rpms/apachetop/F-9 apachetop-0.12.6-maxpathlen.patch, NONE, 1.1 apachetop.spec, 1.15, 1.16
Robert Scheck (robert)
fedora-extras-commits at redhat.com
Sat Jun 21 14:21:24 UTC 2008
Author: robert
Update of /cvs/pkgs/rpms/apachetop/F-9
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv351/F-9
Modified Files:
apachetop.spec
Added Files:
apachetop-0.12.6-maxpathlen.patch
Log Message:
Fixed a buffer overflow by wrong MAXPATHLEN define (#446199)
apachetop-0.12.6-maxpathlen.patch:
--- NEW FILE apachetop-0.12.6-maxpathlen.patch ---
Patch by Robert Scheck <robert at fedoraproject.org> for apachetop <= 0.12.6, which
adds some includes in order to have a real change to get MAXPATHLEN defined with
a valid value. Once MAXPATHLEN really gets filled with 128, it will just cause a
buffer overflow.
See Red Hat Bugzilla #446199 (https://bugzilla.redhat.com/show_bug.cgi?id=446199)
for more information. This patch should solve the mentioned bug report and should
be sane enough to get included by upstream of apachetop for the next release. It
is important to run autoheader before ./configure to get these changes activated.
--- apachetop-0.12.6/configure.ac 2005-10-27 18:39:25.000000000 +0200
+++ apachetop-0.12.6/configure.ac.maxpathlen 2008-06-21 16:00:38.000000000 +0200
@@ -34,7 +34,8 @@
# Checks for header files.
AC_HEADER_STDC
AC_CHECK_HEADERS([arpa/inet.h netdb.h netinet/in.h \
- string.h strings.h sys/socket.h time.h sys/time.h])
+ string.h strings.h sys/socket.h time.h sys/time.h \
+ limits.h sys/param.h])
# Checks for typedefs, structures, and compiler characteristics.
#AC_HEADER_STDBOOL # not in 2.53?
--- apachetop-0.12.6/src/apachetop.h 2005-10-15 18:10:01.000000000 +0200
+++ apachetop-0.12.6/src/apachetop.h.maxpatlen 2008-06-21 16:02:00.000000000 +0200
@@ -89,8 +89,12 @@
#define getMIN(a,b) (a < b ? a : b)
#define getMAX(a,b) (a > b ? a : b)
-#ifndef MAXPATHLEN
-# define MAXPATHLEN 128
+#ifdef HAVE_SYS_PARAM_H
+# include <sys/param.h>
+#endif
+
+#if HAVE_LIMITS_H
+# include <limits.h>
#endif
/* upon startup, each input file is put into an element of this array,
Index: apachetop.spec
===================================================================
RCS file: /cvs/pkgs/rpms/apachetop/F-9/apachetop.spec,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- apachetop.spec 18 Feb 2008 18:12:01 -0000 1.15
+++ apachetop.spec 21 Jun 2008 14:19:30 -0000 1.16
@@ -1,15 +1,16 @@
Name: apachetop
Version: 0.12.6
-Release: 4%{?dist}
+Release: 5%{?dist}
Summary: A top-like display of Apache logs
Group: Applications/Internet
License: BSD
URL: http://www.webta.org/projects/apachetop
-Source0: http://www.webta.org/apachetop/apachetop-0.12.6.tar.gz
+Source0: http://www.webta.org/apachetop/apachetop-%{version}.tar.gz
+Patch: apachetop-0.12.6-maxpathlen.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildRequires: ncurses-devel, m4, readline-devel
+BuildRequires: ncurses-devel, m4, readline-devel, autoconf, automake
%description
ApacheTop watches a logfile generated by Apache (in standard common or
@@ -19,6 +20,8 @@
%prep
%setup -q
+%patch -p1 -b .maxpathlen
+autoheader
%build
@@ -43,6 +46,9 @@
%changelog
+* Sat Jun 21 2008 Robert Scheck <robert at fedoraproject.org> 0.12.6-5
+- Fixed a buffer overflow by wrong MAXPATHLEN define (#446199)
+
* Mon Feb 18 2008 Fedora Release Engineering <rel-eng at fedoraproject.org> - 0.12.6-4
- Autorebuild for GCC 4.3
More information about the scm-commits
mailing list