diff -u filtergen-0.12.4/scanner.c filtergen-0.12.4/scanner.c --- filtergen-0.12.4/scanner.c +++ filtergen-0.12.4/scanner.c @@ -1,6 +1,5 @@ -#line 2 "scanner.c" -#line 4 "scanner.c" +#line 3 "scanner.c" #define YY_INT_ALIGNED short int @@ -9,7 +8,7 @@ #define FLEX_SCANNER #define YY_FLEX_MAJOR_VERSION 2 #define YY_FLEX_MINOR_VERSION 5 -#define YY_FLEX_SUBMINOR_VERSION 35 +#define YY_FLEX_SUBMINOR_VERSION 31 #if YY_FLEX_SUBMINOR_VERSION > 0 #define FLEX_BETA #endif @@ -31,15 +30,7 @@ /* C99 systems have . Non-C99 systems may or may not. */ -#if defined (__STDC_VERSION__) && __STDC_VERSION__ >= 199901L - -/* C99 says to define __STDC_LIMIT_MACROS before including stdint.h, - * if you want the limit (max/min) macros for int types. - */ -#ifndef __STDC_LIMIT_MACROS -#define __STDC_LIMIT_MACROS 1 -#endif - +#if defined __STDC_VERSION__ && __STDC_VERSION__ >= 199901L #include typedef int8_t flex_int8_t; typedef uint8_t flex_uint8_t; @@ -54,6 +45,7 @@ typedef unsigned char flex_uint8_t; typedef unsigned short int flex_uint16_t; typedef unsigned int flex_uint32_t; +#endif /* ! C99 */ /* Limits of integral types. */ #ifndef INT8_MIN @@ -84,8 +76,6 @@ #define UINT32_MAX (4294967295U) #endif -#endif /* ! C99 */ - #endif /* ! FLEXINT_H */ #ifdef __cplusplus @@ -95,12 +85,11 @@ #else /* ! __cplusplus */ -/* C99 requires __STDC__ to be defined as 1. */ -#if defined (__STDC__) +#if __STDC__ #define YY_USE_CONST -#endif /* defined (__STDC__) */ +#endif /* __STDC__ */ #endif /* ! __cplusplus */ #ifdef YY_USE_CONST @@ -142,21 +131,9 @@ /* Size of default input buffer. */ #ifndef YY_BUF_SIZE -#ifdef __ia64__ -/* On IA-64, the buffer size is 16k, not 8k. - * Moreover, YY_BUF_SIZE is 2*YY_READ_BUF_SIZE in the general case. - * Ditto for the __ia64__ case accordingly. - */ -#define YY_BUF_SIZE 32768 -#else #define YY_BUF_SIZE 16384 -#endif /* __ia64__ */ #endif -/* The state buf must be large enough to hold one state per character in the main buffer. - */ -#define YY_STATE_BUF_SIZE ((YY_BUF_SIZE + 2) * sizeof(yy_state_type)) - #ifndef YY_TYPEDEF_YY_BUFFER_STATE #define YY_TYPEDEF_YY_BUFFER_STATE typedef struct yy_buffer_state *YY_BUFFER_STATE; @@ -188,9 +165,14 @@ #define unput(c) yyunput( c, (yytext_ptr) ) +/* The following is because we cannot portably get our hands on size_t + * (without autoconf's help, which isn't available because we want + * flex-generated scanners to compile on their own). + */ + #ifndef YY_TYPEDEF_YY_SIZE_T #define YY_TYPEDEF_YY_SIZE_T -typedef size_t yy_size_t; +typedef unsigned int yy_size_t; #endif #ifndef YY_STRUCT_YY_BUFFER_STATE @@ -285,7 +267,7 @@ /* Points to current character in buffer. */ static char *yy_c_buf_p = (char *) 0; -static int yy_init = 0; /* whether we need to initialize */ +static int yy_init = 1; /* whether we need to initialize */ static int yy_start = 0; /* start state number */ /* Flag which is used to allow yywrap()'s to do buffer switches @@ -610,7 +592,7 @@ char * filename(); static void scan_err(const char * fmt, ...); void include_file(const char *); -#line 614 "scanner.c" +#line 596 "scanner.c" #define INITIAL 0 #define include 1 @@ -627,37 +609,6 @@ #define YY_EXTRA_TYPE void * #endif -static int yy_init_globals (void ); - -/* Accessor methods to globals. - These are made visible to non-reentrant scanners for convenience. */ - -int yylex_destroy (void ); - -int yyget_debug (void ); - -void yyset_debug (int debug_flag ); - -YY_EXTRA_TYPE yyget_extra (void ); - -void yyset_extra (YY_EXTRA_TYPE user_defined ); - -FILE *yyget_in (void ); - -void yyset_in (FILE * in_str ); - -FILE *yyget_out (void ); - -void yyset_out (FILE * out_str ); - -int yyget_leng (void ); - -char *yyget_text (void ); - -int yyget_lineno (void ); - -void yyset_lineno (int line_number ); - /* Macros after this point can all be overridden by user definitions in * section 1. */ @@ -690,12 +641,7 @@ /* Amount of stuff to slurp up with each read. */ #ifndef YY_READ_BUF_SIZE -#ifdef __ia64__ -/* On IA-64, the buffer size is 16k, not 8k */ -#define YY_READ_BUF_SIZE 16384 -#else #define YY_READ_BUF_SIZE 8192 -#endif /* __ia64__ */ #endif /* Copy whatever the last rule matched to the standard output. */ @@ -703,7 +649,7 @@ /* This used to be an fputs(), but since the string might contain NUL's, * we now use fwrite(). */ -#define ECHO do { if (fwrite( yytext, yyleng, 1, yyout )) {} } while (0) +#define ECHO (void) fwrite( yytext, yyleng, 1, yyout ) #endif /* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, @@ -799,11 +745,11 @@ #line 53 "scanner.l" -#line 803 "scanner.c" +#line 749 "scanner.c" - if ( !(yy_init) ) + if ( (yy_init) ) { - (yy_init) = 1; + (yy_init) = 0; #ifdef YY_USER_INIT YY_USER_INIT; @@ -1126,7 +1072,7 @@ #line 153 "scanner.l" ECHO; YY_BREAK -#line 1130 "scanner.c" +#line 1076 "scanner.c" case YY_END_OF_BUFFER: { @@ -1310,7 +1256,7 @@ else { - int num_to_read = + size_t num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; while ( num_to_read <= 0 ) @@ -1355,7 +1301,7 @@ /* Read in more data. */ YY_INPUT( (&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]), - (yy_n_chars), (size_t) num_to_read ); + (yy_n_chars), num_to_read ); YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); } @@ -1379,14 +1325,6 @@ else ret_val = EOB_ACT_CONTINUE_SCAN; - if ((yy_size_t) ((yy_n_chars) + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) { - /* Extend the array by 50%, plus the number we really need. */ - yy_size_t new_size = (yy_n_chars) + number_to_move + ((yy_n_chars) >> 1); - YY_CURRENT_BUFFER_LVALUE->yy_ch_buf = (char *) yyrealloc((void *) YY_CURRENT_BUFFER_LVALUE->yy_ch_buf,new_size ); - if ( ! YY_CURRENT_BUFFER_LVALUE->yy_ch_buf ) - YY_FATAL_ERROR( "out of dynamic memory in yy_get_next_buffer()" ); - } - (yy_n_chars) += number_to_move; YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] = YY_END_OF_BUFFER_CHAR; YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] = YY_END_OF_BUFFER_CHAR; @@ -1765,9 +1703,7 @@ (yy_buffer_stack) = (struct yy_buffer_state**)yyalloc (num_to_alloc * sizeof(struct yy_buffer_state*) ); - if ( ! (yy_buffer_stack) ) - YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" ); - + memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*)); (yy_buffer_stack_max) = num_to_alloc; @@ -1785,8 +1721,6 @@ ((yy_buffer_stack), num_to_alloc * sizeof(struct yy_buffer_state*) ); - if ( ! (yy_buffer_stack) ) - YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" ); /* zero only the new slots.