Compare commits
35 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
a0be5be53e | ||
|
a3626aee12 | ||
|
99ce361b11 | ||
|
463d336550 | ||
|
6d9aae5147 | ||
|
07ba30d3e9 | ||
|
b180913d51 | ||
|
9e3444314a | ||
|
bcc35835c2 | ||
|
614180c75f | ||
|
3157f773b2 | ||
|
3a71a1111c | ||
|
457fb774fe | ||
|
9d8f75bfc1 | ||
|
1d2efaa528 | ||
|
9fefca5870 | ||
|
8eeb9a91af | ||
|
34750696e5 | ||
|
90060377ce | ||
|
8dd7633fd2 | ||
|
55a66adaca | ||
|
a5240a1493 | ||
|
5e83818552 | ||
|
a35cce48d8 | ||
|
43f7d49124 | ||
|
c963ef3b66 | ||
|
ab4478ef6b | ||
|
1d902ea9a0 | ||
|
c5dc2f7c2d | ||
|
2d145e2ec7 | ||
|
6387623d87 | ||
|
d9390d379a | ||
|
b83099b614 | ||
|
590db5ea37 | ||
|
eab323e60c |
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
|||||||
/graphviz-*.tar.bz2
|
graphviz-2.12.tar.gz
|
||||||
|
64
graphviz-2.12-CVE-2014-0978-CVE-2014-1235.patch
Normal file
64
graphviz-2.12-CVE-2014-0978-CVE-2014-1235.patch
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
diff -up graphviz-2.12/lib/agraph/Makefile.am.origy graphviz-2.12/lib/agraph/Makefile.am
|
||||||
|
--- graphviz-2.12/lib/agraph/Makefile.am.origy 2006-09-26 18:47:54.000000000 +0200
|
||||||
|
+++ graphviz-2.12/lib/agraph/Makefile.am 2014-01-07 13:59:14.868361095 +0100
|
||||||
|
@@ -6,7 +6,8 @@ pkgconfigdir = $(libdir)/pkgconfig
|
||||||
|
|
||||||
|
AM_CPPFLAGS = \
|
||||||
|
-I$(top_srcdir) \
|
||||||
|
- -I$(top_srcdir)/lib/cdt
|
||||||
|
+ -I$(top_srcdir)/lib/cdt \
|
||||||
|
+ -I$(top_srcdir)/lib/graph
|
||||||
|
|
||||||
|
pkginclude_HEADERS = aghdr.h agraph.h malloc.h vmstub.h grammar.h
|
||||||
|
noinst_LTLIBRARIES = libagraph_C.la
|
||||||
|
@@ -22,7 +23,8 @@ libagraph_C_la_SOURCES = agerror.c apply
|
||||||
|
|
||||||
|
libagraph_la_LDFLAGS = -version-info @VERSION_INFO@ -no-undefined
|
||||||
|
libagraph_la_SOURCES = $(libagraph_C_la_SOURCES)
|
||||||
|
-libagraph_la_LIBADD = $(top_builddir)/lib/cdt/libcdt.la
|
||||||
|
+libagraph_la_LIBADD = $(top_builddir)/lib/cdt/libcdt.la \
|
||||||
|
+ $(top_builddir)/lib/graph/libgraph.la
|
||||||
|
|
||||||
|
scan.o scan.lo: scan.c grammar.h
|
||||||
|
|
||||||
|
diff --git a/lib/agraph/scan.l b/lib/agraph/scan.l
|
||||||
|
index b3c4875..a46cd92 100644
|
||||||
|
--- a/lib/agraph/scan.l
|
||||||
|
+++ b/lib/agraph/scan.l
|
||||||
|
@@ -20,6 +20,7 @@
|
||||||
|
#include <ctype.h>
|
||||||
|
#include "grammar.h"
|
||||||
|
#include "aghdr.h"
|
||||||
|
+#include "agxbuf.h"
|
||||||
|
#ifdef WIN32
|
||||||
|
#include <io.h>
|
||||||
|
#endif
|
||||||
|
@@ -153,13 +154,22 @@ ID ({NAME}|{NUMBER})
|
||||||
|
%%
|
||||||
|
void yyerror(char *str)
|
||||||
|
{
|
||||||
|
+ unsigned char xbuf[BUFSIZ];
|
||||||
|
char buf[BUFSIZ];
|
||||||
|
- if (InputFile)
|
||||||
|
- sprintf(buf,"%s:%d: %s in line %d near '%s'",InputFile, line_num,
|
||||||
|
- str,line_num,yytext);
|
||||||
|
- else
|
||||||
|
- sprintf(buf," %s in line %d near '%s'", str,line_num,yytext);
|
||||||
|
- agerror(AGERROR_SYNTAX,buf);
|
||||||
|
+ agxbuf xb;
|
||||||
|
+
|
||||||
|
+ agxbinit(&xb, BUFSIZ, xbuf);
|
||||||
|
+ if (InputFile) {
|
||||||
|
+ agxbput (&xb, InputFile);
|
||||||
|
+ agxbput (&xb, ": ");
|
||||||
|
+ }
