1 #! /bin/sh /usr/share/dpatch/dpatch-run
2 ## bts559801_plugin_find_fix.dpatch by Sebastian Harl <sh@tokkee.org>
3 ##
4 ## DP: plugin: Use strcasecmp rather than strncasecmp to find a plugin.
5 ## DP:
6 ## DP: This makes collectd resistant against vulnerable copies of libltdl
7 ## DP: (CVE-2009-3736).
8 ## DP: See <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559801#15>
9 ## DP: for details.
11 @DPATCH@
13 diff a/src/plugin.c b/src/plugin.c
14 --- a/src/plugin.c
15 +++ b/src/plugin.c
16 @@ -572,7 +572,7 @@ int plugin_load (const char *type)
18 while ((de = readdir (dh)) != NULL)
19 {
20 - if (strncasecmp (de->d_name, typename, typename_len))
21 + if (strcasecmp (de->d_name, typename))
22 continue;
24 status = ssnprintf (filename, sizeof (filename),