Author: tille
Date: 2015-12-20 20:26:55 +0000 (Sun, 20 Dec 2015)
New Revision: 20836
Added:
trunk/packages/ctn/trunk/debian/patches/mayhem.patch
Modified:
trunk/packages/ctn/trunk/debian/changelog
trunk/packages/ctn/trunk/debian/patches/series
Log:
Fix mayhem issues by checking missing parameters - if only upstream would use
getopt
Modified: trunk/packages/ctn/trunk/debian/changelog
===================================================================
--- trunk/packages/ctn/trunk/debian/changelog 2015-12-20 16:57:11 UTC (rev
20835)
+++ trunk/packages/ctn/trunk/debian/changelog 2015-12-20 20:26:55 UTC (rev
20836)
@@ -1,8 +1,10 @@
-ctn (3.2.0~dfsg-3) UNRELEASED; urgency=medium
+ctn (3.2.0~dfsg-3) unstable; urgency=medium
* cme fix dpkg-control
+ * Fix mayhem issues by checking missing parameters
+ Closes: #715642, #715749, #715765, #715766, #715782
- -- Andreas Tille <ti...@debian.org> Sun, 20 Dec 2015 17:55:20 +0100
+ -- Andreas Tille <ti...@debian.org> Sun, 20 Dec 2015 21:12:06 +0100
ctn (3.2.0~dfsg-2) unstable; urgency=medium
Added: trunk/packages/ctn/trunk/debian/patches/mayhem.patch
===================================================================
--- trunk/packages/ctn/trunk/debian/patches/mayhem.patch
(rev 0)
+++ trunk/packages/ctn/trunk/debian/patches/mayhem.patch 2015-12-20
20:26:55 UTC (rev 20836)
@@ -0,0 +1,287 @@
+Author: Andreas Tille <ti...@debian.org>
+Last-Update: Sun, 20 Dec 2015 17:55:20 +0100
+Bug-Debian: https://bugs.debian.org/715642,
+ https://bugs.debian.org/715749,
+ https://bugs.debian.org/715765,
+ https://bugs.debian.org/715766,
+ https://bugs.debian.org/715782
+Description: Fix mayhem issues
+ If upstream only would use getopt ...
+
+--- a/apps/image_archive/archive_server.c
++++ b/apps/image_archive/archive_server.c
+@@ -464,7 +464,7 @@ must be setuid root (see chmod)\n";
+ doBLG = TRUE;
+ break;
+ case 'C':
+- if (argc < 1)
++ if (argc < 1 || !argv[argc])
+ usageerror();
+ argc--;
+ argv++;
+@@ -482,14 +482,14 @@ must be setuid root (see chmod)\n";
+ controlDatabase = *argv;
+ break;
+ case 'g':
+- if (argc < 1)
++ if (argc < 1 || !argv[argc])
+ usageerror();
+ argc--;
+ argv++;
+ genericAE = *argv;
+ break;
+ case 'l':
+- if (argc < 1)
++ if (argc < 1 || !argv[argc])
+ usageerror();
+ argc--;
+ argv++;
+@@ -499,7 +499,7 @@ must be setuid root (see chmod)\n";
+ forgiveFlag = TRUE;
+ break;
+ case 'm':
+- if (argc < 1)
++ if (argc < 1 || !argv[argc])
+ usageerror();
+ argc--;
+ argv++;
+@@ -507,14 +507,14 @@ must be setuid root (see chmod)\n";
+ usageerror();
+ break;
+ case 'n':
+- if (argc < 1)
++ if (argc < 1 || !argv[argc])
+ usageerror();
+ argc--;
+ argv++;
+ strcpy(node, *argv);
+ break;
+ case 'o':
+- if (argc < 1)
++ if (argc < 1 || !argv[argc])
+ usageerror();
+ argc--;
+ argv++;
+@@ -542,7 +542,7 @@ must be setuid root (see chmod)\n";
+ verboseDUL = TRUE;
+ break;
+ case 'x':
+- if (--argc < 1)
