Fixed buffer overflow in check_ntp/check_ntp_peer (#1999319, Ubuntu #291265)

git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@2086 f882894a-f735-0410-b71e-b25c423dba1c

NEWS

@@ -16,6 +16,7 @@ This file documents the major additions and syntax changes between releases.
 	check_icmp now reports min and max round trip time perfdata (Steve Rader)
 	Fixed bug where additional headers with redirection caused a segfault (Dieter Van de Walle - 2089159)
 	check_disk: make autofs mount paths specified with -p before we determing the mount list (Erik Welch)
+	Fixed buffer overflow in check_ntp/check_ntp_peer (#1999319, Ubuntu #291265)
 
 1.4.13 25th Sept 2008
 	Fix Debian bug #460097: check_http --max-age broken (Hilko Bengen)

plugins/check_ntp.c

@@ -198,7 +198,7 @@ typedef struct {
 /* NTP control message header is 12 bytes, plus any data in the data
  * field, plus null padding to the nearest 32-bit boundary per rfc.
  */
-#define SIZEOF_NTPCM(m) (12+ntohs(m.count)+((m.count)?4-(ntohs(m.count)%4):0))
+#define SIZEOF_NTPCM(m) (12+ntohs(m.count)+((ntohs(m.count)%4)?4-(ntohs(m.count)%4):0))
 
 /* finally, a little helper or two for debugging: */
 #define DBG(x) do{if(verbose>1){ x; }}while(0);

plugins/check_ntp_peer.c

@@ -131,7 +131,7 @@ typedef struct {
 /* NTP control message header is 12 bytes, plus any data in the data
  * field, plus null padding to the nearest 32-bit boundary per rfc.
  */
-#define SIZEOF_NTPCM(m) (12+ntohs(m.count)+((m.count)?4-(ntohs(m.count)%4):0))
+#define SIZEOF_NTPCM(m) (12+ntohs(m.count)+((ntohs(m.count)%4)?4-(ntohs(m.count)%4):0))
 
 /* finally, a little helper or two for debugging: */
 #define DBG(x) do{if(verbose>1){ x; }}while(0);