|
||||||
|
+ agxbput (&xb, str);
|
||||||
|
+ sprintf(buf," in line %d near '", line_num);
|
||||||
|
+ agxbput (&xb, buf);
|
||||||
|
+ agxbput (&xb, yytext);
|
||||||
|
+ agxbput (&xb,"'\n");
|
||||||
|
+ agerror(AGERROR_SYNTAX,agxbuse(&xb));
|
||||||
|
+ agxbfree(&xb);
|
||||||
|
}
|
||||||
|
/* must be here to see flex's macro defns */
|
||||||
|
void aglexeof() { unput(GRAPH_EOF_TOKEN); }
|
40
graphviz-2.12-CVE-2014-1236.patch
Normal file
40
graphviz-2.12-CVE-2014-1236.patch
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
diff --git a/lib/agraph/scan.l b/lib/agraph/scan.l
|
||||||
|
index 4eabcdc..02eaaab 100644
|
||||||
|
--- a/lib/agraph/scan.l
|
||||||
|
+++ b/lib/agraph/scan.l
|
||||||
|
@@ -93,15 +93,26 @@ static void endstr_html(void) {
|
||||||
|
* and report this to the user.
|
||||||
|
*/
|
||||||
|
static int chkNum(void) {
|
||||||
|
- unsigned char c = (unsigned char)yytext[yyleng-1]; /* last character */
|
||||||
|
- if (!isdigit(c) && (c != '.')) { /* c is letter */
|
||||||
|
- char buf[BUFSIZ];
|
||||||
|
- sprintf(buf,"badly formed number '%s' in line %d\n",yytext,line_num);
|
||||||
|
- strcat (buf, "Splits into two name tokens");
|
||||||
|
- agerror(AGERROR_SYNTAX,buf);
|
||||||
|
- return 1;
|
||||||
|
- }
|
||||||
|
- else return 0;
|
||||||
|
+ unsigned char c = (unsigned char)yytext[yyleng-1]; /* last character */
|
||||||
|
+ if (!isdigit(c) && (c != '.')) { /* c is letter */
|
||||||
|
+ unsigned char xbuf[BUFSIZ];
|
||||||
|
+ char buf[BUFSIZ];
|
||||||
|
+ agxbuf xb;
|
||||||
|
+ char* fname;
|
||||||
|
+
|
||||||
|
+ agxbinit(&xb, BUFSIZ, xbuf);
|
||||||
|
+
|
||||||
|
+ agxbput(&xb,"syntax ambiguity - badly delimited number '");
|
||||||
|
+ agxbput(&xb,yytext);
|
||||||
|
+ sprintf(buf,"' in line %d", line_num);
|
||||||
|
+ agxbput(&xb,buf);
|
||||||
|
+ agxbput(&xb, " splits into two tokens\n");
|
||||||
|
+ agerror(AGERROR_SYNTAX,agxbuse(&xb));
|
||||||
|
+
|
||||||
|
+ agxbfree(&xb);
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+ else return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* The LETTER class below consists of ascii letters, underscore, all non-ascii
|
@ -1,15 +0,0 @@
|
|||||||
diff --git a/cmd/tools/Makefile.am b/cmd/tools/Makefile.am
|
|
||||||
index 4978fea..9fbe2e2 100644
|
|
||||||
--- a/cmd/tools/Makefile.am
|
|
||||||
+++ b/cmd/tools/Makefile.am
|
|
||||||
@@ -249,7 +249,9 @@ gvpack_LDADD = \
|
|
||||||
$(top_builddir)/lib/ingraphs/libingraphs_C.la \
|
|
||||||
$(top_builddir)/lib/cgraph/libcgraph.la \
|
|
||||||
$(top_builddir)/lib/cdt/libcdt.la \
|
|
||||||
- $(top_builddir)/plugin/neato_layout/libgvplugin_neato_layout.la
|
|
||||||
+ $(top_builddir)/plugin/neato_layout/libgvplugin_neato_layout_C.la \
|
|
||||||
+ $(top_builddir)/lib/pathplan/libpathplan_C.la \
|
|
||||||
+ $(EXPAT_LIBS) $(Z_LIBS) $(GTS_LIBS) $(SOCKET_LIBS) $(IPSEPCOLA_LIBS) $(MATH_LIBS)
|
|
||||||
|
|
||||||
if ENABLE_STATIC
|
|
||||||
gvpack_static_SOURCES = gvpack.cpp
|
|
@ -1,13 +0,0 @@
|
|||||||
diff --git a/configure.ac b/configure.ac
|
|
||||||
index 49e027f..542c23a 100644
|
|
||||||
--- a/configure.ac
|
|
||||||
+++ b/configure.ac
|
|
||||||
