Code

Updated patches/CVE-2013-2131 to compile cleanly and not export new symbols.
authorSebastian Harl <sh@tokkee.org>
Fri, 25 Apr 2014 20:22:45 +0000 (22:22 +0200)
committerSebastian Harl <sh@tokkee.org>
Fri, 25 Apr 2014 20:22:45 +0000 (22:22 +0200)
debian/patches/CVE-2013-2131

index b0b576bf3ea07527aa470a704224af0772d2dbb1..9886b9376d7d9f6792c5a7a05b86cde6eb4d3b39 100644 (file)
@@ -1,25 +1,13 @@
-diff --git a/src/rrd_graph.c b/src/rrd_graph.c
-index 25ae485..e714e4f 100644
---- a/src/rrd_graph.c
-+++ b/src/rrd_graph.c
-@@ -4144,6 +4144,12 @@ rrd_info_t *rrd_graph_v(
-         char     *path;
-         char     *filename;
-+        if (bad_format_imginfo(im.imginfo)) {
-+            rrd_info_free(im.grinfo);
-+            im_free(&im);
-+            rrd_set_error("bad format for imginfo");
-+            return NULL;
-+        }
-         path = strdup(im.graphfile);
-         filename = basename(path);
-         info.u_str =
-@@ -4961,6 +4967,51 @@ int bad_format(
- }
+Index: pkg-rrdtool/src/rrd_graph.c
+===================================================================
+--- pkg-rrdtool.orig/src/rrd_graph.c   2014-04-25 22:19:44.198412319 +0200
++++ pkg-rrdtool/src/rrd_graph.c        2014-04-25 22:21:36.202414000 +0200
+@@ -305,6 +305,52 @@
  
+ #undef conv_if
  
-+int bad_format_imginfo(
++
++static int bad_format_imginfo(
 +    char *fmt)
 +{
 +    char     *ptr;
@@ -64,6 +52,19 @@ index 25ae485..e714e4f 100644
 +}
 +
 +
- int vdef_parse(
-     struct graph_desc_t
-     *gdes,
+ int im_free(
+     image_desc_t *im)
+ {
+@@ -4035,6 +4081,12 @@
+         char     *path;
+         char     *filename;
++        if (bad_format_imginfo(im.imginfo)) {
++            rrd_info_free(im.grinfo);
++            im_free(&im);
++            rrd_set_error("bad format for imginfo");
++            return NULL;
++        }
+         path = strdup(im.graphfile);
+         filename = basename(path);
+         info.u_str =