![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 92f4dfc)
raw | patch | inline | side by side (parent: 92f4dfc)
| author | Sebastian Harl <sh@tokkee.org> | |
| Fri, 25 Apr 2014 20:22:45 +0000 (22:22 +0200) | ||
| committer | Sebastian Harl <sh@tokkee.org> | |
| Fri, 25 Apr 2014 20:22:45 +0000 (22:22 +0200) |
| debian/patches/CVE-2013-2131 | patch | blob | history |
index b0b576bf3ea07527aa470a704224af0772d2dbb1..9886b9376d7d9f6792c5a7a05b86cde6eb4d3b39 100644 (file)
-diff --git a/src/rrd_graph.c b/src/rrd_graph.c
-index 25ae485..e714e4f 100644
---- a/src/rrd_graph.c
-+++ b/src/rrd_graph.c
-@@ -4144,6 +4144,12 @@ rrd_info_t *rrd_graph_v(
- char *path;
- char *filename;
-
-+ if (bad_format_imginfo(im.imginfo)) {
-+ rrd_info_free(im.grinfo);
-+ im_free(&im);
-+ rrd_set_error("bad format for imginfo");
-+ return NULL;
-+ }
- path = strdup(im.graphfile);
- filename = basename(path);
- info.u_str =
-@@ -4961,6 +4967,51 @@ int bad_format(
- }
+Index: pkg-rrdtool/src/rrd_graph.c
+===================================================================
+--- pkg-rrdtool.orig/src/rrd_graph.c 2014-04-25 22:19:44.198412319 +0200
++++ pkg-rrdtool/src/rrd_graph.c 2014-04-25 22:21:36.202414000 +0200
+@@ -305,6 +305,52 @@
+ #undef conv_if
-+int bad_format_imginfo(
++
++static int bad_format_imginfo(
+ char *fmt)
+{
+ char *ptr;
+}
+
+
- int vdef_parse(
- struct graph_desc_t
- *gdes,
+ int im_free(
+ image_desc_t *im)
+ {
+@@ -4035,6 +4081,12 @@
+ char *path;
+ char *filename;
+
++ if (bad_format_imginfo(im.imginfo)) {
++ rrd_info_free(im.grinfo);
++ im_free(&im);
++ rrd_set_error("bad format for imginfo");
++ return NULL;
++ }
+ path = strdup(im.graphfile);
+ filename = basename(path);
+ info.u_str =