Репозитории ALT
Группа :: Разработка/Прочее
Пакет: rats
навигация по пакетам
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
Патч: rats-2.1-deb-5.patch
Скачать
Скачать
--- rats-2.1.orig/c-lex.l
+++ rats-2.1/c-lex.l
@@ -31,7 +31,6 @@
static int identifier(void);
static int string_const(void);
-static int preprocessor(void);
static void reset_comment(void);
static int cstyle_comment(void);
static void no_match(void);
@@ -63,7 +62,50 @@
%%
-"#" { count(); return preprocessor(); }+"#" { + signed char c;
+ count();
+
+ while ((c = input()) && c != -1)
+ {+ clexreal_column++;
+ if (c == '\n')
+ {+ clex_lineno++;
+ clexreal_column = 0;
+ clex_column = 0;
+ break;
+ }
+ if (c == '\r')
+ {+ clex_lineno++;
+ clexreal_column = 0;
+ clex_column = 0;
+ }
+
+ /* handle multi-line comments beginning on a preprocessor line */
+ if (c == '/')
+ {+ if (!(c = input()) || c == -1)
+ break;
+ clexreal_column++;
+ if (c == '*')
+ {+ int save_lineno = clex_lineno;
+
+ cstyle_comment();
+ if (clex_lineno != save_lineno)
+ return TOKEN_COMMENT;
+ continue;
+ }
+ clexreal_column--;
+ unput(c);
+ }
+ }
+
+ return TOKEN_JUNK;
+}
+
"/*" { count(); return cstyle_comment(); } "//".* { count(); reset_comment(); accumulate_comment(yytext+2,strlen(yytext+2));
@@ -259,7 +301,7 @@
static
int cstyle_comment(void)
{- char c;
+ signed char c;
reset_comment();
while ((c = input()) && c != -1)
@@ -296,50 +338,6 @@
return TOKEN_COMMENT;
}
-static
-int preprocessor(void)
-{- char c;
-
- while ((c = input()) && c != -1)
- {- clexreal_column++;
- if (c == '\n')
- {- clex_lineno++;
- clexreal_column = 0;
- clex_column = 0;
- break;
- }
- if (c == '\r')
- {- clex_lineno++;
- clexreal_column = 0;
- clex_column = 0;
- }
-
- /* handle multi-line comments beginning on a preprocessor line */
- if (c == '/')
- {- if (!(c = input()) || c == -1)
- break;
- clexreal_column++;
- if (c == '*')
- {- int save_lineno = clex_lineno;
-
- cstyle_comment();
- if (clex_lineno != save_lineno)
- return TOKEN_COMMENT;
- continue;
- }
- clexreal_column--;
- unput(c);
- }
- }
-
- return TOKEN_JUNK;
-}
static
void no_match(void)
--- rats-2.1.orig/main.c
+++ rats-2.1/main.c
@@ -138,7 +138,7 @@
printf(" --help\n"); printf(" -i report functions that accept external input\n"); printf(" --input\n");- printf(" -l <language> force the specified langauge to be used\n");+ printf(" -l <language> force the specified language to be used\n"); printf(" --language <language>\n"); printf(" -r include references that are not function calls\n"); printf(" --references\n");@@ -160,7 +160,7 @@
printf(" --resultsonly\n"); printf(" No header, footer, or status information\n"); printf(" --columns\n");- printf(" Show column number of hte line where the problem occured.\n");+ printf(" Show column number of the line where the problem occured.\n"); printf(" --context\n"); printf(" Display the line of code that caused the problem report\n");}
@@ -278,6 +278,7 @@
{"columns", 0,0,0}, {"context", 0,0,0}, {"all-static", 0,0,0},+ {0,0,0,0}};
progname = argv[0];
flags|=RECURSIVE_FILE_SCAN;
--- rats-2.1.orig/perl-lex.l
+++ rats-2.1/perl-lex.l
@@ -431,7 +431,7 @@
{int bslash = 0;
- char c;
+ signed char c;
while ((c = input()) && c != -1)
{@@ -468,7 +468,7 @@
int bline = 0;
int cstate = 0;
- char c;
+ signed char c;
while ((c = input()) && c != -1)
{perllexreal_column++;
--- rats-2.1.orig/php-lex.l
+++ rats-2.1/php-lex.l
@@ -274,7 +274,7 @@
{int bslash = 0;
- char c;
+ signed char c;
while ((c = input()) && c != -1)
{@@ -375,7 +375,7 @@
static
int cstyle_comment(void)
{- char c;
+ signed char c;
reset_comment();
while ((c = input()) && c != -1)
--- rats-2.1.orig/python-lex.l
+++ rats-2.1/python-lex.l
@@ -197,7 +197,7 @@
{int bslash = 0;
- char c;
+ signed char c;
while ((c = input()) && c != -1)
{@@ -252,7 +252,7 @@
static
int longstring(int q)
{- char c;
+ signed char c;
int quotes = 0;
int backtick = 0;
--- rats-2.1.orig/rats-c.xml
+++ rats-2.1/rats-c.xml
@@ -2830,5 +2830,22 @@
<Severity>High</Severity>
</Info>
</Vulnerability>
+
+ <!-- GTK/GLib specific problems, added by Steve Kemp -->
+ <Vulnerability>
+ <Name>g_get_tmp_dir</Name>
+ <Info>
+ <Description>This function returns the contents of the environmental variable TMP and can be any length, containing arbitary characters. It should be treated as getenv.</Description>
+ <Severity>High</Severity>
+ </Info>
+ </Vulnerability>
+ <Vulnerability>
+ <Name>g_get_home_dir</Name>
+ <Info>
+ <Description>This function returns the contents of the environmental variable HOME and can be any length, containing arbitary characters, it should be treated as getenv.</Description>
+ <Severity>High</Severity>
+ </Info>
+ </Vulnerability>
+
</VulnDB>
--- rats-2.1.orig/report.c
+++ rats-2.1/report.c
@@ -1093,6 +1093,7 @@
ctx = getctx(ptr->filename, ptr->lineno);
if(ctx)
{+ ctx = xml_escape(ctx);
printf("%s<br>\n", ctx);free(ctx);
}