++ if (--argc < 1 || !argv[argc])
+ usageerror();
+ argv++;
+ if (strcmp(*argv, "TBL") == 0)
+@@ -553,7 +553,7 @@ must be setuid root (see chmod)\n";
+ usageerror();
+ break;
+ case 'z':
+- if (argc < 2)
++ if (argc < 2 || !argv[argc])
+ usageerror();
+ argc--;
+ argv++;
+@@ -568,7 +568,6 @@ must be setuid root (see chmod)\n";
+ break;
+ }
+ }
+-
+ if (argc < 1)
+ usageerror();
+
+--- a/apps/storage_commit/commit_agent.c
++++ b/apps/storage_commit/commit_agent.c
+@@ -139,6 +139,10 @@ must be setuid root (see chmod)\n";
+ usageerror();
+ argc--;
+ argv++;
++ if (!*argv) {
++ fprintf(stderr, "Missing argument for option -f\n");
++ usageerror();
++ }
+ controlDatabase = *argv;
+ break;
+ case 'l':
+@@ -146,6 +150,10 @@ must be setuid root (see chmod)\n";
+ usageerror();
+ argc--;
+ argv++;
++ if (!*argv) {
++ fprintf(stderr, "Missing argument for option -l\n");
++ usageerror();
++ }
+ logFile = *argv;
+ break;
+ case 'i':
+@@ -156,6 +164,10 @@ must be setuid root (see chmod)\n";
+ usageerror();
+ argc--;
+ argv++;
++ if (!*argv) {
++ fprintf(stderr, "Missing argument for option -n\n");
++ usageerror();
++ }
+ strcpy(node, *argv);
+ break;
+ case 'q':
+@@ -171,6 +183,10 @@ must be setuid root (see chmod)\n";
+ if (--argc < 1)
+ usageerror();
+ argv++;
++ if (!*argv) {
++ fprintf(stderr, "Missing argument for option -x\n");
++ usageerror();
++ }
+ if (strcmp(*argv, "TBL") == 0)
+ verboseTBL = TRUE;
+ else if (strcmp(*argv, "SRV") == 0)
+@@ -183,13 +199,10 @@ must be setuid root (see chmod)\n";
+ break;
+ }
+ }
+-
+ if (argc < 1)
+ usageerror();
+-
+ if (sscanf(*argv++, "%d", &port) != 1)
+ usageerror();
+-
+ (void) signal(SIGUSR1, SIG_IGN);
+ if (port < 1024) {
+ if (geteuid() != 0) {
+--- a/apps/displays/ctndisp.c
++++ b/apps/displays/ctndisp.c
+@@ -175,6 +175,10 @@ main(int argc, char **argv)
+ if ((strcmp(*argv, "-q")) == 0) {
+ argc--;
+ argv++;
++ if (!*argv) {
++ fprintf(stderr, "Missing required argument for option -q\n");
++ exit(-1);
++ }
+ image_Q_id = atoi(*argv);
+ if (image_Q_id < 0) {
+ COND_PushCondition(CTNDISP_CMDLINE,
+@@ -187,6 +191,10 @@ main(int argc, char **argv)
+ } else if ((strcmp(*argv, "-w")) == 0) {
+ argc--;
+ argv++;
++ if (!*argv) {
++ fprintf(stderr, "Missing required argument for option -w\n");
++ exit(-1);
++ }
+ G_display_width = atoi(*argv);
+ if (G_display_width < MIN_DISPLAY_WIDTH) {
+ COND_PushCondition(CTNDISP_CMDLINE,
+@@ -200,6 +208,10 @@ main(int argc, char **argv)
+ } else if ((strcmp(*argv, "-h")) == 0) {
+ argc--;
+ argv++;
++ if (!*argv) {
++ fprintf(stderr, "Missing required argument for option -h\n");
++ exit(-1);
++ }
+ G_display_height = atoi(*argv);
+ if (G_display_height < MIN_DISPLAY_HEIGHT) {
+ COND_PushCondition(CTNDISP_CMDLINE,
+@@ -213,6 +225,10 @@ main(int argc, char **argv)
+ } else if ((strcmp(*argv, "-n")) == 0) {
+ argc--;
+ argv++;
++ if (!*argv) {
