From 8c4b1531b6e17d7b54aef4d8aeeae85a3f4a344d Mon Sep 17 00:00:00 2001
From: Phil Knirsch <pknirsch@fedoraproject.org>
Date: Wed, 9 Feb 2005 17:23:38 +0000
Subject: [PATCH] - Updated to mtr-0.69 - Dropped quite a few patches -
 Forewardported the CVE patch

---
 .cvsignore                   |   2 +-
 mtr-0.69-CVE-2002-0497.patch | 223 +++++++++++++++++++++++++++++++++++
 mtr.spec                     |  25 ++--
 sources                      |   2 +-
 4 files changed, 234 insertions(+), 18 deletions(-)
 create mode 100644 mtr-0.69-CVE-2002-0497.patch

diff --git a/.cvsignore b/.cvsignore
index 77104f1..395c6ed 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1 +1 @@
-mtr-0.54.tar.gz
+mtr-0.69.tar.gz
diff --git a/mtr-0.69-CVE-2002-0497.patch b/mtr-0.69-CVE-2002-0497.patch
new file mode 100644
index 0000000..ef7fb86
--- /dev/null
+++ b/mtr-0.69-CVE-2002-0497.patch
@@ -0,0 +1,223 @@
+--- mtr-0.69/dns.c.CVE-2002-0497	2005-01-11 09:32:42.000000000 +0100
++++ mtr-0.69/dns.c	2005-02-09 18:13:12.000000000 +0100
+@@ -877,7 +877,7 @@
+   if (type == T_A) {
+     dorequest(rp->hostname,type,rp->id);
+     if (debug) {
+-      sprintf(tempstring,"Resolver: Sent reverse authentication request for \"%s\".",
++      snprintf(tempstring, sizeof(tempstring), "Resolver: Sent reverse authentication request for \"%s\".",
+ 	      rp->hostname);
+       restell(tempstring);
+     }
+@@ -898,7 +898,7 @@
+     }
+     dorequest(tempstring,type,rp->id);
+     if (debug) {
+-      sprintf(tempstring,"Resolver: Sent domain lookup request for \"%s\".",
++      snprintf(tempstring, sizeof(tempstring), "Resolver: Sent domain lookup request for \"%s\".",
+ 	      strlongip( &(rp->ip) ));
+       restell(tempstring);
+     }
+@@ -934,7 +934,7 @@
+   rp->expiretime = sweeptime + (double)ttl;
+   untieresolve(rp);
+   if (debug) {
+-    sprintf(tempstring,"Resolver: Lookup successful: %s\n",rp->hostname);
++    snprintf(tempstring, sizeof(tempstring), "Resolver: Lookup successful: %s\n",rp->hostname);
+     restell(tempstring);
+   }
+ }
+@@ -991,7 +991,7 @@
+   case NOERROR:
+     if (hp->ancount) {
+       if (debug) {
+-	sprintf(tempstring,"Resolver: Received nameserver reply. (qd:%u an:%u ns:%u ar:%u)",
++	snprintf(tempstring, sizeof(tempstring), "Resolver: Received nameserver reply. (qd:%u an:%u ns:%u ar:%u)",
+                 hp->qdcount,hp->ancount,hp->nscount,hp->arcount);
+ 	restell(tempstring);
+       }
+@@ -1031,14 +1031,14 @@
+       namestring[strlen(stackstring)] = '\0';
+       if (strcasecmp(stackstring,namestring)) {
+ 	if (debug) {
+-	  sprintf(tempstring,"Resolver: Unknown query packet dropped. (\"%s\" does not match \"%s\")",
++	  snprintf(tempstring, sizeof(tempstring), "Resolver: Unknown query packet dropped. (\"%s\" does not match \"%s\")",
+ 		  stackstring,namestring);
+ 	  restell(tempstring);
+ 	}
+ 	return;
+       }
+       if (debug) {
+-	sprintf(tempstring,"Resolver: Queried domain name: \"%s\"",namestring);
++	snprintf(tempstring, sizeof(tempstring), "Resolver: Queried domain name: \"%s\"",namestring);
+ 	restell(tempstring);
+       }
+       c+= r;
+@@ -1049,7 +1049,7 @@
+       qdatatype = sucknetword(c);
+       qclass = sucknetword(c);
+       if (qclass != C_IN) {
+-	sprintf(tempstring,"Resolver error: Received unsupported query class: %u (%s)",
++	snprintf(tempstring, sizeof(tempstring), "Resolver error: Received unsupported query class: %u (%s)",
+                 qclass,qclass < ClasstypeCount ? classtypes[qclass] :
+ 		classtypes[ClasstypeCount]);
+ 	restell(tempstring);
+@@ -1063,7 +1063,7 @@
+ 	  }
+ 	break;
+       default:
+-	sprintf(tempstring,"Resolver error: Received unimplemented query type: %u (%s)",
++	snprintf(tempstring, sizeof(tempstring), "Resolver error: Received unimplemented query type: %u (%s)",
+ 		qdatatype,qdatatype < ResourcetypeCount ?
