← Back to branch summary

~ubuntu-branches/ubuntu/natty/sarg/natty

« back to all changes in this revision

Viewing changes to debian/patches/opensuse_5_limit_sprintf.patch

  • Committer: Bazaar Package Importer
  • Author(s): Luigi Gangitano
  • Date: 2009-01-10 18:14:18 UTC
  • mfrom: (3.1.3 lenny)
  • Revision ID: james.westby@ubuntu.com-20090110181418-tffq642drpfiyi6e
Tags: 2.2.5-2
http://bugs.debian.org/481889
http://bugs.debian.org/444845
http://bugs.debian.org/370811
http://bugs.debian.org/470791
* debian/watch
  - Use SF redirector and make lintian happy

* debian/{rules,compat}
  - Move DH_COMPAT to debian/compat and make lintian happy

* debian/rules
  - Change make clean invocation and make lintian happier
  - Added support for DEB_BUILD_OPTIONS
  - Move documentation files from sarg-php to doc directory
  - Remove hidden file from /etc/squid/languages

* debian/control
  - Removed dependency on bash, now essential
  - Bumped Standard-Version to 3.8.0

* debian/postinst
  - Make postint fail on error

* debian/copyright
  - Added copyright notice
  - Updated maintainer reference

* debian/sarg-reports.1
  - Added man page, thanks to Juan Angulo Moreno (Closes: #481889)

* debian/patches/show_read_statistics.patch
  - Added patch from Vladimir Lettiev fixing segfault with
    show_read_statistics set to no. (Closes: #444845, # 370811)

* debian/patches/totger_patches.patch
  - Added patch from Thomas Bliesener fixing several buffer overflows
    (Closes: #470791)

* debian/patches/opensuse_1_getword_boundary_limit.patch
  - Added patch from OpenSUSE to avoid segfaults in getword() calls

* debian/patches/opensuse_2_enlarge_report_buffers.patch
  - Added patch from OpenSUSE to avoid overflow in report buffers

* debian/patches/opensuse_3_too_small_font_buffer.patch
  - Added patch from OpenSUSE to avoid overflow in font buffer

* debian/patches/opensuse_4_enlarge_log_buffer.patch
  - Added patch from OpenSUSE to avoid overflow in log buffer

* debian/patches/opensuse_5_limit_sprintf.patch
  - Added patch from OpenSUSE to avoid segfaults in sprintf() calls

* debian/patches/opensuse_6_limit_useragent_sprintf.patch
  - Added patch from OpenSUSE to avoid segfaults in sprintf() calls

* debian/patches/opensuse_7_year_assertion.patch
  - Added patch from OpenSUSE to avoid assertion in year parsing

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/opensuse_5_limit_sprintf.patch
 
1
--- sarg-2.2.5/useragent.c.orig 2008-04-24 14:21:04.000000000 +0200
 
2
+++ sarg-2.2.5/useragent.c      2008-04-24 15:11:35.000000000 +0200
 
3
@@ -101,7 +101,7 @@
 
4
    strcpy(fdate,data);
 
5
 
 
6
    if(debug) {
 
7
-      sprintf(msg, "   %s: %ld",text[10],totregsl);
 
8
+      snprintf(msg, sizeof(buf), "   %s: %ld",text[10],totregsl);
 
9
       debuga(msg);
 
10
    }
 
11
 
 
12
@@ -180,13 +180,13 @@
 
13
       getword(user,sizeof(user),buf,'\\');
 
14
 
 
15
       if(strcmp(user,user_old) != 0) {
 
16
-         sprintf(html,"<tr><td align=left bgcolor=%s><font size=%s>%s</td><td align=left bgcolor=%s><font size=%s>%s</td></tr>\n",TxBgColor,FontSize,user,TxBgColor,FontSize,agent);
 
17
+         snprintf(html,sizeof(html),"<tr><td align=left bgcolor=%s><font size=%s>%s</td><td align=left bgcolor=%s><font size=%s>%s</td></tr>\n",TxBgColor,FontSize,user,TxBgColor,FontSize,agent);
 
18
          fputs(html,fp_ht);
 
19
          strcpy(user_old,user);
 
20
          strcpy(agent_old,agent);
 
21
       } else {
 
22
          if(strcmp(agent,agent_old) != 0) {
 
23
-            sprintf(html,"<tr><td></td><td align=left bgcolor=%s><font size=%s>%s</td></tr>\n",TxBgColor,FontSize,agent);
 
24
+            snprintf(html,sizeof(html),"<tr><td></td><td align=left bgcolor=%s><font size=%s>%s</td></tr>\n",TxBgColor,FontSize,agent);
 
25
             fputs(html,fp_ht);
 
26
             strcpy(agent_old,agent);
 
27
          }
 
28
@@ -272,14 +272,14 @@
 
29
       perc=atoi(tagent) * 100;
 
30
       perc=perc / agentot2;
 
31
 
 
32
-      sprintf(html,"<tr><td align=left bgcolor=%s><font size=%s>%s</td><td align=right bgcolor=%s><font size=%s>%d</td><td align=right bgcolor=%s><font size=%s>%3.2f</td></tr>\n",TxBgColor,FontSize,buf,TxBgColor,FontSize,atoi(tagent),TxBgColor,FontSize,perc);
 
33
+      snprintf(html,sizeof(html),"<tr><td align=left bgcolor=%s><font size=%s>%s</td><td align=right bgcolor=%s><font size=%s>%d</td><td align=right bgcolor=%s><font size=%s>%3.2f</td></tr>\n",TxBgColor,FontSize,buf,TxBgColor,FontSize,atoi(tagent),TxBgColor,FontSize,perc);
 
34
       fputs(html,fp_ht);
 
35
    }
 
36
 
 
37
    fputs("</table></html>\n",fp_ht);
 
38
    if(strcmp(ShowSargInfo,"yes") == 0) {
 
39
       zdate(ftime, DateFormat);
 
40
-      sprintf(html,"<br><br><center><font size=-2>%s <a href='%s'>%s-%s</a> %s %s</font></center>\n",text[108],URL,PGM,VERSION,text[109],ftime);
 
41
+      snprintf(html,sizeof(html),"<br><br><center><font size=-2>%s <a href='%s'>%s-%s</a> %s %s</font></center>\n",text[108],URL,PGM,VERSION,text[109],ftime);
 
42
       fputs(html,fp_ht);
 
43
    }
 
44
 
 
45
--- sarg-2.2.5/log.c.orig       2008-04-24 14:21:04.000000000 +0200
 
46
+++ sarg-2.2.5/log.c    2008-04-24 15:08:56.000000000 +0200
 
47
@@ -1059,9 +1059,9 @@
 
48
              getword(ano,sizeof(ano),data,'/');
 
49
 
 
50
               if(strcmp(df,"u") == 0)
 
51
-                sprintf(tbuf,"%s%s%s",ano,mes,dia);
 
52
+                snprintf(tbuf,sizeof(tbuf),"%s%s%s",ano,mes,dia);
 
53
               if(strcmp(df,"e") == 0)
 
54
-                sprintf(tbuf,"%s%s%s",dia,mes,ano);
 
55
+                snprintf(tbuf,sizeof(tbuf),"%s%s%s",dia,mes,ano);
 
56
              builddia(dia,mes,ano,df,wdata);
 
57
               idata=atoi(wdata);
 
58
           }