From: Sebastian Harl <sh@tokkee.org>
Date: Fri, 27 Feb 2015 15:49:01 +0000 (+0100)
Subject: plugin: Use strcasecmp rather than strncasecmp to find a plugin.
X-Git-Tag: collectd-5.5.0~12^2~11^2~5^2
X-Git-Url: https://git.octo.it/?a=commitdiff_plain;h=ea73c57cc68be71f65d6bf491e2299eb88ab6eca;p=collectd.git

plugin: Use strcasecmp rather than strncasecmp to find a plugin.

This makes collectd resistant against vulnerable copies of libltdl
(CVE-2009-3736). See <http://bugs.debian.org/559801#15> for further
details.
---

diff --git a/src/plugin.c b/src/plugin.c
index ed962a72..489d0f70 100644
--- a/src/plugin.c
+++ b/src/plugin.c
@@ -837,7 +837,6 @@ int plugin_load (const char *type, uint32_t flags)
 	const char *dir;
 	char  filename[BUFSIZE] = "";
 	char  typename[BUFSIZE];
-	int   typename_len;
 	int   ret;
 	struct stat    statbuf;
 	struct dirent *de;
@@ -854,7 +853,6 @@ int plugin_load (const char *type, uint32_t flags)
 		WARNING ("plugin_load: Filename too long: \"%s.so\"", type);
 		return (-1);
 	}
-	typename_len = strlen (typename);
 
 	if ((dh = opendir (dir)) == NULL)
 	{
@@ -866,7 +864,7 @@ int plugin_load (const char *type, uint32_t flags)
 
 	while ((de = readdir (dh)) != NULL)
 	{
-		if (strncasecmp (de->d_name, typename, typename_len))
+		if (strcasecmp (de->d_name, typename))
 			continue;
 
 		status = ssnprintf (filename, sizeof (filename),