*/ memset((yy_buffer_stack) + (yy_buffer_stack_max), 0, grow_size * sizeof(struct yy_buffer_state*)); @@ -1831,26 +1765,27 @@ /** Setup the input buffer state to scan a string. The next call to yylex() will * scan from a @e copy of @a str. - * @param yystr a NUL-terminated string to scan + * @param str a NUL-terminated string to scan + * @param yy_str a NUL-terminated string to scan * * @return the newly allocated buffer state object. * @note If you want to scan bytes that may contain NUL values, then use * yy_scan_bytes() instead. */ -YY_BUFFER_STATE yy_scan_string (yyconst char * yystr ) +YY_BUFFER_STATE yy_scan_string (yyconst char * yy_str ) { - return yy_scan_bytes(yystr,strlen(yystr) ); + return yy_scan_bytes(yy_str,strlen(yy_str) ); } /** Setup the input buffer state to scan the given bytes. The next call to yylex() will * scan from a @e copy of @a bytes. - * @param yybytes the byte buffer to scan - * @param _yybytes_len the number of bytes in the buffer pointed to by @a bytes. + * @param bytes the byte buffer to scan + * @param len the number of bytes in the buffer pointed to by @a bytes. * * @return the newly allocated buffer state object. */ -YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, int _yybytes_len ) +YY_BUFFER_STATE yy_scan_bytes (yyconst char * bytes, int len ) { YY_BUFFER_STATE b; char *buf; @@ -1858,15 +1793,15 @@ int i; /* Get memory for full buffer, including space for trailing EOB's. */ - n = _yybytes_len + 2; + n = len + 2; buf = (char *) yyalloc(n ); if ( ! buf ) YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" ); - for ( i = 0; i < _yybytes_len; ++i ) - buf[i] = yybytes[i]; + for ( i = 0; i < len; ++i ) + buf[i] = bytes[i]; - buf[_yybytes_len] = buf[_yybytes_len+1] = YY_END_OF_BUFFER_CHAR; + buf[len] = buf[len+1] = YY_END_OF_BUFFER_CHAR; b = yy_scan_buffer(buf,n ); if ( ! b ) @@ -1987,34 +1922,6 @@ yy_flex_debug = bdebug ; } -static int yy_init_globals (void) -{ - /* Initialization is the same as for the non-reentrant scanner. - * This function is called from yylex_destroy(), so don't allocate here. - */ - - (yy_buffer_stack) = 0; - (yy_buffer_stack_top) = 0; - (yy_buffer_stack_max) = 0; - (yy_c_buf_p) = (char *) 0; - (yy_init) = 0; - (yy_start) = 0; - -/* Defined in main.c */ -#ifdef YY_STDINIT - yyin = stdin; - yyout = stdout; -#else - yyin = (FILE *) 0; - yyout = (FILE *) 0; -#endif - - /* For future reference: Set errno on error, since we are called by - * yylex_init() - */ - return 0; -} - /* yylex_destroy is for both reentrant and non-reentrant scanners. */ int yylex_destroy (void) { @@ -2030,10 +1937,6 @@ yyfree((yy_buffer_stack) ); (yy_buffer_stack) = NULL; - /* Reset the globals. This is important in a non-reentrant scanner so the next time - * yylex() is called, initialization will occur. */ - yy_init_globals( ); - return 0; } @@ -2045,7 +1948,7 @@ static void yy_flex_strncpy (char* s1, yyconst char * s2, int n ) { register int i; - for ( i = 0; i < n; ++i ) + for ( i = 0; i < n; ++i ) s1[i] = s2[i]; } #endif @@ -2054,7 +1957,7 @@ static int yy_flex_strlen (yyconst char * s ) { register int n; - for ( n = 0; s[n]; ++n ) + for ( n = 0; s[n]; ++n ) ; return n; @@ -2085,6 +1988,18 @@ #define YYTABLES_NAME "yytables" +#undef YY_NEW_FILE +#undef YY_FLUSH_BUFFER +#undef yy_set_bol +#undef yy_new_buffer +#undef yy_set_interactive +#undef yytext_ptr +#undef YY_DO_BEFORE_ACTION + +#ifdef YY_DECL_IS_OURS +#undef YY_DECL_IS_OURS +#undef YY_DECL +#endif #line 153 "scanner.l" diff -u filtergen-0.12.4/debian/changelog filtergen-0.12.4/debian/changelog --- filtergen-0.12.4/debian/changelog +++ filtergen-0.12.4/debian/changelog @@ -1,3 +1,24 @@ +filtergen (0.12.4-5.1ubuntu1) quantal; urgency=low + + * Merge from Debian testing. Remaining changes: + - configure.in, configure: Disable -Werror to avoid Ubuntu's + warn_unused_result warnings (a number of false positives there). + - t/scan.c: if chdir fails, print an error message and bail out. + (Werror is still enabled for this subdirectory). + - Dropped patches: + + scanner.c: refresh from scanner.l to fix ftbfs. Wasn't needed anymore. + + -- Bilal Akhtar Mon, 06 Aug 2012 17:53:00 -0400 + +filtergen (0.12.4-5.1) unstable; urgency=low + + * Non-maintainer upload. + * Fix "ftbfs with gcc-4.6 -Werror": add patch from peter green that removes + some unused variables. + (Closes: #625327) + + -- gregor herrmann Mon, 12 Dec 2011 17:06:03 +0100 + filtergen (0.12.4-5ubuntu1) natty; urgency=low * Merge from debian unstable. Remaining changes: only in patch2: unchanged: --- filtergen-0.12.4.orig/resolver.c +++ filtergen-0.12.4/resolver.c @@ -43,10 +43,10 @@ asprintf(&n->icmptype, "%s", i->i_type); } else { /* check that the icmptype is a number if we can't resolve it */ - long m; + //long m; char * e; - m = strtol(n->icmptype, &e, 10); + strtol(n->icmptype, &e, 10); if (*e) { fprintf(stderr, "warning: suspicious icmp type encountered: %s\n", n->icmptype); } @@ -79,10 +79,10 @@ asprintf(&n->port_min, "%d", ntohs(s->s_port)); } else { /* check that the port is a number if we can't resolve it */ - long m; + //long m; char * e; - m = strtol(n->port_min, &e, 10); + strtol(n->port_min, &e, 10); if (*e) { fprintf(stderr, "warning: suspicious port name encountered: %s\n", n->port_min); } @@ -95,10 +95,10 @@ asprintf(&n->port_max, "%d", ntohs(s->s_port)); } else { /* check that the port is a number if we can't resolve it */ - long m; + //long m; char * e; - m = strtol(n->port_max, &e, 10); + strtol(n->port_max, &e, 10); if (*e) { fprintf(stderr, "warning: suspicious port name encountered: %s\n", n->port_max); } @@ -130,10 +130,10 @@ asprintf(&n->proto, "%d", p->p_proto); } else { /* check that the proto is a number if we can't resolve it */ - long m; + //long m; char * e; - m = strtol(n->proto, &e, 10); + strtol(n->proto, &e, 10); if (*e) { fprintf(stderr, "warning: suspicious protocol name encountered: %s\n", n->proto); } only in patch2: unchanged: --- filtergen-0.12.4.orig/debian/changelog.dch +++ filtergen-0.12.4/debian/changelog.dch @@ -0,0 +1,217 @@ +filtergen (0.12.4-5) unstable; urgency=low + + * New maintainer. Closes: #543434. + * Bump standards version: + - Added Homepage field. + * Fix up a bunch of lintian warnings: + - Remove now-useless .arch-inventory file + - Add a ${misc:Depends} for debhelper's benefit + - Point to versioned GPL licence file + - Add copyright notices to debian/copyright + - Fix a formatting