From 0275fe74a8ac2575d87a6ff78502bef5702f9814 Mon Sep 17 00:00:00 2001
From: Sebastian Harl <sh@tokkee.org>
Date: Wed, 23 Jul 2008 20:20:41 +0200
Subject: [PATCH] Added upstream patch
 debian/patches/bts428780-validate-row-count.

Validate the RRA row count in rrdcreate. This closes #428780.
---
 debian/changelog                            |  5 ++-
 debian/patches/bts428780-validate-row-count | 46 +++++++++++++++++++++
 debian/patches/series                       |  1 +
 3 files changed, 51 insertions(+), 1 deletion(-)
 create mode 100644 debian/patches/bts428780-validate-row-count

diff --git a/debian/changelog b/debian/changelog
index 64f2a44..9b1c2a4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,9 @@ rrdtool (1.2.28-1) UNRELEASED; urgency=low
     - Fixes a buffer overflow in librrd's error handling (Closes: #450578).
   * debian/control:
     - Updated standards-version to 3.8.0 - no changes.
+  * debian/patches:
+    - Added backported upstream patch bts428780-validate-row-count to validate
+      the RRA row count in rrdcreate (Closes: #428780).
 
   [ Bernd Zeimetz ]
   * debian/rules:
@@ -14,7 +17,7 @@ rrdtool (1.2.28-1) UNRELEASED; urgency=low
   * debian/patches/implicit-decl-fix:
     - Patching the implicit declaration in rrd_update.c in a nicer way.
 
- -- Sebastian Harl <sh@tokkee.org>  Wed, 23 Jul 2008 20:14:19 +0200
+ -- Sebastian Harl <sh@tokkee.org>  Wed, 23 Jul 2008 20:18:38 +0200
 
 rrdtool (1.2.27-2) unstable; urgency=low
 
diff --git a/debian/patches/bts428780-validate-row-count b/debian/patches/bts428780-validate-row-count
new file mode 100644
index 0000000..e72bbb1
--- /dev/null
+++ b/debian/patches/bts428780-validate-row-count
@@ -0,0 +1,46 @@
+diff a/doc/rrdcreate.pod b/doc/rrdcreate.pod
+--- a/doc/rrdcreate.pod
++++ b/doc/rrdcreate.pod
+@@ -184,6 +184,7 @@ I<steps> defines how many of these I<primary data points> are used to build
+ a I<consolidated data point> which then goes into the archive.
+ 
+ I<rows> defines how many generations of data values are kept in an B<RRA>.
++Obviously, this has to be greater than zero.
+ 
+ =back
+ 
+diff a/src/rrd_create.c b/src/rrd_create.c
+--- a/src/rrd_create.c
++++ b/src/rrd_create.c
+@@ -207,6 +207,7 @@ rrd_create_r(const char *filename,
+             char *argvcopy;
+ 	    char *tokptr;
+ 	    size_t old_size = sizeof(rra_def_t)*(rrd.stat_head->rra_cnt);
++	    int row_cnt;
+ 	    if((rrd.rra_def = rrd_realloc(rrd.rra_def,
+                                           old_size+sizeof(rra_def_t)))==NULL)
+ 	    {
+@@ -269,7 +270,10 @@ rrd_create_r(const char *filename,
+                     case CF_SEASONAL:
+                     case CF_DEVPREDICT:
+                     case CF_FAILURES:
+-                        rrd.rra_def[rrd.stat_head->rra_cnt].row_cnt = atoi(token);
++                        row_cnt = atoi(token);
++                        if (row_cnt <= 0)
++                            rrd_set_error("Invalid row count: %i", row_cnt);
++                        rrd.rra_def[rrd.stat_head->rra_cnt].row_cnt = row_cnt;
+                         break;
+                     default:
+                         rrd.rra_def[rrd.stat_head->rra_cnt].par[RRA_cdp_xff_val].u_val = atof(token);
+@@ -350,7 +354,10 @@ rrd_create_r(const char *filename,
+                         rrd_set_error("Unexpected extra argument for consolidation function DEVPREDICT");
+                         break;
+                     default:
+-                        rrd.rra_def[rrd.stat_head->rra_cnt].row_cnt = atoi(token);
++                        row_cnt = atoi(token);
++                        if (row_cnt <= 0)
++                            rrd_set_error("Invalid row count: %i", row_cnt);
++                        rrd.rra_def[rrd.stat_head->rra_cnt].row_cnt = row_cnt;
+                         break;
+                     }
+                     break;
diff --git a/debian/patches/series b/debian/patches/series
index 2591de2..8e50c2a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,4 +1,5 @@
 bts428778-floating-point-exception
+bts428780-validate-row-count
 setup.py-module-name
 no-rpath-for-ruby
 no-rpath-for-perl
-- 
2.30.2