Please let ekg 1.5+20050411-2 into sarge

[Marcin Owsiany <porridge@debian.org>]

Changelog:

]  * Applied patches selected from upstream CVS, to fix the following
]    important issues in libgadu:
]     - incorrect type punning could cause undefined behavior
]     - assigning syscall return values to unsigned variable makes error
]       conditions undetectable in some situations

This also fixes three "uninitialized variable" warnings.

Those issues are not reported as debian bugs, but I do consider them at
least of important severity. The fixes are IMO as little intrusive as
they could possibly be.

The only other changes are
 - config.{sub,guess}, that changed since the last build
 - libgadu version timestamp updates to match upstream ones, since the
   applied fixes are also the only ones upstream in lib/ subdir

patch attached

Marcin
-- 
Marcin Owsiany <porridge@debian.org>             http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216  FE67 DA2D 0ACA FC5E 3F75  D6F6 3A0D 8AA0 60F4 1216

diff -u ekg-1.5+20050411/debian/changelog ekg-1.5+20050411/debian/changelog
--- ekg-1.5+20050411/debian/changelog
+++ ekg-1.5+20050411/debian/changelog
@@ -1,3 +1,13 @@
+ekg (1:1.5+20050411-2) unstable; urgency=high
+
+  * Applied patches selected from upstream CVS, to fix the following important
+    issues in libgadu:
+     - incorrect type punning could cause undefined behavior
+     - assigning syscall return values to unsigned variable makes error
+       conditions undetectable in some situations
+
+ -- Marcin Owsiany <porridge@debian.org>  Sun,  8 May 2005 22:59:33 +0200
+
 ekg (1:1.5+20050411-1) unstable; urgency=high
 
   * New upstream snapshot (this one includes 1.6rc1 as well as some subsequent
diff -u ekg-1.5+20050411/config.sub ekg-1.5+20050411/config.sub
--- ekg-1.5+20050411/config.sub
+++ ekg-1.5+20050411/config.sub
@@ -3,7 +3,7 @@
 #   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
 #   2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
 
-timestamp='2005-02-10'
+timestamp='2005-04-22'
 
 # This file is (in principle) common to ALL GNU software.
 # The presence of a machine in this file suggests that SOME GNU software
@@ -231,6 +231,7 @@
 	| alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
 	| am33_2.0 \
 	| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \
+	| bfin \
 	| c4x | clipper \
 	| d10v | d30v | dlx | dsp16xx \
 	| fr30 | frv \
@@ -262,7 +263,8 @@
 	| pyramid \
 	| sh | sh[1234] | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \
 	| sh64 | sh64le \
-	| sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv8 | sparcv9 | sparcv9b \
+	| sparc | sparc64 | sparc64b | sparc86x | sparclet | sparclite \
+	| sparcv8 | sparcv9 | sparcv9b \
 	| strongarm \
 	| tahoe | thumb | tic4x | tic80 | tron \
 	| v850 | v850e \
@@ -298,7 +300,7 @@
 	| alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
 	| arm-*  | armbe-* | armle-* | armeb-* | armv*-* \
 	| avr-* \
-	| bs2000-* \
+	| bfin-* | bs2000-* \
 	| c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \
 	| clipper-* | craynv-* | cydra-* \
 	| d10v-* | d30v-* | dlx-* \
@@ -336,7 +338,8 @@
 	| romp-* | rs6000-* \
 	| sh-* | sh[1234]-* | sh[23]e-* | sh[34]eb-* | shbe-* \
 	| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
-	| sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \
+	| sparc-* | sparc64-* | sparc64b-* | sparc86x-* | sparclet-* \
+	| sparclite-* \
 	| sparcv8-* | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \
 	| tahoe-* | thumb-* \
 	| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
diff -u ekg-1.5+20050411/config.guess ekg-1.5+20050411/config.guess
--- ekg-1.5+20050411/config.guess
+++ ekg-1.5+20050411/config.guess
@@ -3,7 +3,7 @@
 #   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
 #   2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
 
-timestamp='2005-03-24'
+timestamp='2005-04-22'
 
 # This file is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License as published by
@@ -1140,6 +1140,10 @@
 	# From seanf@swdc.stratus.com.
 	echo i860-stratus-sysv4
 	exit 0 ;;
+    i*86:VOS:*:*)
+	# From Paul.Green@stratus.com.
+	echo ${UNAME_MACHINE}-stratus-vos
+	exit 0 ;;
     *:VOS:*:*)
 	# From Paul.Green@stratus.com.
 	echo hppa1.1-stratus-vos
--- ekg-1.5+20050411.orig/lib/libgadu.pc.in
+++ ekg-1.5+20050411/lib/libgadu.pc.in
@@ -4,7 +4,7 @@
 includedir=@includedir@
 