+ 		resourcetypes[qdatatype] : resourcetypes[ResourcetypeCount]);
+ 	restell(tempstring);
+@@ -1085,7 +1085,7 @@
+ 	else
+ 	  usefulanswer = 1;
+ 	if (debug) {
+-	  sprintf(tempstring,"Resolver: answered domain query: \"%s\"",namestring);
++	  snprintf(tempstring, sizeof(tempstring), "Resolver: answered domain query: \"%s\"",namestring);
+ 	  restell(tempstring);
+ 	}
+ 	c+= r;
+@@ -1098,10 +1098,10 @@
+ 	ttl = sucknetlong(c);
+ 	rdatalength = sucknetword(c);
+ 	if (class != qclass) {
+-	  sprintf(tempstring,"query class: %u (%s)",qclass,qclass < ClasstypeCount ?
++	  snprintf(tempstring, sizeof(tempstring), "query class: %u (%s)",qclass,qclass < ClasstypeCount ?
+ 		  classtypes[qclass] : classtypes[ClasstypeCount]);
+ 	  restell(tempstring);
+-	  sprintf(tempstring,"rr class: %u (%s)",class,class < ClasstypeCount ?
++	  snprintf(tempstring, sizeof(tempstring), "rr class: %u (%s)",class,class < ClasstypeCount ?
+ 		  classtypes[class] : classtypes[ClasstypeCount]);
+ 	  restell(tempstring);
+ 	  restell("Resolver error: Answered class does not match queried class.");
+@@ -1117,20 +1117,20 @@
+ 	}
+ 	if (datatype == qdatatype || datatype == T_CNAME) {
+ 	  if (debug) {
+-	    sprintf(tempstring,"Resolver: TTL: %s",strtdiff(sendstring,ttl));
++	    snprintf(tempstring, sizeof(tempstring), "Resolver: TTL: %s",strtdiff(sendstring,ttl));
+ 	    restell(tempstring);
+ 	  }
+ 	  if (usefulanswer)
+ 	    switch (datatype) {
+ 	    case T_A:
+ 	      if (rdatalength != 4) {
+-		sprintf(tempstring,"Resolver error: Unsupported rdata format for \"A\" type. (%u bytes)",
++		snprintf(tempstring, sizeof(tempstring), "Resolver error: Unsupported rdata format for \"A\" type. (%u bytes)",
+ 			rdatalength);
+ 		restell(tempstring);
+ 		return;
+ 	      }
+ 	      if ( addrcmp( (void *) &(rp->ip), (void *) c, af ) == 0 ) {
+-		sprintf(tempstring,"Resolver: Reverse authentication failed: %s != ",
++		snprintf(tempstring, sizeof(tempstring), "Resolver: Reverse authentication failed: %s != ",
+ 			strlongip( &(rp->ip) ));
+ 		addrcpy( (void *) &alignedip, (void *) c, af );
+ 		strcat(tempstring,strlongip( &alignedip ));
+@@ -1138,7 +1138,7 @@
+ 		res_hostipmismatch++;
+ 		failrp(rp);
+ 	      } else {
+-		sprintf(tempstring,"Resolver: Reverse authentication complete: %s == \"%s\".",
++		snprintf(tempstring, sizeof(tempstring), "Resolver: Reverse authentication complete: %s == \"%s\".",
+ 			strlongip( &(rp->ip) ),nonull(rp->hostname));
+ 		restell(tempstring);
+ 		res_reversesuccess++;
+@@ -1155,7 +1155,7 @@
+ 		return;
+ 	      }
+ 	      if (debug) {
+-		sprintf(tempstring,"Resolver: Answered domain: \"%s\"",namestring);
++		snprintf(tempstring, sizeof(tempstring), "Resolver: Answered domain: \"%s\"",namestring);
+ 		restell(tempstring);
+ 	      }
+ 	      if (r > HostnameLength) {
+@@ -1180,14 +1180,14 @@
+ 	      }
+ 	      break;
+ 	    default:
+-	      sprintf(tempstring,"Resolver error: Received unimplemented data type: %u (%s)",
++	      snprintf(tempstring, sizeof(tempstring), "Resolver error: Received unimplemented data type: %u (%s)",
+ 		      datatype,datatype < ResourcetypeCount ?
