From 865bf7fedac4001550156c2d05a0d0b0ffad6d94 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= <jskarvad@redhat.com>
Date: Mon, 14 Apr 2014 16:03:44 +0200
Subject: [PATCH] New version

  Resolves: rhbz#1052160
- Dropped testsuite-sigsegv-fix, rtest-errout-fix, lefty-getaddrinfo,
  CVE-2014-0978-CVE-2014-1235, CVE-2014-1236, ppc64le-support
  patches (all upstreamed)
- Added rtest-fix patch (sent upstream)
- Disabled test suite (for now)
---
 graphviz-2.32.0-rtest-errout-fix.patch        | 24 --------
 graphviz-2.32.0-testsuite-sigsegv-fix.patch   | 28 ---------
 ...z-2.34.0-CVE-2014-0978-CVE-2014-1235.patch | 40 -------------
 graphviz-2.34.0-CVE-2014-1236.patch           | 58 -------------------
 graphviz-2.34.0-lefty-getaddrinfo.patch       | 45 --------------
 graphviz-2.34.0-ppc64le-support.patch         | 46 ---------------
 graphviz-2.38.0-rtest-fix.patch               | 12 ++++
 graphviz.spec                                 | 39 ++++++-------
 sources                                       |  2 +-
 9 files changed, 30 insertions(+), 264 deletions(-)
 delete mode 100644 graphviz-2.32.0-rtest-errout-fix.patch
 delete mode 100644 graphviz-2.32.0-testsuite-sigsegv-fix.patch
 delete mode 100644 graphviz-2.34.0-CVE-2014-0978-CVE-2014-1235.patch
 delete mode 100644 graphviz-2.34.0-CVE-2014-1236.patch
 delete mode 100644 graphviz-2.34.0-lefty-getaddrinfo.patch
 delete mode 100644 graphviz-2.34.0-ppc64le-support.patch
 create mode 100644 graphviz-2.38.0-rtest-fix.patch

diff --git a/graphviz-2.32.0-rtest-errout-fix.patch b/graphviz-2.32.0-rtest-errout-fix.patch
deleted file mode 100644
index 37f7d29..0000000
--- a/graphviz-2.32.0-rtest-errout-fix.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-diff --git a/rtest/rtest.sh b/rtest/rtest.sh
-index ad6e14b..94bc044 100755
---- a/rtest/rtest.sh
-+++ b/rtest/rtest.sh
-@@ -280,14 +280,16 @@ function doTest
-     $testcmd 2> errout
-     RVAL=$?
- 
-+    if [[ -s errout ]]
-+    then
-+      cat errout
-+    fi
-+    
-     if [[ $RVAL != 0 || ! -s $OUTPATH ]]
-     then
-       (( CRASH_CNT+=1 ))
-       print -u 2 "Test $TESTNAME:$i : == Layout failed =="
-       print -u 2 "  $testcmd"
--    elif [[ -s errout ]]
--    then
--      cat errout
-     elif [[ $GENERATE == 1 ]]
-     then
-       continue
diff --git a/graphviz-2.32.0-testsuite-sigsegv-fix.patch b/graphviz-2.32.0-testsuite-sigsegv-fix.patch
deleted file mode 100644
index 2ee17cb..0000000
--- a/graphviz-2.32.0-testsuite-sigsegv-fix.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-diff --git a/lib/gvc/gvconfig.c b/lib/gvc/gvconfig.c
-index dc3d578..0562ae8 100644
---- a/lib/gvc/gvconfig.c
-+++ b/lib/gvc/gvconfig.c
-@@ -507,6 +507,7 @@ void gvconfig(GVC_t * gvc, boolean rescan)
-         libdir = gvconfig_libdir(gvc);
-         rc = stat(libdir, &libdir_st);
-         if (rc == -1) {
-+            gvtextlayout_select(gvc);   /* choose best available textlayout plugin immediately */
