diff --git a/rrdtool-1.2.15-DoS.diff b/rrdtool-1.2.15-DoS.diff deleted file mode 100644 index fc80bec..0000000 --- a/rrdtool-1.2.15-DoS.diff +++ /dev/null @@ -1,121 +0,0 @@ ---- src/rrd_graph.c (revision 874) -+++ src/rrd_graph.c (revision 881) -@@ -1713,4 +1713,33 @@ - } - -+static int AlmostEqual2sComplement (float A, float B, int maxUlps) -+{ -+ -+ int aInt = *(int*)&A; -+ int bInt = *(int*)&B; -+ int intDiff; -+ /* Make sure maxUlps is non-negative and small enough that the -+ default NAN won't compare as equal to anything. */ -+ -+ /* assert(maxUlps > 0 && maxUlps < 4 * 1024 * 1024); */ -+ -+ /* Make aInt lexicographically ordered as a twos-complement int */ -+ -+ if (aInt < 0) -+ aInt = 0x80000000l - aInt; -+ -+ /* Make bInt lexicographically ordered as a twos-complement int */ -+ -+ if (bInt < 0) -+ bInt = 0x80000000l - bInt; -+ -+ intDiff = abs(aInt - bInt); -+ -+ if (intDiff <= maxUlps) -+ return 1; -+ -+ return 0; -+} -+ - /* logaritmic horizontal grid */ - int -@@ -1722,5 +1751,6 @@ - {1.0, 2.0, 5.0, 7.0, 10., 0.0, 0.0, 0.0, 0.0, 0.0}, - {1.0, 2.0, 4.0, 6.0, 8.0, 10., 0.0, 0.0, 0.0, 0.0}, -- {1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 7.0, 8.0, 9.0, 10.}}; -+ {1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 7.0, 8.0, 9.0, 10.}, -+ {0,0,0,0,0, 0,0,0,0,0} /* last line */ }; - - int i, j, val_exp, min_exp; -@@ -1731,5 +1761,5 @@ - double mspac; /* smallest major grid spacing (pixels) */ - int flab; /* first value in yloglab to use */ -- double value, tmp; -+ double value, tmp, pre_value; - double X0,X1,Y0; - char graph_label[100]; -@@ -1750,9 +1780,9 @@ - for(i = 0; yloglab[mid][i + 1] < 10.0; i++); - mspac = logscale * log10(10.0 / yloglab[mid][i]); -- } while(mspac > 2 * im->text_prop[TEXT_PROP_LEGEND].size && mid < 5); -+ } while(mspac > 2 * im->text_prop[TEXT_PROP_LEGEND].size && yloglab[mid][0] > 0); - if(mid) mid--; - - /* find first value in yloglab */ -- for(flab = 0; frexp10(im->minval, &tmp) > yloglab[mid][flab]; flab++); -+ for(flab = 0; yloglab[mid][flab] < 10 && frexp10(im->minval, &tmp) > yloglab[mid][flab] ; flab++); - if(yloglab[mid][flab] == 10.0) { - tmp += 1.0; -@@ -1766,6 +1796,11 @@ - - /* draw grid */ -- while(1) { -+ pre_value = DNAN; -+ while(1) { -+ - value = yloglab[mid][flab] * pow(10.0, val_exp); -+ if ( AlmostEqual2sComplement(value,pre_value,4) ) break; /* it seems we are not converging */ -+ -+ pre_value = value; - - Y0 = ytr(im, value); -@@ -2487,32 +2522,4 @@ - but it seems more stable this way. */ - --static int AlmostEqual2sComplement (float A, float B, int maxUlps) --{ -- -- int aInt = *(int*)&A; -- int bInt = *(int*)&B; -- int intDiff; -- /* Make sure maxUlps is non-negative and small enough that the -- default NAN won't compare as equal to anything. */ -- -- /* assert(maxUlps > 0 && maxUlps < 4 * 1024 * 1024); */ -- -- /* Make aInt lexicographically ordered as a twos-complement int */ -- -- if (aInt < 0) -- aInt = 0x80000000l - aInt; -- -- /* Make bInt lexicographically ordered as a twos-complement int */ -- -- if (bInt < 0) -- bInt = 0x80000000l - bInt; -- -- intDiff = abs(aInt - bInt); -- -- if (intDiff <= maxUlps) -- return 1; -- -- return 0; --} - - /* draw that picture thing ... */ ---- src/rrd_graph.c -+++ src/rrd_graph.c -@@ -1063,6 +1063,7 @@ - */ - if (finite(paintval) && im->gdes[ii].gf != GF_TICK ) { -- if (isnan(minval) || paintval < minval) -- minval = paintval; -+ if ((isnan(minval) || paintval < minval ) && -+ ! (im->logarithmic && paintval <= 0.0)) -+ minval = paintval; - if (isnan(maxval) || paintval > maxval) - maxval = paintval; diff --git a/rrdtool-1.2.15.tar.bz2 b/rrdtool-1.2.15.tar.bz2 deleted file mode 100644 index 3a98621..0000000 --- a/rrdtool-1.2.15.