@@ -1141,7 +1141,7 @@ else
|
|
||||||
use_python3="No (python-$PYTHON3_VERSION.pc not found)"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
- PYTHON3_INSTALL_DIR="`$PYTHON3 -c 'from distutils import sysconfig; print(sysconfig.get_python_lib(1,0))'`"
|
|
||||||
+ PYTHON3_INSTALL_DIR="`$PYTHON3 -c 'import sysconfig; print(sysconfig.get_path("platlib"))'`"
|
|
||||||
save_CPPFLAGS=$CPPFLAGS
|
|
||||||
CPPFLAGS="$CPPFLAGS $PYTHON3_INCLUDES"
|
|
||||||
AC_CHECK_HEADER(Python.h,,[
|
|
11
graphviz-libcdt.patch
Normal file
11
graphviz-libcdt.patch
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
--- graphviz-2.12/lib/expr/Makefile.am.orig 2006-09-26 11:47:54.000000000 -0500
|
||||||
|
+++ graphviz-2.12/lib/expr/Makefile.am 2007-05-05 11:49:49.000000000 -0500
|
||||||
|
@@ -34,7 +34,7 @@
|
||||||
|
|
||||||
|
libexpr_la_LDFLAGS = -version-info @VERSION_INFO@
|
||||||
|
libexpr_la_SOURCES = $(libexpr_C_la_SOURCES)
|
||||||
|
-libexpr_la_LIBADD = $(libexpr_C_la_LIBADD)
|
||||||
|
+libexpr_la_LIBADD = $(libexpr_C_la_LIBADD) \
|
||||||
|
$(top_builddir)/lib/cdt/libcdt.la
|
||||||
|
|
||||||
|
$(libexpr_la_OBJECTS): exparse.h exparse.c exgram.h exop.h
|
30
graphviz-php5.patch
Normal file
30
graphviz-php5.patch
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
diff -urN graphviz-2.12/configure graphviz-2.12-patched/configure
|
||||||
|
--- graphviz-2.12/configure 2006-12-04 16:02:10.000000000 -0600
|
||||||
|
+++ graphviz-2.12-patched/configure 2006-12-08 09:45:19.000000000 -0600
|
||||||
|
@@ -25552,7 +25552,7 @@
|
||||||
|
|
||||||
|
fi;
|
||||||
|
if test "x$enable_php" != "xno"; then
|
||||||
|
-if test `$SWIG -help 2>&1 | $GREP -c '\-php *- Generate'` = 0; then
|
||||||
|
+if test `$SWIG -help 2>&1 | $GREP -c '\-php[5 ]*- Generate'` = 0; then
|
||||||
|
PHP=
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: swig does not support php. The PHP packages will not be built" >&5
|
||||||
|
echo "$as_me: WARNING: swig does not support php. The PHP packages will not be built" >&2;}
|
||||||
|
diff -urN graphviz-2.12/configure.ac graphviz-2.12-patched/configure.ac
|
||||||
|
--- graphviz-2.12/configure.ac 2006-12-04 15:11:58.000000000 -0600
|
||||||
|
+++ graphviz-2.12-patched/configure.ac 2006-12-08 08:07:10.000000000 -0600
|
||||||
|
@@ -1,4 +1,4 @@
|
||||||
|
-# $Id: configure.ac,v 1.168 2006/12/04 21:11:58 erg Exp $ $Revision: 1.168 $
|
||||||
|
+# $Id: configure.ac,v 1.170 2006/12/07 17:25:53 ellson Exp $ $Revision: 1.170 $
|
||||||
|
|
||||||
|
# Process this file with autoconf to produce a configure script
|
||||||
|
AC_PREREQ(2.54)
|
||||||
|
@@ -628,7 +628,7 @@
|
||||||
|
AC_ARG_ENABLE(php,
|
||||||
|
[AC_HELP_STRING([--disable-php], [don't support php language bindings])])
|
||||||
|
if test "x$enable_php" != "xno"; then
|
||||||
|
-if test `$SWIG -help 2>&1 | $GREP -c '\-php *- Generate'` = 0; then
|
||||||
|
+if test `$SWIG -help 2>&1 | $GREP -c '\-php[[5 ]]*- Generate'` = 0; then
|
||||||
|
PHP=
|
||||||
|
AC_MSG_WARN([swig does not support php. The PHP packages will not be built])
|
||||||
|
else
|
2117
graphviz.spec
2117
graphviz.spec
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user