From 89757940c46ef38ced57c74435879bee526d6d94 Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Thu, 21 Aug 2014 08:48:39 +0200 Subject: main/cacti: fix from upstream for incomplete and incorrect input parsing ref #3295 http://svn.cacti.net/viewvc?view=rev&revision=7454 --- main/cacti/APKBUILD | 12 ++++++++---- main/cacti/bug-0002455.patch | 28 ++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+), 4 deletions(-) create mode 100644 main/cacti/bug-0002455.patch (limited to 'main') diff --git a/main/cacti/APKBUILD b/main/cacti/APKBUILD index 9de1dccb91..6ecd8e04a6 100644 --- a/main/cacti/APKBUILD +++ b/main/cacti/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Jeff Bilyk pkgname=cacti pkgver=0.8.8b -pkgrel=1 +pkgrel=2 pkgdesc="Network monitoring tool based on RRDtool" url="http://www.cacti.net" arch="noarch" @@ -10,6 +10,7 @@ depends="mysql php php-mysql php-snmp rrdtool net-snmp php-sockets php-xml php-g makedepends="" source="http://www.cacti.net/downloads/$pkgname-$pkgver.tar.gz security.patch + bug-0002455.patch " _builddir="$srcdir"/$pkgname-$pkgver @@ -33,8 +34,11 @@ package() { } md5sums="acb40deae073ca22e5c01a8e3ba389fb cacti-0.8.8b.tar.gz -bd18f265cca1f9713f88296f0be1ef56 security.patch" +bd18f265cca1f9713f88296f0be1ef56 security.patch +aa6d50a78b32e7f3e1a71f93c40c6697 bug-0002455.patch" sha256sums="ef0e2a813139e0b4c2e066f0fdae1f4ad086bef0aa23446055df6331cb1af98c cacti-0.8.8b.tar.gz -73758bdf3f7846875f1620c35d1d982fa27366b053d8bd87363c618e7747c163 security.patch" +73758bdf3f7846875f1620c35d1d982fa27366b053d8bd87363c618e7747c163 security.patch +598fe1d4677e0ac080a6ada7ae97ff73b748a20e35eabce13f441010227294c0 bug-0002455.patch" sha512sums="98b216f3beb8e90dc554a16ca07cc8b3c9e247335786d8b5e76001d7293251a8a6e03bbe2464f7e9f8e0721359e7cd4a40615dd93ac7b1cc0bec507f01fa24c1 cacti-0.8.8b.tar.gz -bed640fb64584b877348cf8163cebe39f6786a2fb8a7e735a81e9a0504b53005feec13e9911566690426f63d120b3744b755c0cbffcb67c44e9fe6dae3ccae80 security.patch" +bed640fb64584b877348cf8163cebe39f6786a2fb8a7e735a81e9a0504b53005feec13e9911566690426f63d120b3744b755c0cbffcb67c44e9fe6dae3ccae80 security.patch +abde50dca8c80c1ea3cfc16a418abda23212c7badda469ec30345b822cf372c45b14cd397bffc77e8765b1fcc605ebd1ab21fffb53a8fbc37bad175219c84596 bug-0002455.patch" diff --git a/main/cacti/bug-0002455.patch b/main/cacti/bug-0002455.patch new file mode 100644 index 0000000000..bf65d6d474 --- /dev/null +++ b/main/cacti/bug-0002455.patch @@ -0,0 +1,28 @@ +Index: 0.8.8/lib/rrd.php +=================================================================== +--- 0.8.8/lib/rrd.php (revision 7453) ++++ 0.8.8/lib/rrd.php (revision 7454) +@@ -2060,7 +2060,7 @@ + $size = 8; + } + +- return "--font " . strtoupper($type) . ":" . $size . ":" . $font . RRD_NL; ++ return "--font " . strtoupper($type) . ":" . floatval($size) . ":" . $font . RRD_NL; + } + + function rrd_substitute_host_query_data($txt_graph_item, $graph, $graph_item) { +Index: 0.8.8/graph_settings.php +=================================================================== +--- 0.8.8/graph_settings.php (revision 7453) ++++ 0.8.8/graph_settings.php (revision 7454) +@@ -54,6 +54,10 @@ + + while (list($tab_short_name, $tab_fields) = each($settings_graphs)) { + while (list($field_name, $field_array) = each($tab_fields)) { ++ /* Check every field with a numeric default value and reset it to default if the inputted value is not numeric */ ++ if (isset($field_array["default"]) && is_numeric($field_array["default"]) && !is_numeric(get_request_var_post($field_name))) { ++ $_POST[$field_name] = $field_array["default"]; ++ } + if ($field_array["method"] == "checkbox") { + if (isset($_POST[$field_name])) { + db_execute("REPLACE INTO settings_graphs (user_id,name,value) VALUES (" . $_SESSION["sess_user_id"] . ",'$field_name', 'on')"); -- cgit v1.2.3