summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'dev-util/rats/files')
-rw-r--r--dev-util/rats/files/rats-2.1-add-getopt-trailing-null.patch11
-rw-r--r--dev-util/rats/files/rats-2.1-fix-null-pointers.patch128
2 files changed, 0 insertions, 139 deletions
diff --git a/dev-util/rats/files/rats-2.1-add-getopt-trailing-null.patch b/dev-util/rats/files/rats-2.1-add-getopt-trailing-null.patch
deleted file mode 100644
index 65ea6df1f45..00000000000
--- a/dev-util/rats/files/rats-2.1-add-getopt-trailing-null.patch
+++ /dev/null
@@ -1,11 +0,0 @@
-diff -Nuar --exclude '*~' rats-2.1.orig/main.c rats-2.1/main.c
---- rats-2.1.orig/main.c 2002-09-16 21:05:43.000000000 -0700
-+++ rats-2.1/main.c 2006-05-21 21:56:29.578601459 -0700
-@@ -278,6 +278,7 @@
- {"columns", 0,0,0},
- {"context", 0,0,0},
- {"all-static", 0,0,0},
-+ {NULL,0,0,0}
- };
- progname = argv[0];
- flags|=RECURSIVE_FILE_SCAN;
diff --git a/dev-util/rats/files/rats-2.1-fix-null-pointers.patch b/dev-util/rats/files/rats-2.1-fix-null-pointers.patch
deleted file mode 100644
index 0d4c701f0bf..00000000000
--- a/dev-util/rats/files/rats-2.1-fix-null-pointers.patch
+++ /dev/null
@@ -1,128 +0,0 @@
-diff -Nuar rats-2.1.orig/report.c rats-2.1/report.c
---- rats-2.1.orig/report.c 2002-09-16 21:05:43.000000000 -0700
-+++ rats-2.1/report.c 2006-05-21 23:16:16.323046789 -0700
-@@ -122,9 +122,15 @@
- return result;
- }
-
--
--
--
-+/* Exclusively for debugging vulnerabilities.
-+ * - robbat2@gentoo.org 21/05/2006 */
-+static void debug_vuln_dump(vulnerability_t *ptr) {
-+ fprintf(stderr,"vuln_dump: this=%x f=%s l=%d c=%d d=%x t=%d s=%d u=%x p=(%x,%x)\n",
-+ ptr,
-+ ptr->filename,ptr->lineno,ptr->column,
-+ ptr->data,ptr->type,ptr->severity,
-+ ptr->uses,ptr->next,ptr->prev);
-+}
-
- static void
- replace_cfname(char *filename)
-@@ -317,6 +323,27 @@
- insert_vulnerability(log);
- }
-
-+/* These are special static vulnerabilities because we don't
-+ * want NULL data elements in the vulnerability_t->data
-+ * field, because the HTML and XML output formats use that
-+ * pointer without checking it for being null first.
-+ * - robbat2@gentoo.org 21/05/2006 */
-+static struct Vuln_t vuln_PerlBacktick = {
-+ .Name = "Perl Backtick"
-+};
-+static struct Vuln_t vuln_PhpBacktick = {
-+ .Name = "PHP Backtick"
-+};
-+static struct Vuln_t vuln_PythonBacktick = {
-+ .Name = "Python Backtick"
-+};
-+static struct Vuln_t vuln_StaticLocalBuffer = {
-+ .Name = "Static Local Buffer"
-+};
-+static struct Vuln_t vuln_StaticGlobalBuffer = {
-+ .Name = "Static Global Buffer"
-+};
-+
- void log_perlbacktick(int lineno, int column, Severity_t severity)
- {
- vulnerability_t * log;
-@@ -325,7 +352,7 @@
- log->filename = current_file;
- log->column = column;
- log->lineno = lineno;
-- log->data = (Vuln_t *)NULL;
-+ log->data = &vuln_PerlBacktick;
- log->type = PerlBacktick;
- log->severity = severity;
- log->uses = (toctou_use_t *)NULL;
-@@ -342,7 +369,7 @@
- log->filename = current_file;
- log->column = column;
- log->lineno = lineno;
-- log->data = (Vuln_t *)NULL;
-+ log->data = &vuln_PhpBacktick;
- log->type = PhpBacktick;
- log->severity = severity;
- log->uses = (toctou_use_t *)NULL;
-@@ -358,7 +385,7 @@
- log->filename = current_file;
- log->column = column;
- log->lineno = lineno;
-- log->data = (Vuln_t *)NULL;
-+ log->data = &vuln_PythonBacktick;
- log->type = PythonBacktick;
- log->severity = severity;
- log->uses = (toctou_use_t *)NULL;
-@@ -374,7 +401,16 @@
- log->filename = current_file;
- log->column = column;
- log->lineno = lineno;
-- log->data = (Vuln_t *)NULL;
-+ switch(type) {
-+ case StaticLocalBuffer:
-+ log->data = &vuln_StaticLocalBuffer;
-+ break;
-+ case StaticGlobalBuffer:
-+ log->data = &vuln_StaticGlobalBuffer;
-+ break;
-+ default:
-+ log->data = (Vuln_t *)NULL;
-+ }
- log->type = type;
- log->severity = severity;
- log->uses = (toctou_use_t *)NULL;
-@@ -432,6 +468,10 @@
- static void build_xml_vulnerability(vulnerability_t *ptr) {
- int i;
-
-+ /* Debugging - robbat2@gentoo.org 21/05/2006 */
-+ if(ptr->data == NULL)
-+ debug_vuln_dump(ptr);
-+
- printf("<vulnerability>\n");
-
- /* Output the severity */
-@@ -593,6 +633,8 @@
- void report_vulnerability(vulnerability_t *ptr)
- {
- int i;
-+ if(ptr->data == NULL)
-+ debug_vuln_dump(ptr);
-
- switch (ptr->type)
- {
-@@ -890,8 +932,10 @@
-
- static void build_html_vulnerability(vulnerability_t *ptr) {
- int i;
--
--
-+
-+ /* Debugging - robbat2@gentoo.org 21/05/2006 */
-+ if(ptr->data == NULL)
-+ debug_vuln_dump(ptr);
-
- /* Output the severity */
- printf(" <b>Severity: %s</b><br/>\n",