[monitoring-plugins] plugins/check_apt.c - Print uninitialized ereg
Jan Wagner
git at monitoring-plugins.org
Sat Jun 28 22:20:08 CEST 2014
Module: monitoring-plugins
Branch: master
Commit: 9ce73696b0407b43bcd96269fb1fd6c343834475
Author: Spenser Reinhardt <sreinhardt at nagios.com>
Committer: Jan Wagner <waja at cyconet.org>
Date: Thu Jun 5 22:43:07 2014 -0500
URL: https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=9ce7369
plugins/check_apt.c - Print uninitialized ereg
Coverity 66531 - ereg.buffer can be printed without being initialized if do_include and do_exclude are null and critical is an invalid regex. While minor this may leak memory and cause undefined behavior.
---
plugins/check_apt.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/plugins/check_apt.c b/plugins/check_apt.c
index 4c76a51..07622c2 100644
--- a/plugins/check_apt.c
+++ b/plugins/check_apt.c
@@ -223,6 +223,9 @@ int run_upgrade(int *pkgcount, int *secpkgcount){
regex_t ireg, ereg, sreg;
char *cmdline=NULL, rerrbuf[64];
+ /* initialize ereg as it is possible it is printed while uninitialized */
+ memset(&ereg, "\0", sizeof(ereg.buffer));
+
if(upgrade==NO_UPGRADE) return STATE_OK;
/* compile the regexps */
More information about the Commits
mailing list