From 98ad19dfc124bede92975a055f73a19ed2bf0600f28c403921b4c6f4fac7d2de Mon Sep 17 00:00:00 2001
From: Martin Hauke <mardnh@gmx.de>
Date: Mon, 30 Mar 2020 08:25:07 +0000
Subject: [PATCH] Accepting request 789664 from openSUSE:Maintenance:12192

- pmacct-fix-overflow.patch: fixed bufferoverflow in sfacctd.
- reenable _FORTIFY_SOURCE that showed that failure

OBS-URL: https://build.opensuse.org/request/show/789664
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/pmacct?expand=0&rev=97
---
 pmacct-fix-overflow.patch | 29 +++++++++++++++++++++++++++++
 pmacct.changes            |  6 ++++++
 pmacct.spec               |  4 +++-
 3 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 pmacct-fix-overflow.patch

diff --git a/pmacct-fix-overflow.patch b/pmacct-fix-overflow.patch
new file mode 100644
index 0000000..9313d37
--- /dev/null
+++ b/pmacct-fix-overflow.patch
@@ -0,0 +1,29 @@
+Index: pmacct-1.7.4/src/sfacctd.c
+===================================================================
+--- pmacct-1.7.4.orig/src/sfacctd.c
++++ pmacct-1.7.4/src/sfacctd.c
+@@ -2045,7 +2045,7 @@ void finalizeSample(SFSample *sample, st
+ 
+ int SF_find_id(struct id_table *t, struct packet_ptrs *pptrs, pm_id_t *tag, pm_id_t *tag2)
+ {
+-  struct sockaddr sa_local;
++  struct sockaddr_storage sa_local;
+   struct sockaddr_in *sa4 = (struct sockaddr_in *) &sa_local;
+   struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) &sa_local;
+   SFSample *sample = (SFSample *)pptrs->f_data; 
+@@ -2086,13 +2086,13 @@ int SF_find_id(struct id_table *t, struc
+   if (sample->agent_addr.type == SFLADDRESSTYPE_IP_V4) {
+     begin = 0;
+     end = t->ipv4_num;
+-    sa_local.sa_family = AF_INET;
++    sa_local.ss_family = AF_INET;
+     sa4->sin_addr.s_addr = sample->agent_addr.address.ip_v4.s_addr;
+   }
+   else if (sample->agent_addr.type == SFLADDRESSTYPE_IP_V6) {
+     begin = t->num-t->ipv6_num;
+     end = t->num;
+-    sa_local.sa_family = AF_INET6;
++    sa_local.ss_family = AF_INET6;
+     memcpy(sa6->sin6_addr.s6_addr, sample->agent_addr.address.ip_v6.s6_addr, 16);
+   }
+ 
diff --git a/pmacct.changes b/pmacct.changes
index e4364f1..82d25d6 100644
--- a/pmacct.changes
+++ b/pmacct.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Mon Mar 30 07:47:03 UTC 2020 - Marcus Meissner <meissner@suse.com>
+
+- pmacct-fix-overflow.patch: fixed bufferoverflow in sfacctd.
+- reenable _FORTIFY_SOURCE that showed that failure
+
 -------------------------------------------------------------------
 Sun Feb  9 10:02:46 UTC 2020 - Martin Hauke <mardnh@gmx.de>
 
diff --git a/pmacct.spec b/pmacct.spec
index 421ae4d..505d3c9 100644
--- a/pmacct.spec
+++ b/pmacct.spec
@@ -41,6 +41,7 @@ Source10:       nfacctd.conf
 Source11:       pmacctd.conf
 Source12:       sfacctd.conf
 Source20:       pmacct.1
+Patch0:		pmacct-fix-overflow.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  libmysqlclient-devel
@@ -73,13 +74,14 @@ export data to tools like RRDtool, GNUPlot, Net-SNMP, MRTG, and Cacti.
 
 %prep
 %setup -q -n %{name}-1.7.4
+%patch0 -p1
 
 # fix permissions
 chmod -x sql/pmacct-*
 
 %build
 autoreconf -fiv
-export CFLAGS="%{optflags} -Wno-return-type -D_FORTIFY_SOURCE=0"
+export CFLAGS="%{optflags} -Wno-return-type"
 %configure \
     --sysconfdir=%{_sysconfdir}/%{name} \
     --docdir="%{_docdir}/%{name}" \