+ 		      resourcetypes[datatype] : resourcetypes[ResourcetypeCount]);
+ 	      restell(tempstring);
+ 	    }
+ 	} else {
+ 	  if (debug) {
+-	    sprintf(tempstring,"Resolver: Ignoring resource type %u. (%s)",
++	    snprintf(tempstring, sizeof(tempstring), "Resolver: Ignoring resource type %u. (%s)",
+ 		    datatype,datatype < ResourcetypeCount ?
+ 		    resourcetypes[datatype] : resourcetypes[ResourcetypeCount]);
+ 	    restell(tempstring);
+@@ -1205,7 +1205,7 @@
+     failrp(rp);
+     break;
+   default:
+-    sprintf(tempstring,"Resolver: Received error response %u. (%s)",
++    snprintf(tempstring, sizeof(tempstring), "Resolver: Received error response %u. (%s)",
+ 	    getheader_rcode(hp),getheader_rcode(hp) < ResponsecodeCount ?
+ 	    responsecodes[getheader_rcode(hp)] : responsecodes[ResponsecodeCount]);
+     restell(tempstring);
+@@ -1236,13 +1236,13 @@
+ 		      (void *) &(from4->sin_addr), AF_INET ) == 0 )
+ 	  break;
+     if (i == _res.nscount) {
+-      sprintf(tempstring,"Resolver error: Received reply from unknown source: %s",
++      snprintf(tempstring, sizeof(tempstring), "Resolver error: Received reply from unknown source: %s",
+ 	      inet_ntoa(from4->sin_addr ));
+       restell(tempstring);
+     } else
+       parserespacket((byte *)resrecvbuf,r);
+   } else {
+-    sprintf(tempstring,"Resolver: Socket error: %s",strerror(errno));
++    snprintf(tempstring, sizeof(tempstring), "Resolver: Socket error: %s",strerror(errno));
+     restell(tempstring);
+   }
+ }
+@@ -1271,7 +1271,7 @@
+     case STATE_FINISHED:	/* TTL has expired */
+     case STATE_FAILED:	/* Fake TTL has expired */
+       if (debug) {
+-	sprintf(tempstring,"Resolver: Cache record for \"%s\" (%s) has expired. (state: %u)  Marked for expire at: %g, time: %g.",
++	snprintf(tempstring, sizeof(tempstring), "Resolver: Cache record for \"%s\" (%s) has expired. (state: %u)  Marked for expire at: %g, time: %g.",
+                 nonull(rp->hostname), strlongip( &(rp->ip) ), 
+ 		rp->state, rp->expiretime, sweeptime);
+ 	restell(tempstring);
+@@ -1315,14 +1315,14 @@
+     if ((rp->state == STATE_FINISHED) || (rp->state == STATE_FAILED)) {
+       if ((rp->state == STATE_FINISHED) && (rp->hostname)) {
+ 	if (debug) {
+-	  sprintf(tempstring,"Resolver: Used cached record: %s == \"%s\".\n",
++	  snprintf(tempstring, sizeof(tempstring), "Resolver: Used cached record: %s == \"%s\".\n",
+ 		  strlongip(ip),rp->hostname);
+ 	  restell(tempstring);
+ 	}
+ 	return rp->hostname;
+       } else {
+ 	if (debug) {