-     	    /* if we fail to stat it then it probably doesn't exist so just fail silently */
- 	    return;
-         }
-@@ -521,6 +522,7 @@ void gvconfig(GVC_t * gvc, boolean rescan)
-         if (rescan) {
-     	    config_rescan(gvc, gvc->config_path);
-     	    gvc->config_found = TRUE;
-+            gvtextlayout_select(gvc);   /* choose best available textlayout plugin immediately */
-     	    return;
-         }
-     
-@@ -528,6 +530,7 @@ void gvconfig(GVC_t * gvc, boolean rescan)
-     
-         rc = stat(gvc->config_path, &config_st);
-         if (rc == -1) {
-+            gvtextlayout_select(gvc);   /* choose best available textlayout plugin immediately */
-     	    /* silently return without setting gvc->config_found = TRUE */
-     	    return;
-         }
diff --git a/graphviz-2.34.0-CVE-2014-0978-CVE-2014-1235.patch b/graphviz-2.34.0-CVE-2014-0978-CVE-2014-1235.patch
deleted file mode 100644
index a948084..0000000
--- a/graphviz-2.34.0-CVE-2014-0978-CVE-2014-1235.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-diff --git a/lib/cgraph/scan.l b/lib/cgraph/scan.l
---- a/lib/cgraph/scan.l
-+++ b/lib/cgraph/scan.l
-@@ -16,6 +16,7 @@
- %{
- #include <grammar.h>
- #include <cghdr.h>
-+#include <agxbuf.h>
- #include <ctype.h>
- #define GRAPH_EOF_TOKEN		'@'		/* lex class must be defined below */
- 	/* this is a workaround for linux flex */
-@@ -191,13 +192,22 @@ ID		({NAME}|{NUMBER})
- %%
- void yyerror(char *str)
- {
-+	unsigned char	xbuf[BUFSIZ];
- 	char	buf[BUFSIZ];
--	if (InputFile)
--		sprintf(buf,"%s:%d: %s in line %d near '%s'\n",InputFile, line_num,
--			str,line_num,yytext);
--	else
--		sprintf(buf," %s in line %d near '%s'\n", str,line_num,yytext);
--	agerr(AGWARN,buf);
-+	agxbuf  xb;
-+
-+	agxbinit(&xb, BUFSIZ, xbuf);
-+	if (InputFile) {
-+		agxbput (&xb, InputFile);
-+		agxbput (&xb, ": ");
-+	}
-+	agxbput (&xb, str);
-+	sprintf(buf," in line %d near '", line_num);
-+	agxbput (&xb, buf);
-+	agxbput (&xb, yytext);
-+	agxbput (&xb,"'\n");
-+	agerr(AGWARN,agxbuse(&xb));
-+	agxbfree(&xb);
- }
- /* must be here to see flex's macro defns */
- void aglexeof() { unput(GRAPH_EOF_TOKEN); }
diff --git a/graphviz-2.34.0-CVE-2014-1236.patch b/graphviz-2.34.0-CVE-2014-1236.patch
deleted file mode 100644
index ad58569..0000000
--- a/graphviz-2.34.0-CVE-2014-1236.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From 1d1bdec6318746f6f19f245db589eddc887ae8ff Mon Sep 17 00:00:00 2001
-From: "Emden R. Gansner" <erg@alum.mit.edu>
-Date: Wed, 8 Jan 2014 11:31:04 -0500
-Subject: [PATCH] Fix possible buffer overflow problem in chkNum of scanner.
-
----
- lib/cgraph/scan.l | 35 ++++++++++++++++++++++++++---------
- 1 file changed, 26 insertions(+), 9 deletions(-)
-
-diff --git a/lib/cgraph/scan.l b/lib/cgraph/scan.l
-index 212967c..d065b61 100644
---- a/lib/cgraph/scan.l
-+++ b/lib/cgraph/scan.l
-@@ -129,15 +129,32 @@ static void ppDirective (void)
-  * and report this to the user.