niggle in the filter_backends manpage + - Bump to dh compat 5 + + -- Matt Palmer Tue, 02 Feb 2010 21:25:57 +1100 + +filtergen (0.12.4-4.1) unstable; urgency=medium + + * Non-maintainer upload. + * scanner.l: Fix buffer overflow with nested include files. + Closes: #324908. + * debian/rules: Make sure clean doesn't accidentally run makefile + (and consequently autoconf). + + -- Matej Vela Wed, 5 Jul 2006 08:40:35 +0200 + +filtergen (0.12.4-4) unstable; urgency=low + + * Apply patch from Andreas Jochens to fix build failure on amd64. + (Closes: #285935) + * Added flex and bison to the build dependencies. + * Updated standards version, no other changes required. + + -- Jamie Wilkinson Tue, 23 Aug 2005 14:09:04 +1000 + +filtergen (0.12.4-3) unstable; urgency=high + + * Call the distclean target instead of clean, in our debian/rules clean + target, so that created files are cleaned up. Yes this is dumb, I + blame autogoats. (Closes: #273371) + + -- Jamie Wilkinson Wed, 13 Oct 2004 14:10:26 +1000 + +filtergen (0.12.4-2) unstable; urgency=low + + * Updated copyright to reflect new upstream location and author. + + -- Jamie Wilkinson Tue, 24 Aug 2004 12:34:16 +1000 + +filtergen (0.12.4-1) unstable; urgency=low + + * New upstream release. + - Fixes behavioural bugs in fgadm script. + + -- Jamie Wilkinson Tue, 24 Aug 2004 11:49:16 +1000 + +filtergen (0.12.3-2) unstable; urgency=low + + * Added watch file. + + -- Jamie Wilkinson Fri, 13 Aug 2004 16:47:45 +1000 + +filtergen (0.12.3-1) unstable; urgency=low + + * New upstream release. + - fixes critical port number resolver bug. + + -- Jamie Wilkinson Thu, 24 Jun 2004 11:35:03 +1000 + +filtergen (0.12.1-6) unstable; urgency=low + + * The Sixth Time Lucky release. + * Re-add netbase to the build dependencies. (Closes: #253631) + + -- Jamie Wilkinson Fri, 11 Jun 2004 10:05:34 +1000 + +filtergen (0.12.1-5) unstable; urgency=low + + * Removed unnecessary build dependency on flex. + * Fix path to filtergen in fgadm script. + * Alter test scripts to print diff output. + + -- Jamie Wilkinson Thu, 10 Jun 2004 20:04:17 +1000 + +filtergen (0.12.1-4) unstable; urgency=low + + * Applied a patch from upstream that fixes the test suite so it's not using + protocols that have more than one name in /etc/protocols. This really fixes + the build daemon errors (fingers crossed) so also remove netbase from the + build dependencies. + + -- Jamie Wilkinson Thu, 10 Jun 2004 18:54:42 +1000 + +filtergen (0.12.1-3) unstable; urgency=low + + * Add netbase to the build dependencies for /etc/protocols and /etc/services. + + -- Jamie Wilkinson Thu, 10 Jun 2004 18:14:38 +1000 + +filtergen (0.12.1-2) unstable; urgency=low + + * Regenerate the makefile so that -Wcast-align is gone. (Closes: #253432) + + -- Jamie Wilkinson Thu, 10 Jun 2004 09:09:56 +1000 + +filtergen (0.12.1-1) unstable; urgency=low + + * New upstream release. + + Fixes compiler errors on 64 bit platforms. + + -- Jamie Wilkinson Wed, 9 Jun 2004 23:52:22 +1000 + +filtergen (0.12-2) unstable; urgency=low + + * Remove an ugly and incorrect cast around gethosybyname and inet_ntoa + to fix builds on 64 bit systems. + * Added make check to the build target of rules. + + -- Jamie Wilkinson Wed, 