++ fprintf(stderr, "Missing required argument for option -n\n");
++ exit(-1);
++ }
+ strcpy(G_nodename, *argv);
+ node_arg++;
+ argc--;
+@@ -223,7 +239,6 @@ main(int argc, char **argv)
+ exit(-1);
+ }
+ }
+-
+ /*
+ * -1's indicate to set the width and height to full screen
+ */
+@@ -232,7 +247,6 @@ main(int argc, char **argv)
+
+ if (node_arg == 0)
+ strcpy(G_nodename, "UNKNOWN");
+-
+ /*
+ * Initialize the Generalized Queue for images and status messages
+ */
+--- a/apps/ctnnetwork/ctnnetwork.c
++++ b/apps/ctnnetwork/ctnnetwork.c
+@@ -123,7 +123,6 @@ main(int argc, char **argv)
+
+ THR_Init();
+ QueueElementSize = sizeof(CTNNETWORK_Queue);
+-
+ /*
+ * Get the input paramaters from command line
+ */
+@@ -140,6 +139,10 @@ main(int argc, char **argv)
+ if ((strcmp(*argv, "-q")) == 0) {
+ argc--;
+ argv++;
++ if (!*argv) {
++ fprintf(stderr, "Missing argument for option -q\n");
++ exit(-1);
++ }
+ image_Q_id = atoi(*argv);
+ if (image_Q_id < 0) {
+ COND_PushCondition(CTNNETWORK_CMDLINE,
+@@ -152,6 +155,10 @@ main(int argc, char **argv)
+ } else if ((strcmp(*argv, "-w")) == 0) {
+ argc--;
+ argv++;
++ if (!*argv) {
++ fprintf(stderr, "Missing argument for option -w\n");
++ exit(-1);
++ }
+ G_display_width = atoi(*argv);
+ if (G_display_width < MIN_DISPLAY_WIDTH) {
+ COND_PushCondition(CTNNETWORK_CMDLINE,
+@@ -164,6 +171,10 @@ main(int argc, char **argv)
+ } else if ((strcmp(*argv, "-h")) == 0) {
+ argc--;
+ argv++;
++ if (!*argv) {
++ fprintf(stderr, "Missing argument for option -h\n");
++ exit(-1);
++ }
+ G_display_height = atoi(*argv);
+ if (G_display_height < MIN_DISPLAY_HEIGHT) {
+ COND_PushCondition(CTNNETWORK_CMDLINE,
+@@ -176,6 +187,10 @@ main(int argc, char **argv)
+ } else if ((strcmp(*argv, "-n")) == 0) {
+ argc--;
+ argv++;
++ if (!*argv) {
++ fprintf(stderr, "Missing argument for option -n\n");
++ exit(-1);
++ }
+ strcpy(G_nodename, *argv);
+ G_Number = atoi(*argv);
+ argc--;
+--- a/apps/dcm_diff/dcm_diff.c
++++ b/apps/dcm_diff/dcm_diff.c
+@@ -390,6 +390,10 @@ main(int argc, char **argv)
+ case 'm':
+ argc--;
+ argv++;
++ if (!*argv) {
++ fprintf(stderr, "Missing argument for option -m\n");
++ usageerror();
++ }
+ vmLimit = atoi(*argv);
+ break;
+ case 'o':
+@@ -413,6 +417,7 @@ main(int argc, char **argv)
+
+ THR_Init();
+ DCM_Debug(verbose);
++
+ if (argc != 2)
+ usageerror();
+
Modified: trunk/packages/ctn/trunk/debian/patches/series
===================================================================
--- trunk/packages/ctn/trunk/debian/patches/series 2015-12-20 16:57:11 UTC
(rev 20835)
+++ trunk/packages/ctn/trunk/debian/patches/series 2015-12-20 20:26:55 UTC
(rev 20836)
@@ -5,3 +5,4 @@
30_hardening.patch
40_spelling.patch
50_clang_FTBFS_Wreturn-type.patch
+mayhem.patch
_______________________________________________
debian-med-commit mailing list
debian-med-commit@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/debian-med-commit