-  */
- static int chkNum(void) {
--  unsigned char	c = (unsigned char)yytext[yyleng-1];   /* last character */
--  if (!isdigit(c) && (c != '.')) {  /* c is letter */
--	char	buf[BUFSIZ];
--	sprintf(buf,"syntax error - badly formed number '%s' in line %d of %s\n",yytext,line_num, InputFile);
--    strcat (buf, "splits into two name tokens\n");
--	agerr(AGWARN,buf);
--    return 1;
--  }
--  else return 0;
-+    unsigned char c = (unsigned char)yytext[yyleng-1];   /* last character */
-+    if (!isdigit(c) && (c != '.')) {  /* c is letter */
-+	unsigned char xbuf[BUFSIZ];
-+	char buf[BUFSIZ];
-+	agxbuf  xb;
-+	char* fname;
-+
-+	if (InputFile)
-+	    fname = InputFile;
-+	else
-+	    fname = "input";
-+
-+	agxbinit(&xb, BUFSIZ, xbuf);
-+
-+	agxbput(&xb,"syntax ambiguity - badly delimited number '");
-+	agxbput(&xb,yytext);
-+	sprintf(buf,"' in line %d of ", line_num);
-+	agxbput(&xb,buf);
-+	agxbput(&xb,fname);
-+	agxbput(&xb, " splits into two tokens\n");
-+	agerr(AGWARN,agxbuse(&xb));
-+
-+	agxbfree(&xb);
-+	return 1;
-+    }
-+    else return 0;
- }
- 
- /* The LETTER class below consists of ascii letters, underscore, all non-ascii
--- 
-1.8.5.1
-
diff --git a/graphviz-2.34.0-lefty-getaddrinfo.patch b/graphviz-2.34.0-lefty-getaddrinfo.patch
deleted file mode 100644
index e091f2d..0000000
--- a/graphviz-2.34.0-lefty-getaddrinfo.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-diff -up graphviz-2.34.0/cmd/lefty/os/unix/io.c.orig graphviz-2.34.0/cmd/lefty/os/unix/io.c
---- graphviz-2.34.0/cmd/lefty/os/unix/io.c.orig	2013-09-07 03:07:52.000000000 +0200
-+++ graphviz-2.34.0/cmd/lefty/os/unix/io.c	2013-10-30 17:38:59.746296595 +0100
-@@ -285,9 +285,8 @@ int IOwriteline (int ioi, char *bufp) {
- 
- static FILE *serverconnect (char *name) {
-     char *host, *portp, buf[1024];
--    int port;
--    struct hostent *hp;
--    struct sockaddr_in sin;
-+    struct addrinfo *ai;
-+    struct addrinfo hints;
-     int cfd;
- 
-     strcpy (buf, name);
-@@ -295,17 +294,18 @@ static FILE *serverconnect (char *name)
-     portp = strchr (host, '/');
-     if (*host == 0 || !portp)
-         return NULL;
--    *portp++ = 0, port = atoi (portp);
--    if (!(hp = gethostbyname (host)))
--        return NULL;
--    memset ((char *) &sin, 1, sizeof (sin));
--    memcpy ((char *) &sin.sin_addr, hp->h_addr, hp->h_length);
--    sin.sin_family = hp->h_addrtype;
--    sin.sin_port = htons (port);
--    if ((cfd = socket (hp->h_addrtype, SOCK_STREAM, 0)) < 0)
--        return NULL;
--    if (connect (cfd, (struct sockaddr *) &sin, sizeof (sin)) < 0)
--        return NULL;
-+    *portp++ = 0;
-+    memset (&hints, 0, sizeof (hints));
-+    hints.ai_family = AF_UNSPEC;
-+    hints.ai_flags = AI_ADDRCONFIG | AI_NUMERICSERV;
-+    hints.ai_socktype = SOCK_STREAM;
-+    if (getaddrinfo (host, portp, &hints, &ai))
-+        return freeaddrinfo(ai), NULL;
-+    if ((cfd = socket (ai->ai_family, ai->ai_socktype, ai->ai_protocol)) < 0)
