[libdbd-firebird-perl] 03/07: Remove all patches
Lucas Kanashiro
kanashiro-guest at moszumanska.debian.org
Fri Aug 21 09:39:29 UTC 2015
This is an automated email from the git hooks/post-receive script.
kanashiro-guest pushed a commit to branch master
in repository libdbd-firebird-perl.
commit 24fe4745aa99a0ad0957b2ae2e4234dfbb5e81e3
Author: Lucas Kanashiro <kanashiro.duarte at gmail.com>
Date: Fri Aug 21 06:11:07 2015 -0300
Remove all patches
They are applied by upstream
---
debian/changelog | 1 +
debian/patches/dbdimp-780925-buf-overflow.patch | 72 ------------
debian/patches/series | 2 -
debian/patches/snprintf-everywhere.patch | 147 ------------------------
4 files changed, 1 insertion(+), 221 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 56e5fbd..6988616 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,7 @@ libdbd-firebird-perl (1.20-1) UNRELEASED; urgency=medium
* Team upload.
* Import upstream version 1.20
+ * Remove all patches. They are applied by upstream.
-- Lucas Kanashiro <kanashiro.duarte at gmail.com> Fri, 21 Aug 2015 06:03:03 -0300
diff --git a/debian/patches/dbdimp-780925-buf-overflow.patch b/debian/patches/dbdimp-780925-buf-overflow.patch
deleted file mode 100644
index d1c91f9..0000000
--- a/debian/patches/dbdimp-780925-buf-overflow.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-Bug-Debian: https://bugs.debian.org/780925
-Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libdbd-firebird-perl/+bug/1431867
-Acked-By: Damyan Ivanov <dmn at debian.org>
-From: Stefan Roas <stefan.roas at fau.de>
-Subject: [Dbd-firebird-devel] Buffer Overflow in dbdimp.c
-To: dbd-firebird-devel at lists.alioth.debian.org
-Date: Fri, 13 Mar 2015 17:36:31 +0100
-
-Hi there,
-
-I found a buffer overflow in dbdimp.c. Error messages in dbdimp.c use
-sprintf to a fix-sized buffer that (quite likely in two cases) might be
-too small to hold the final result.
-
-Attached you find a patch that solves the problem by increasing the size
-of the buffer to a value that should be large enough for every
-conceivable input given the conversion specification and additionally
-use snprintf() instead of sprintf(). As snprintf() is already used
-somewhere else in dbdimp.c I figure there are no portability issues
-involved.
-
-I did not check the other uses of sprintf, although it might be
-worthwhile to do so as a quick check found other locations where a
-fix-sized buffer is involved.
-
-Best regards,
- Stefan
-
---- a/dbdimp.c
-+++ b/dbdimp.c
-@@ -21,6 +21,8 @@
-
- DBISTATE_DECLARE;
-
-+#define ERRBUFSIZE 255
-+
- #define IB_SQLtimeformat(xxh, format, sv) \
- do { \
- STRLEN len; \
-@@ -2237,8 +2239,8 @@ static int ib_fill_isqlda(SV *sth, imp_s
- /*
- * User passed an undef to a field that is not nullable.
