From 10a94dd4b05454ae5bf9342fdd7333edd3e38df3 Mon Sep 17 00:00:00 2001
From: cvsdist <cvsdist@fedoraproject.org>
Date: Thu, 9 Sep 2004 09:12:39 +0000
Subject: [PATCH] auto-import changelog data from net-tools-1.60-25.src.rpm Thu
 Apr 15 2004 Phil Knirsch <pknirsch@redhat.com> 1.60-25 - Fixed several
 possible buffer overflows (#120343) Tue Mar 30 2004 Harald Hoyer
 <harald@redhat.com> - 1.60-24 - fixed compilation with gcc34

---
 net-tools-1.60-gcc34.patch    | 36 ++++++++++++++++++++
 net-tools-1.60-overflow.patch | 63 +++++++++++++++++++++++++++++++++++
 net-tools.spec                | 12 ++++++-
 3 files changed, 110 insertions(+), 1 deletion(-)
 create mode 100644 net-tools-1.60-gcc34.patch
 create mode 100644 net-tools-1.60-overflow.patch

diff --git a/net-tools-1.60-gcc34.patch b/net-tools-1.60-gcc34.patch
new file mode 100644
index 0000000..5f700c1
--- /dev/null
+++ b/net-tools-1.60-gcc34.patch
@@ -0,0 +1,36 @@
+--- net-tools-1.60/lib/inet_sr.c.gcc34	2000-02-20 22:46:45.000000000 +0100
++++ net-tools-1.60/lib/inet_sr.c	2004-03-30 15:57:25.276049571 +0200
+@@ -105,6 +105,7 @@
+     case 2:
+        isnet = 0; break;
+     default:
++       ;
+     }
+ 
+     /* Fill in the other fields. */
+--- net-tools-1.60/hostname.c.gcc34	2004-03-30 15:58:12.979830341 +0200
++++ net-tools-1.60/hostname.c	2004-03-30 15:58:47.110380585 +0200
+@@ -98,6 +98,7 @@
+ 	    fprintf(stderr, _("%s: name too long\n"), program_name);
+ 	    break;
+ 	default:
++	;
+ 	}
+ 	exit(1);
+     };
+@@ -117,6 +118,7 @@
+ 	    fprintf(stderr, _("%s: name too long\n"), program_name);
+ 	    break;
+ 	default:
++        ;
+ 	}
+ 	exit(1);
+     };
+@@ -180,6 +182,7 @@
+ 	printf("%s\n", hp->h_name);
+ 	break;
+     default:
++    ;
+     }
+ }
+ 
diff --git a/net-tools-1.60-overflow.patch b/net-tools-1.60-overflow.patch
new file mode 100644
index 0000000..d363149
--- /dev/null
+++ b/net-tools-1.60-overflow.patch
@@ -0,0 +1,63 @@
+diff -ur net-tools-1.60.orig/netstat.c net-tools-1.60/netstat.c
+--- net-tools-1.60.orig/netstat.c	2004-04-07 11:47:05.000000000 -0400
++++ net-tools-1.60/netstat.c	2004-04-07 16:47:15.000000000 -0400
+@@ -777,7 +777,8 @@
+ 	    local_addr[22 - strlen(buffer)] = '\0';
+ 
+ 	strcat(local_addr, ":");
+-	strcat(local_addr, buffer);
++	strncat(local_addr, buffer, sizeof(local_addr));
++	local_addr[sizeof(local_addr)-1] = 0;
+ 	snprintf(buffer, sizeof(buffer), "%s",
+ 		 get_sname(htons(rem_port), "tcp", flag_not & FLAG_NUM_PORT));
+ 
+@@ -785,7 +786,8 @@
+ 	    rem_addr[22 - strlen(buffer)] = '\0';
+ 
+ 	strcat(rem_addr, ":");
+-	strcat(rem_addr, buffer);
++	strncat(rem_addr, buffer, sizeof(rem_addr));
++	rem_addr[sizeof(rem_addr)-1] = 0;
+ 	timers[0] = '\0';
+ 
+ 	if (flag_opt)