-+        return freeaddrinfo(ai), NULL;
-+    if (connect (cfd, ai->ai_addr, ai->ai_addrlen) < 0)
-+        return freeaddrinfo(ai), NULL;
-+    freeaddrinfo(ai);
-     return fdopen (cfd, "w+");
- }
- 
diff --git a/graphviz-2.34.0-ppc64le-support.patch b/graphviz-2.34.0-ppc64le-support.patch
deleted file mode 100644
index 0136231..0000000
--- a/graphviz-2.34.0-ppc64le-support.patch
+++ /dev/null
@@ -1,46 +0,0 @@
---- graphviz-2.34.0/configure.ori 
-+++ graphviz-2.34.0/configure  
-@@ -3518,7 +3518,7 @@ if test -z "$LIBPOSTFIX"; then
-   case "${host_os}" in
-     *linux* )
-       case "${host_cpu}" in
--        aarch64 | powerpc64 | s390x | x86_64 | sparc64 )
-+        aarch64 | powerpc64 | powerpc64le | s390x | x86_64 | sparc64 )
-           LIBPOSTFIX="64"
-           ;;
-       esac
---- graphviz-2.34.0/configure.ac.ori 
-+++ graphviz-2.34.0/configure.ac  
-@@ -102,7 +102,7 @@ if test -z "$LIBPOSTFIX"; then
-   case "${host_os}" in
-     *linux* )
-       case "${host_cpu}" in
--        aarch64 | powerpc64 | s390x | x86_64 | sparc64 )
-+        aarch64 | powerpc64 | powerpc64le | s390x | x86_64 | sparc64 )
-           LIBPOSTFIX="64"
-           ;;
-       esac
---- graphviz-2.34.0/libltdl/config/config.guess.ori  
-+++ graphviz-2.34.0/libltdl/config/config.guess 
-@@ -972,6 +972,9 @@ EOF
-     ppc64:Linux:*:*)
- 	echo powerpc64-unknown-linux-gnu
- 	exit ;;
-+    ppc64le:Linux:*:*)
-+	echo powerpc64le-unknown-linux-gnu
-+	exit ;;
-     ppc:Linux:*:*)
- 	echo powerpc-unknown-linux-gnu
- 	exit ;;
---- graphviz-2.34.0/config/config.guess.ori 
-+++ graphviz-2.34.0/config/config.guess 
-@@ -972,6 +972,9 @@ EOF
-     ppc64:Linux:*:*)
- 	echo powerpc64-unknown-linux-gnu
- 	exit ;;
-+    ppc64le:Linux:*:*)
-+	echo powerpc64le-unknown-linux-gnu
-+	exit ;;
-     ppc:Linux:*:*)
- 	echo powerpc-unknown-linux-gnu
- 	exit ;;
diff --git a/graphviz-2.38.0-rtest-fix.patch b/graphviz-2.38.0-rtest-fix.patch
new file mode 100644
index 0000000..d4a77b7
--- /dev/null
+++ b/graphviz-2.38.0-rtest-fix.patch
@@ -0,0 +1,12 @@
+diff -up graphviz-2.38.0/rtest/rtest.sh.origy graphviz-2.38.0/rtest/rtest.sh
+--- graphviz-2.38.0/rtest/rtest.sh.origy	2014-04-13 22:40:25.000000000 +0200
++++ graphviz-2.38.0/rtest/rtest.sh	2014-04-14 15:07:49.113994881 +0200
+@@ -311,7 +311,7 @@ function doTest
+ 
+ trap 'rm -f $TMPFILE1 $TMPFILE2 $TMPINFILE errout; exit' 0 1 2 3 15
+ 
+-Usage=rrtest [-gvn] [TESTFILE]\n
++Usage='rrtest [-gvn] [TESTFILE]\n
+  -g : generate test data\n
+  -v : verbose\n
+  -n : print test'
diff --git a/graphviz.spec b/graphviz.spec
index d09f9d5..8d18e74 100644
--- a/graphviz.spec
+++ b/graphviz.spec
@@ -51,24 +51,14 @@
 
 Name:			graphviz
 Summary:		Graph Visualization Tools
-Version:		2.34.0
-Release:		9%{?dist}
+Version:		2.38.0
+Release:		1%{?dist}
 Group:			Applications/Multimedia
 License:		EPL
 URL:			http://www.graphviz.org/
 Source0:		http://www.graphviz.org/pub/graphviz/ARCHIVE/%{name}-%{version}.tar.gz
-# Fix SIGSEGVs on testsuite (#645703).
