL) +@@ -338,9 +342,11 @@ main (int argc, char **argv) + + i++; + +- char *str[MAX_INPUT_BUFFER]; +- asprintf(str, "=%s%s;;;; ", show, type ? type : ""); +- strcat(perfstr, *str); ++ strncat(perfstr, "=", sizeof(perfstr)-strlen(perfstr)-1); ++ strncat(perfstr, show, sizeof(perfstr)-strlen(perfstr)-1); ++ if (type) ++ strncat(perfstr, type, sizeof(perfstr)-strlen(perfstr)-1); ++ strncat(perfstr, " ", sizeof(perfstr)-strlen(perfstr)-1); + + } /* end while (ptr) */ + |