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ecf8035b31c869203aefb7e3ad1a14c968cc8adf25f8caef4eaceb695265b6a3 -size 773554 diff --git a/rrdtool-1.2.18-buffer.diff b/rrdtool-1.2.18-buffer.diff new file mode 100644 index 0000000..021b796 --- /dev/null +++ b/rrdtool-1.2.18-buffer.diff @@ -0,0 +1,14 @@ +--- src/rrd_tool.c ++++ src/rrd_tool.c +@@ -724,9 +724,9 @@ + for (j = 0; j < col_cnt; j++) { + rrd_value_t newval = DNAN; + if (enumds == 1) +- snprintf(vtag,15,"%s%lu", COL_DATA_TAG, j); ++ snprintf(vtag,sizeof(vtag),"%s%lu", COL_DATA_TAG, j); + else +- snprintf(vtag,15,"%s",COL_DATA_TAG); ++ snprintf(vtag,sizeof(vtag),"%s",COL_DATA_TAG); + + newval = *ptr; + if(isnan(newval)){ diff --git a/rrdtool-1.2.15-ssize.diff b/rrdtool-1.2.18-ssize.diff similarity index 100% rename from rrdtool-1.2.15-ssize.diff rename to rrdtool-1.2.18-ssize.diff diff --git a/rrdtool-1.2.15-stderr.diff b/rrdtool-1.2.18-stderr.diff similarity index 100% rename from rrdtool-1.2.15-stderr.diff rename to rrdtool-1.2.18-stderr.diff diff --git a/rrdtool-1.2.18.tar.bz2 b/rrdtool-1.2.18.tar.bz2 new file mode 100644 index 0000000..3880e78 --- /dev/null +++ b/rrdtool-1.2.18.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:54155613829d42ddc7a52d0db874f4553a24bd160fa0c5263f706a29a53054d1 +size 784937 diff --git a/rrdtool.changes b/rrdtool.changes index 321e105..53f48d9 100644 --- a/rrdtool.changes +++ b/rrdtool.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Mon Jan 29 14:42:59 CET 2007 - anicka@suse.cz + +- update to 1.2.18 + * many bugfixes + * DoS in rrd_graph.c fixed [#231212] +- fix overflow in rrd_tool.c + ------------------------------------------------------------------- Fri Jan 5 14:50:05 CET 2007 - anicka@suse.cz diff --git a/rrdtool.spec b/rrdtool.spec index c2be444..d36ae14 100644 --- a/rrdtool.spec +++ b/rrdtool.spec @@ -1,5 +1,5 @@ # -# spec file for package rrdtool (Version 1.2.15) +# spec file for package rrdtool (Version 1.2.18) # # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -16,13 +16,13 @@ License: GNU General Public License (GPL) Group: Productivity/Scientific/Math Autoreqprov: on Requires: perl = %{perl_version} -Version: 1.2.15 -Release: 35 +Version: 1.2.18 +Release: 1 Source: %{name}-%{version}.tar.bz2 Source1: cgilib-0.5.tar.bz2 Patch: %{name}-%{version}-stderr.diff Patch1: %{name}-%{version}-ssize.diff -Patch2: %{name}-%{version}-DoS.diff +Patch2: %{name}-%{version}-buffer.diff URL: http://ee-staff.ethz.ch/~oetiker/webtools/rrdtool/ BuildRoot: %{_tmppath}/%{name}-%{version}-build Summary: A tool for data logging and analysis @@ -110,7 +110,7 @@ sed 's/[[:space:]]*-L\/usr\/src\/packages\/BUILD\/%{name}-%{version}\/lb\/lib[[: mv tmp $RPM_BUILD_ROOT/%{_libdir}/librrd_th.la # documentation -install -m 644 CHANGES CONTRIBUTORS COPYING COPYRIGHT NT-BUILD-TIPS.txt README TODO $RPM_BUILD_ROOT/%{_docdir}/%{name} +install -m 644 CHANGES CONTRIBUTORS COPYING COPYRIGHT README TODO $RPM_BUILD_ROOT/%{_docdir}/%{name} # Script libraries for Tcl extensions should be in a package-specific # subdir of /usr/share/tcl mkdir -p $RPM_BUILD_ROOT/usr/share/tcl/tclrrd%{version} @@ -138,6 +138,11 @@ rm -rf $RPM_BUILD_ROOT %{py_sitedir}/rrdtoolmodule.so %changelog -n rrdtool +* Mon Jan 29 2007 - anicka@suse.cz +- update to 1.2.18 + * many bugfixes + * DoS in rrd_graph.c fixed [#231212] +- fix overflow in rrd_tool.c * Fri Jan 05 2007 - anicka@suse.cz - fix librrd_th.la - remove packaged fonts and use system fonts instead