+@@ -926,7 +928,8 @@
+ 	if ((strlen(local_addr) + strlen(buffer)) > 22)
+ 	    local_addr[22 - strlen(buffer)] = '\0';
+ 	strcat(local_addr, ":");
+-	strcat(local_addr, buffer);
++	strncat(local_addr, buffer, sizeof(local_addr));
++	local_addr[sizeof(local_addr)-1] = 0;
+ 
+ 	snprintf(buffer, sizeof(buffer), "%s",
+ 		 get_sname(htons(rem_port), "udp", flag_not & FLAG_NUM_PORT));
+@@ -935,7 +938,8 @@
+ 	if ((strlen(rem_addr) + strlen(buffer)) > 22)
+ 	    rem_addr[22 - strlen(buffer)] = '\0';
+ 	strcat(rem_addr, ":");
+-	strcat(rem_addr, buffer);
++	strncat(rem_addr, buffer, sizeof(rem_addr));
++	rem_addr[sizeof(rem_addr)-1] = 0;
+ 
+ 	timers[0] = '\0';
+ 	if (flag_opt)
+@@ -1045,7 +1049,8 @@
+ 	if ((strlen(local_addr) + strlen(buffer)) > 22)
+ 	    local_addr[22 - strlen(buffer)] = '\0';
+ 	strcat(local_addr, ":");
+-	strcat(local_addr, buffer);
++	strncat(local_addr, buffer, sizeof(local_addr));
++	local_addr[sizeof(local_addr)-1] = 0;
+ 
+ 	snprintf(buffer, sizeof(buffer), "%s",
+ 		 get_sname(htons(rem_port), "raw", flag_not & FLAG_NUM_PORT));
+@@ -1054,7 +1059,8 @@
+ 	if ((strlen(rem_addr) + strlen(buffer)) > 22)
+ 	    rem_addr[22 - strlen(buffer)] = '\0';
+ 	strcat(rem_addr, ":");
+-	strcat(rem_addr, buffer);
++	strncat(rem_addr, buffer, sizeof(rem_addr));
++	rem_addr[sizeof(rem_addr)-1] = 0;
+ 
+ 	timers[0] = '\0';
+ 	if (flag_opt)
diff --git a/net-tools.spec b/net-tools.spec
index d507307..da930ba 100644
--- a/net-tools.spec
+++ b/net-tools.spec
@@ -3,7 +3,7 @@
 Summary: Basic networking tools.
 Name: net-tools
 Version: 1.60
-Release: 23
+Release: 25
 License: GPL
 Group: System Environment/Base
 Source0: http://www.tazenda.demon.co.uk/phil/net-tools/net-tools-%{version}.tar.bz2
@@ -24,6 +24,8 @@ Patch10: net-tools-1.60-gcc33.patch
 Patch11: net-tools-1.60-trailingblank.patch
 Patch12: net-tools-1.60-interface.patch
 Patch13: netplug-1.2.1-init.patch
+Patch14: net-tools-1.60-gcc34.patch
+Patch15: net-tools-1.60-overflow.patch
 BuildRoot: %{_tmppath}/%{name}-root
 Requires(post,preun): chkconfig
 
@@ -46,6 +48,8 @@ ifconfig, netstat, route, and others.
 %patch11 -p1 -b .trailingblank
 %patch12 -p1 -b .interface
 %patch13 -p1 -b .init
+%patch14 -p1 -b .gcc34
+%patch15 -p1 -b .overflow
 
 cp %SOURCE2 ./config.h
 cp %SOURCE3 ./config.make
@@ -118,6 +122,12 @@ exit 0
 %{_sysconfdir}/rc.d/init.d/netplugd
 
 %changelog
+* Thu Apr 15 2004 Phil Knirsch <pknirsch@redhat.com> 1.60-25
+- Fixed several possible buffer overflows (#120343)
+
+* Tue Mar 30 2004 Harald Hoyer <harald@redhat.com> - 1.60-24
+- fixed compilation with gcc34
+
 * Tue Mar 23 2004 Karsten Hopp <karsten@redhat.de> 1.60-23 
 - add chkconfig call in post and preun, fix init script (#116555)