- */
-- char err[80];
-- sprintf(err, "You have not provided a value for non-nullable parameter #%d.", i);
-+ char err[ERRBUFSIZE];
-+ snprintf(err, sizeof(err), "You have not provided a value for non-nullable parameter #%d.", i);
- do_error(sth, 1, err);
- retval = FALSE;
- return retval;
-@@ -2278,8 +2280,8 @@ static int ib_fill_isqlda(SV *sth, imp_s
- string = SvPV(value, len);
-
- if (len > ivar->sqllen) {
-- char err[80];
-- sprintf(err, "String truncation (SQL_VARYING): attempted to bind %lu octets to column sized %lu",
-+ char err[ERRBUFSIZE];
-+ snprintf(err, sizeof(err), "String truncation (SQL_VARYING): attempted to bind %lu octets to column sized %lu",
- (long unsigned)len, (long unsigned)(sizeof(char) * (ivar->sqllen)));
- break;
- }
-@@ -2301,8 +2303,8 @@ static int ib_fill_isqlda(SV *sth, imp_s
- string = SvPV(value, len);
-
- if (len > ivar->sqllen) {
-- char err[80];
-- sprintf(err, "String truncation (SQL_TEXT): attempted to bind %lu octets to column sized %lu",
-+ char err[ERRBUFSIZE];
-+ snprintf(err, sizeof(err), "String truncation (SQL_TEXT): attempted to bind %lu octets to column sized %lu",
- (long unsigned)len, (long unsigned)(sizeof(char) * (ivar->sqllen)));
- break;
- }
diff --git a/debian/patches/series b/debian/patches/series
deleted file mode 100644
index 4df7295..0000000
--- a/debian/patches/series
+++ /dev/null
@@ -1,2 +0,0 @@
-dbdimp-780925-buf-overflow.patch
-snprintf-everywhere.patch
diff --git a/debian/patches/snprintf-everywhere.patch b/debian/patches/snprintf-everywhere.patch
deleted file mode 100644
index 7cac9e4..0000000
--- a/debian/patches/snprintf-everywhere.patch
+++ /dev/null
@@ -1,147 +0,0 @@
-commit 43b9cfac3f09dead772ece59b2d3d5bf8d73d360
-Author: Damyan Ivanov <dmn at debian.org>
-Commit: Damyan Ivanov <dmn at debian.org>
-
- use snprintf instead of sprintf everywhere
-
- this way even if the buffer can't hold all the content, we never
- overflow it
-
-diff --git a/Firebird.xs b/Firebird.xs
-index 08d17d8..c1c2361 100644
---- a/Firebird.xs
-+++ b/Firebird.xs
-@@ -1646,7 +1646,7 @@ ib_plan(sth)
- if (plan_buffer[0] == isc_info_sql_get_plan) {
- short l = (short) isc_vax_integer((char *)plan_buffer + 1, 2);
- Newx(RETVAL, l + 2, char);
-- sprintf(RETVAL, "%.*s%s", l, plan_buffer + 3, "\n");
-+ snprintf(RETVAL, l+2, "%.*s%s", l, plan_buffer + 3, "\n");
- //PerlIO_printf(PerlIO_stderr(), "Len: %d, orig len: %d\n", strlen(imp_sth->plan), l);
- }
- }
-diff --git a/dbdimp.c b/dbdimp.c
-index dbdf8e3..a7574b3 100644
---- a/dbdimp.c
-+++ b/dbdimp.c
-@@ -72,9 +72,10 @@ bool is_ascii_string(const U8 *s, STRLEN len) {
- int create_cursor_name(SV *sth, imp_sth_t *imp_sth)
- {
- ISC_STATUS status[ISC_STATUS_LENGTH];
-+#define CURSOR_NAME_LEN 22
-
-- Newxz(imp_sth->cursor_name, 22, char);
-- sprintf(imp_sth->cursor_name, "perl%16.16X", (uint32_t)imp_sth->stmt);
-+ Newxz(imp_sth->cursor_name, CURSOR_NAME_LEN, char);
-+ snprintf(imp_sth->cursor_name, CURSOR_NAME_LEN, "perl%16.16X", (uint32_t)imp_sth->stmt);
- isc_dsql_set_cursor_name(status, &(imp_sth->stmt), imp_sth->cursor_name, 0);
- if (ib_error_check(sth, status))
- return FALSE;
-@@ -1494,7 +1495,7 @@ AV *dbd_st_fetch(SV *sth, imp_sth_t *imp_sth)
- switch (dtype)
- {
- case SQL_TIMESTAMP:
-- sprintf(buf, "%04d-%02d-%02d %02d:%02d:%02d.%04ld",
-+ snprintf(buf, sizeof(buf), "%04d-%02d-%02d %02d:%02d:%02d.%04ld",
- times.tm_year + 1900,
- times.tm_mon + 1,
- times.tm_mday,
