[chkrootkit] Patch update.
Jon Ciesla
limb at fedoraproject.org
Tue Oct 19 13:09:51 UTC 2010
commit fcff464f25f05cd9ba97698fbd5943597afe55d3
Author: Jon Ciesla <limb at jcomserv.net>
Date: Tue Oct 19 08:09:32 2010 -0500
Patch update.
chkrootkit-0.49-chkutmp-outofbounds.patch | 70 +++++++++++++++++++++++++++--
chkrootkit.spec | 7 ++-
2 files changed, 71 insertions(+), 6 deletions(-)
---
diff --git a/chkrootkit-0.49-chkutmp-outofbounds.patch b/chkrootkit-0.49-chkutmp-outofbounds.patch
index 367ae26..ffb620a 100644
--- a/chkrootkit-0.49-chkutmp-outofbounds.patch
+++ b/chkrootkit-0.49-chkutmp-outofbounds.patch
@@ -1,12 +1,74 @@
---- chkutmp.c~ 2009-07-22 08:09:41.000000000 -0500
-+++ chkutmp.c 2009-07-22 08:11:17.000000000 -0500
-@@ -60,3 +60,3 @@
+diff -Nur chkrootkit-0.49-orig/chkutmp.c chkrootkit-0.49/chkutmp.c
+--- chkrootkit-0.49-orig/chkutmp.c 2009-07-30 15:43:17.000000000 +0200
++++ chkrootkit-0.49/chkutmp.c 2010-10-14 22:31:16.000000000 +0200
+@@ -43,7 +43,6 @@
+ #endif
+ #include <ctype.h>
+
+-#define MAXREAD 1024
+ #define MAXBUF 4096
+ #define MAXLENGTH 256
+ #define UT_PIDSIZE 12
+@@ -58,13 +57,13 @@
+ #endif
+
+ struct ps_line {
- char ps_tty[UT_LINESIZE];
- char ps_user[UT_NAMESIZE];
- char ps_args[MAXLENGTH];
+ char ps_tty[UT_LINESIZE+2];
+ char ps_user[UT_NAMESIZE+2];
+ char ps_args[MAXLENGTH+2];
-@@ -66 +66 @@
+ int ps_pid;
+ };
+ struct utmp_line {
- char ut_tty[UT_LINESIZE];
+ char ut_tty[UT_LINESIZE+2];
+ int ut_pid;
+ int ut_type;
+ };
+@@ -78,7 +77,9 @@
+ int fetchps(struct ps_line *psl_p)
+ {
+ FILE *ps_fp;
+- char line[MAXREAD + 1], pid[UT_PIDSIZE];
++ char *line = NULL;
++ size_t linelen = 0;
++ char pid[UT_PIDSIZE+2];
+ char *s, *d;
+ struct ps_line *curp = &psl_p[0];
+ struct ps_line *endp = &psl_p[MAXBUF-1];
+@@ -86,8 +87,8 @@
+
+ i = 0;
+ if ((ps_fp = (popen(cmd[PS_CMD], "r"))) != NULL) {
+- fgets(line, MAXREAD, ps_fp); /* skip header */
+- while (fgets(line, MAXREAD, ps_fp)) {
++ getline(&line, &linelen, ps_fp); /* skip header */
++ while (getline(&line, &linelen, ps_fp) != -1) {
+ s = line;
+ if (*s != '\?' && curp <= endp) { /* only interested in lines that
+ * have a tty */
+@@ -98,7 +99,7 @@
+ while (isspace(*s)) /* skip spaces */
+ s++;
+ d = pid;
+- for (x = 0; (!isspace(*s)) && (*d++ = *s++) && x <= UT_LINESIZE; x++) /* grab pid */
++ for (x = 0; (!isspace(*s)) && (*d++ = *s++) && x <= UT_PIDSIZE; x++) /* grab pid */
+ ;
+ *d = '\0';
+ curp->ps_pid = atoi(pid);
+@@ -113,11 +114,13 @@
+ s++;
+ for (x = 0; (*d++ = *s++) && x <= MAXLENGTH; x++) /* cmd + args */
+ ;
++ *d = '\0';
+ i++;
+ curp++;
+ }
+ }
+ pclose(ps_fp);
++ free(line);
+ } else {
+ fprintf(stderr, "\nfailed running 'ps' !\n");
+ exit(EXIT_FAILURE);
diff --git a/chkrootkit.spec b/chkrootkit.spec
index 0558587..b5cce91 100644
--- a/chkrootkit.spec
+++ b/chkrootkit.spec
@@ -1,6 +1,6 @@
Name: chkrootkit
Version: 0.49
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: Tool to locally check for signs of a rootkit
Group: Applications/System
License: BSD and GPLv2+ and Python
@@ -57,7 +57,7 @@ It contains:
#%patch7 -p1 -b .anomalies
%patch8 -p0 -b .nophpcheck
%patch9 -p0 -b .chkproc-psver
-%patch10 -p0
+%patch10 -p1
sed -i -e 's!\s\+ at strip.*!!g' Makefile
@@ -125,6 +125,9 @@ rm -rf ${RPM_BUILD_ROOT}
%changelog
+* Tue Oct 18 2010 Jon Ciesla <limb at jcomserv.net> 0.49-2
+- Updated outofbounds patch, BZ 577979 and 626067.
+
* Thu Mar 18 2010 Jon Ciesla <limb at jcomserv.net> 0.49-1
- New upstream, including upstreamed patches.
More information about the scm-commits
mailing list