Your message dated Tue, 12 May 2009 00:53:54 -0700
with message-id <[email protected]>
and subject line already fixed
has caused the Debian Bug report #264672,
regarding mtr-tiny: Updated patch submission
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
264672: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=264672
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Subject: mtr-tiny: Updated patch submission
Followup-For: Bug #264055
Package: mtr-tiny
Version: 0.58-1
Tags: patch
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.7
Locale: LANG=C, LC_CTYPE=C
Versions of packages mtr-tiny depends on:
ii libc6 2.3.2.ds1-15 GNU C Library: Shared libraries
an
ii libncurses5 5.4-4 Shared libraries for terminal
hand
-- no debconf information
I have attached an updated patch that also patches the command line
version of this problem.
--- mtr-0.58.orig/mtr-curses.h 2002-03-07 04:19:11.000000000 -0800
+++ mtr-0.58/mtr-curses.h 2004-08-09 11:24:48.000000000 -0700
@@ -17,6 +17,9 @@
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+/* Define the available options */
+#define OPTIONS "LDRSNBAWVGJMXI "
+
/* Prototypes for curses.c */
void mtr_curses_open();
void mtr_curses_close();
--- mtr-0.58.orig/mtr.c 2004-04-01 05:33:27.000000000 -0800
+++ mtr-0.58/mtr.c 2004-08-09 11:24:34.000000000 -0700
@@ -39,7 +39,7 @@
/* HPUX doesn't have seteuid, but setuid works fine in that case for us */
#define seteuid setuid
#endif
-
+int i;
int DisplayMode;
int display_mode;
int Interactive = 1;
@@ -191,9 +191,13 @@
fstTTL = maxTTL;
}
break;
- case 'o':
- /* XXX no error checking on the input string, lazy */
- strncpy (fld_active, optarg, MAXFLD-1 );
+ case 'o':
+ /* clean optarg before placing in fld_active*/
+ for( i=0;i<strlen(optarg);i++ ) {
+ if( strchr(OPTIONS, optarg[i]) && i < MAXFLD ) {
+ strncpy(&fld_active[i], &optarg[i], 1);
+ }
+ }
break;
case 'b':
bitpattern = atoi (optarg);
--- mtr-0.58.orig/curses.c 2004-04-05 06:57:35.000000000 -0700
+++ mtr-0.58/curses.c 2004-08-09 11:48:11.000000000 -0700
@@ -256,8 +256,8 @@
i = 0;
while ( (c=getch ()) != '\n' && i<MAXFLD ) {
attron(A_BOLD); printw("%c", c); attroff(A_BOLD); refresh();
- if( (c>= 'A' && c<= 'Z') || c==' ') {
- buf[i++] = c; /* only accept [ A-Z], can be extend to [a-z0-9] */
+ if( strchr(OPTIONS, c) ) {
+ buf[i++] = c; /* Only permit values in OPTIONS be entered */
}
}
buf[i] = '\0';
--- End Message ---
--- Begin Message ---
Version: 0.59-1
The bug that this patch is for, #264055, has already been marked fixed
in version 0.59-1. therefor I close this bug with that version as
well.
--
_________________________
Ryan Niebur
[email protected]
signature.asc
Description: Digital signature
--- End Message ---
