Re: [CVS] OpenPKG: openpkg-re/vcheck/ vc.chkrootkit openpkg-src/chkrootkit...

Mon, 03 Feb 2003 00:15:11 -0800 

On Sun, Feb 02, 2003, Ralf S. Engelschall wrote:
> On Sun, Feb 02, 2003, Michael Schloh von Bennewitz wrote:
>>>     openpkg-re/vcheck       vc.chkrootkit
>>>     openpkg-src/chkrootkit  chkrootkit.spec
>>>     openpkg-web             news.txt
>>>
>>>   Log:
>>>     upgrading package: chkrootkit 0.39 -> 0.39a
>>>
>>>   -  version   = 0.39
>>>   +  version   = 0.39a
>>>
>> This change broke our chkrootkit package. It appears to package a non-release
>> grade version of chkrootkit. I think we should back out this change.
>
> Can you explain what it actually broke? Which platform? And why is 0.39a
> a non-release grade version? Both according to the website and FTP
> server 0.39a looks like a bugfix version of 0.39 and not an "alpha" or
> whatever version. And even if I look at the diff...
>
That the version was not taken to 0.40 is a clue that this version did not
undergo regression testing, and it becomes clear with a simple build.

In any case the reason that this is broken is that PS1 is only conditionally
defined (see your diff) and then later used unconditionally.

--
[EMAIL PROTECTED]
Development Team, Application Services
Cable & Wireless Deutschland GmbH


> openpkg-dev$ diff -ru3 chkrootkit-0.39 chkrootkit-0.39a
> diff -ru3 chkrootkit-0.39/chkproc.c chkrootkit-0.39a/chkproc.c
> --- chkrootkit-0.39/chkproc.c   Thu Jan 30 00:03:31 2003
> +++ chkrootkit-0.39a/chkproc.c  Fri Jan 31 12:43:56 2003
> @@ -1,6 +1,6 @@
>  /*
> -  (C) Nelson Murilo - 2002/08/08
> -  Version 0.6
> +  (C) Nelson Murilo - 2003/01/31
> +  Version 0.7
>    C port from chkproc.pl code from Klaus Steding-Jessen <[EMAIL PROTECTED]>
>    and Cristine Hoepers <[EMAIL PROTECTED]> +little output changes.
>
> @@ -47,7 +47,8 @@
>  #if defined(__sun)
>  #define PS "ps -edf"
>  #else
> -#define PS "ps mauxwww"
> +#define PS "ps mauxwww 2> /dev/null"
> +#define PS1 "ps auxwww"
>  #endif
> 
>  int psproc [MAX_PROCESSES+1];
> @@ -90,8 +91,13 @@
>     if (!isalpha(*buf))
>  #endif
>     {
> -     fprintf(stderr, "OooPS!\n");
> -     exit(2);
> +     ps  = popen(PS1, "r");
> +     fgets(buf, MAX_BUF, ps); /* Skip header */
> +     if (!isalpha(*buf))
> +     {
> +        fprintf(stderr, "OooPS!\n");
> +        exit(2);
> +     }
>     }
>     for (i = FIRST_PROCESS; i <= MAX_PROCESSES; i++) /* Init matrix */
>       psproc[i] = dirproc[i] = 0;
> 
> I do not see any signs that this is something else that just a little
> bugfix release. So, can you give more details, please?
>

Attachment: msg04542/pgp00000.pgp
Description: PGP signature

Reply via email to