9 Jun 2004 19:28:30 +1000 + +filtergen (0.12-1) unstable; urgency=low + + * New upstream release. + * Bumped standards version to 3.6.1. + * Moved DH_COMPAT to debian/compat. + * Upstream now uses configure, modified configure target. + + -- Jamie Wilkinson Wed, 9 Jun 2004 11:44:48 +1000 + +filtergen (0.11-4) unstable; urgency=low + + * Added "%option nounput" to the flex scanner to fix a build failure + with the new flex, thanks to Bastian Kleineidam. (Closes: #191188) + * Bumped standards version to 3.5.9. + + -- Jamie Wilkinson Mon, 12 May 2003 20:10:14 +1000 + +filtergen (0.11-3) unstable; urgency=low + + * Removed initscript, README.Debian, postinst, and debconf stuff. + Reverted to just the basic program, not trying to provide a + super-firewall-tool, just a filter generator. (Closes: #171951) + + -- Jamie Wilkinson Wed, 12 Feb 2003 18:38:43 +1100 + +filtergen (0.11-2) unstable; urgency=low + + * Bumped standards version to 3.5.8.0. + * Set DH_COMPAT to 4. + * Set versioned depends on debconf 1.2.9 for dpkg-reconfigure, + making lintian happy. + + -- Jamie Wilkinson Sat, 30 Nov 2002 12:14:22 +1100 + +filtergen (0.11-1) unstable; urgency=low + + * New upstream release. (Closes: #168985) + - Fixes documentation error (patch removed). + - Adds flush option (patch removed). + - Fixes compilation on 64 bit archs (patch removed). + * Bathed by the lint siblings. + * Bumped standards version to 3.5.7.0. + + -- Jamie Wilkinson Wed, 20 Nov 2002 14:12:35 +1100 + +filtergen (0.10-7) unstable; urgency=low + + * Fix builds on alpha and ia64. (Closes: #168352) + + -- Jamie Wilkinson Sat, 9 Nov 2002 10:14:02 +1100 + +filtergen (0.10-6) unstable; urgency=low + + * Mention the lack of a firewall on upgrade from a pre-0.10-5 version. + (Closes: #167561) + * Initscript cosmetic change, hack around stderr from filtergen. + + -- Jamie Wilkinson Sun, 3 Nov 2002 01:14:29 +1100 + +filtergen (0.10-5) unstable; urgency=low + + * Only `stop' the filter if GENERATE is true. (Closes: #167232) + + -- Jamie Wilkinson Sat, 2 Nov 2002 18:18:32 +1100 + +filtergen (0.10-4) unstable; urgency=low + + * Reworded an error message to be nicer. (s/permitted/supported) + * Removed debhelper templates from source. + + -- Jamie Wilkinson Wed, 30 Oct 2002 21:53:07 +1100 + +filtergen (0.10-3) unstable; urgency=low + + * Patched filtergen to add a command to generate flush rules, thus cleaning + the initscript a little. + + -- Jamie Wilkinson Wed, 30 Oct 2002 20:39:37 +1100 + +filtergen (0.10-2) unstable; urgency=low + + * Added a `check' argument to /etc/init.d/filtergen. + * Removed `ipfilter' from the backends that get piped into a shell. + Instead it should get piped into ipfilter somehow. I will worry about + that when ipfilter gets packaged. + + -- Jamie Wilkinson Wed, 30 Oct 2002 00:39:17 +1100 + +filtergen (0.10-1) unstable; urgency=low + + * Initial Release. (Closes: #166170) + * Applied patch from upstream fixing documentation error. + * Added NAME section to filter_backends.7, lintian clean. + * Depends on iptables or ipchains. + * Created initsctipt and filtergen.conf config file to control what + filtergen will do to your firewall. + + -- Jamie Wilkinson Sat, 26 Oct 2002 11:15:16 +1000