-@@ -1504,14 +1505,14 @@ AV *dbd_st_fetch(SV *sth, imp_sth_t *imp_sth)
- fpsec);
- break;
- case SQL_TYPE_DATE:
-- sprintf(buf, "%04d-%02d-%02d",
-+ snprintf(buf, sizeof(buf), "%04d-%02d-%02d",
- times.tm_year + 1900,
- times.tm_mon + 1,
- times.tm_mday);
- break;
-
- case SQL_TYPE_TIME:
-- sprintf(buf, "%02d:%02d:%02d.%04ld",
-+ snprintf(buf, sizeof(buf), "%02d:%02d:%02d.%04ld",
- times.tm_hour,
- times.tm_min,
- times.tm_sec,
-@@ -1762,7 +1763,7 @@ AV *dbd_st_fetch(SV *sth, imp_sth_t *imp_sth)
- else
- {
- char s[20];
-- sprintf(s, "COLUMN%d", i);
-+ snprintf(s, sizeof(s), "COLUMN%d", i);
- sv_setpvn(sv, s, strlen(s));
- }
- */
-@@ -2015,7 +2016,7 @@ SV* dbd_st_FETCH_attrib(SV *sth, imp_sth_t *imp_sth, SV *keysv)
- else
- {
- char s[20];
-- sprintf(s, "COLUMN%d", i);
-+ snprintf(s, sizeof(s), "COLUMN%d", i);
- av_store(av, i, newSVpvn(s, strlen(s)));
- }
- }
-@@ -2350,7 +2351,7 @@ static int ib_fill_isqlda(SV *sth, imp_sth_t *imp_sth, SV *param, SV *value,
- char *tmp;
- char *neg;
-
-- sprintf(format, "%%ld.%%%dld%%1ld", -ivar->sqlscale);
-+ snprintf(format, sizeof(format), "%%ld.%%%dld%%1ld", -ivar->sqlscale);
-
- /* negative -0.x hack */
- neg = strchr(svalue, '-');
-@@ -2363,7 +2364,7 @@ static int ib_fill_isqlda(SV *sth, imp_sth_t *imp_sth, SV *param, SV *value,
- if (!sscanf(svalue, format, &p, &q, &r))
- {
- /* here we handle values such as .78 passed as string */
-- sprintf(format, ".%%%dld%%1ld", -ivar->sqlscale);
-+ snprintf(format, sizeof(format), ".%%%dld%%1ld", -ivar->sqlscale);
- if (!sscanf(svalue, format, &q, &r) && DBIc_WARN(imp_sth))
- warn("problem parsing SQL_LONG type");
- }
-@@ -2389,11 +2390,11 @@ static int ib_fill_isqlda(SV *sth, imp_sth_t *imp_sth, SV *param, SV *value,
- {
- /* numeric(?,0): scan for one decimal and do rounding*/
-
-- sprintf(format, "%%ld.%%1ld");
-+ snprintf(format, sizeof(format), "%%ld.%%1ld");
-
- if (!sscanf(svalue, format, &p, &r))
- {
-- sprintf(format, ".%%1ld");
-+ snprintf(format, sizeof(format), ".%%1ld");
- if (!sscanf(svalue, format, &r) && DBIc_WARN(imp_sth))
- warn("problem parsing SQL_LONG type");
- }
-@@ -2481,7 +2482,7 @@ static int ib_fill_isqlda(SV *sth, imp_sth_t *imp_sth, SV *param, SV *value,
- char *tmp;
- char *neg;
-
-- sprintf(format, S_INT64_FULL, -ivar->sqlscale);
-+ snprintf(format, sizeof(format), S_INT64_FULL, -ivar->sqlscale);
-
- /* negative -0.x hack */
- neg = strchr(svalue, '-');
-@@ -2494,7 +2495,7 @@ static int ib_fill_isqlda(SV *sth, imp_sth_t *imp_sth, SV *param, SV *value,
- if (!sscanf(svalue, format, &p, &q, &r))
- {
- /* here we handle values such as .78 passed as string */
-- sprintf(format, S_INT64_DEC_FULL, -ivar->sqlscale);
-+ snprintf(format, sizeof(format), S_INT64_DEC_FULL, -ivar->sqlscale);
- if (!sscanf(svalue, format, &q, &r) && DBIc_WARN(imp_sth))
- warn("problem parsing SQL_INT64 type");
- }
-@@ -2520,11 +2521,11 @@ static int ib_fill_isqlda(SV *sth, imp_sth_t *imp_sth, SV *param, SV *value,
- {
- /* numeric(?,0): scan for one decimal and do rounding*/
-
-- sprintf(format, S_INT64_NOSCALE);
-+ snprintf(format, sizeof(format), S_INT64_NOSCALE);
-
- if (!sscanf(svalue, format, &p, &r))
- {
-- sprintf(format, S_INT64_DEC_NOSCALE);
-+ snprintf(format, sizeof(format), S_INT64_DEC_NOSCALE);
- if (!sscanf(svalue, format, &r) && DBIc_WARN(imp_sth))
- warn("problem parsing SQL_INT64 type");
- }
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/libdbd-firebird-perl.git
More information about the Pkg-perl-cvs-commits
mailing list