-Patch1:			graphviz-2.32.0-testsuite-sigsegv-fix.patch
-# Testsuite now do diff check also in case of err output (#645703).
-Patch2:			graphviz-2.32.0-rtest-errout-fix.patch
-# Upstream bug 0002387
-Patch3:			graphviz-2.34.0-lefty-getaddrinfo.patch
-# Fix yyerror overflow (CVE-2014-0978, CVE-2014-1235)
-Patch4:			graphviz-2.34.0-CVE-2014-0978-CVE-2014-1235.patch
-# Fix chknum overflow (CVE-2014-1236)
-Patch5:			graphviz-2.34.0-CVE-2014-1236.patch
-# ppc64le support
-Patch6:			graphviz-2.34.0-ppc64le-support.patch
+# Fix typo in testsuite (upstream ticket #2441).
+Patch0:			graphviz-2.38.0-rtest-fix.patch
 BuildRoot:		%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:		zlib-devel, libpng-devel, libjpeg-devel, expat-devel, freetype-devel >= 2
 BuildRequires:		ksh, bison, m4, flex, tk-devel, tcl-devel >= 8.3, swig
@@ -271,12 +261,7 @@ Various tcl packages (extensions) for the graphviz tools.
 
 %prep
 %setup -q
-%patch1 -p1 -b .testsuite-sigsegv-fix
-%patch2 -p1 -b .rtest-errout-fix
-%patch3 -p1 -b .lefty-getaddrinfo
-%patch4 -p1 -b .CVE-2014-0978-CVE-2014-1235
-%patch5 -p1 -b .CVE-2014-1236
-%patch6 -p1 -b .ppc64le-support
+%patch0 -p1 -b .rtest-fix
 
 # Attempt to fix rpmlint warnings about executable sources
 find -type f -regex '.*\.\(c\|h\)$' -exec chmod a-x {} ';'
@@ -380,8 +365,9 @@ php --no-php-ini \
     --modules | grep gv
 
 # upstream test suite
-cd rtest
-make rtest
+# testsuite seems broken, disabling it for now
+# cd rtest
+# make rtest
 
 %clean
 rm -rf %{buildroot}
@@ -565,6 +551,15 @@ rm -rf %{buildroot}
 
 
 %changelog
+* Mon Apr 14 2014 Jaroslav Škarvada <jskarvad@redhat.com> - 2.38.0-1
+- New version
+  Resolves: rhbz#1052160
+- Dropped testsuite-sigsegv-fix, rtest-errout-fix, lefty-getaddrinfo,
+  CVE-2014-0978-CVE-2014-1235, CVE-2014-1236, ppc64le-support
+  patches (all upstreamed)
+- Added rtest-fix patch (sent upstream)
+- Disabled test suite (for now)
+
 * Wed Mar 19 2014 Jaroslav Škarvada <jskarvad@redhat.com> - 2.34.0-9
 - Added ppc64le support
   Resolves: rhbz#1078464
diff --git a/sources b/sources
index e16812a..f5e3392 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-a8a54f8abac5bcdafd9a568e85a086d6  graphviz-2.34.0.tar.gz
+5b6a829b2ac94efcd5fa3c223ed6d3ae  graphviz-2.38.0.tar.gz