+-	  sprintf(tempstring,"Resolver: Used failed record: %s == ???\n",
++	  snprintf(tempstring, sizeof(tempstring), "Resolver: Used failed record: %s == ???\n",
+ 		  strlongip(ip));
+ 	  restell(tempstring);
+ 	}
+--- mtr-0.69/split.c.CVE-2002-0497	2005-01-11 09:34:07.000000000 +0100
++++ mtr-0.69/split.c	2005-02-09 18:13:58.000000000 +0100
+@@ -103,13 +103,13 @@
+       name = dns_lookup(addr);
+       if(name != NULL) {
+ 	/* May be we should test name's length */
+-	sprintf(newLine, "%s %d %d %d %d %d %d", name,
++	snprintf(newLine, sizeof(newLine), "%s %d %d %d %d %d %d", name,
+ 		net_loss(at),
+ 		net_returned(at), net_xmit(at),
+ 		net_best(at) /1000, net_avg(at)/1000, 
+ 		net_worst(at)/1000);
+       } else {
+-	sprintf(newLine, "%s %d %d %d %d %d %d", 
++	snprintf(newLine, sizeof(newLine), "%s %d %d %d %d %d %d", 
+ 		strlongip( addr ),
+ 		net_loss(at),
+ 		net_returned(at), net_xmit(at),
diff --git a/mtr.spec b/mtr.spec
index d73a351..426f151 100644
--- a/mtr.spec
+++ b/mtr.spec
@@ -1,7 +1,7 @@
 Summary: A network diagnostic tool.
 Name: mtr
-Version: 0.54
-Release: 10
+Version: 0.69
+Release: 1
 Epoch:	2
 Group: Applications/Internet
 License: GPL
@@ -10,13 +10,7 @@ Source:	ftp://ftp.bitwizard.nl/mtr/%{name}-%{version}.tar.gz
 Source1: xmtr.consolehelper
 Source2: xmtr.pam
 Patch0:	mtr-0.49-s390x.patch
-Patch1:	mtr-0.54-ipv6-kame.patch
-Patch2:	mtr-0.48-nogtk.patch
-Patch3:	mtr-0.52-SA_LEN.patch
-Patch4:	mtr-0.54-servfail.patch
-Patch5:	mtr-0.54-CVE-2002-0497.patch
-Patch6:	mtr-0.54-ipv6-ifaddr.patch
-Patch7:	mtr-0.54-ipv6-ip6arpa.patch
+Patch1:	mtr-0.69-CVE-2002-0497.patch
 BuildRequires: ncurses-devel libtermcap-devel
 BuildRequires: automake, gtk+-devel
 
@@ -41,13 +35,7 @@ diagnostic tool.
 %prep
 %setup -q
 %patch0 -p1 -b .s390x
-%patch1 -p1 -b .ipv6-kame
-%patch2 -p1 -b .nogtk
-%patch3 -p1 -b .SA_LEN
-%patch4 -p1 -b .servfail
-%patch5 -p1 -b .CVE-2002-0497
-%patch6 -p1 -b .ipv6-ifaddr
-%patch7 -p1 -b .ipv6-ip6arpa
+%patch1 -p1 -b .CVE-2002-0497
 aclocal
 automake -a
 autoconf
@@ -107,6 +95,11 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/pixmaps/mtr_icon.xpm
 
 %changelog
+* Wed Feb 09 2005 Phil Knirsch <pknirsch@redhat.com> 2:0.69-1
+- Updated to mtr-0.69
+- Dropped quite a few patches
+- Forewardported the CVE patch
+
 * Mon Oct 18 2004 Phil Knirsch <pknirsch@redhat.com> 2:0.54-10
 - rebuilt
 
diff --git a/sources b/sources
index d0d5ca7..9f61daa 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-7f7ecb50fc37fedb13135a5ef80fda7d  mtr-0.54.tar.gz
+58904d6d8d70114195cdeb653d56914c  mtr-0.69.tar.gz