 Name: libgadu
-Version: 20050411
+Version: 20050507
 Description: libgadu
 Requires: @PC_REQUIRES@
 Libs: -L${libdir} -lgadu @LIBS_LIBGADU@
--- ekg-1.5+20050411.orig/lib/events.c
+++ ekg-1.5+20050411/lib/events.c
@@ -1,4 +1,4 @@
-/* $Id: events.c,v 1.85 2005/03/20 00:43:44 szalik Exp $ */
+/* $Id: events.c,v 1.86 2005/04/12 15:39:22 szalik Exp $ */
 
 /*
  *  (C) Copyright 2001-2003 Wojtek Kaniewski <wojtekka@irc.pl>
@@ -778,7 +778,7 @@
 	struct gg_event *e;
 	int res = 0;
 	int port = 0;
-	int errno2;
+	int errno2 = 0;
 
 	gg_debug(GG_DEBUG_FUNCTION, "** gg_watch_fd(%p);\n", sess);
 	
@@ -822,8 +822,7 @@
 			}
 #endif
 
-			if (failed)
-			{
+			if (failed) {
 				errno = errno2;
 				goto fail_resolving;
 			}
@@ -1380,7 +1379,11 @@
 			free(sess->password);
 			sess->password = NULL;
 
-			gg_debug(GG_DEBUG_MISC, "// gg_watch_fd() gg_dcc_ip = %s\n", inet_ntoa(*((struct in_addr*) &gg_dcc_ip)));
+			{
+				struct in_addr dcc_ip;
+				dcc_ip.s_addr = gg_dcc_ip;
+				gg_debug(GG_DEBUG_MISC, "// gg_watch_fd() gg_dcc_ip = %s\n", inet_ntoa(dcc_ip));
+			}
 			
 			if (gg_dcc_ip == (unsigned long) inet_addr("255.255.255.255")) {
 				struct sockaddr_in sin;
--- ekg-1.5+20050411.orig/lib/http.c
+++ ekg-1.5+20050411/lib/http.c
@@ -1,4 +1,4 @@
-/* $Id: http.c,v 1.46 2005/03/20 00:43:44 szalik Exp $ */
+/* $Id: http.c,v 1.47 2005/04/14 18:55:05 wojtekka Exp $ */
 
 /*
  *  (C) Copyright 2001-2002 Wojtek Kaniewski <wojtekka@irc.pl>
@@ -243,7 +243,7 @@
 	}
 
 	if (h->state == GG_STATE_SENDING_QUERY) {
-		unsigned int res;
+		int res;
 
 		if ((res = write(h->fd, h->query, strlen(h->query))) < 1) {
 			gg_debug(GG_DEBUG_MISC, "=> http, write() failed (len=%d, res=%d, errno=%d)\n", strlen(h->query), res, errno);
@@ -272,7 +272,7 @@
 
 	if (h->state == GG_STATE_READING_HEADER) {
 		char buf[1024], *tmp;
-		unsigned int res;
+		int res;
 
 		if ((res = read(h->fd, buf, sizeof(buf))) == -1) {
 			gg_debug(GG_DEBUG_MISC, "=> http, reading header failed (errno=%d)\n", errno);
@@ -380,7 +380,7 @@
 
 	if (h->state == GG_STATE_READING_DATA) {
 		char buf[1024];
-		unsigned int res;
+		int res;
 
 		if ((res = read(h->fd, buf, sizeof(buf))) == -1) {
 			gg_debug(GG_DEBUG_MISC, "=> http, reading body failed (errno=%d)\n", errno);
--- ekg-1.5+20050411.orig/lib/libgadu.c
+++ ekg-1.5+20050411/lib/libgadu.c
@@ -1,4 +1,4 @@
-/* $Id: libgadu.c,v 1.143 2005/03/24 09:47:40 wojtekka Exp $ */
+/* $Id: libgadu.c,v 1.144 2005/04/12 15:39:22 szalik Exp $ */
 
 /*
  *  (C) Copyright 2001-2003 Wojtek Kaniewski <wojtekka@irc.pl>
@@ -72,7 +72,7 @@
 #ifdef __GNUC__
 __attribute__ ((unused))
 #endif
-= "$Id: libgadu.c,v 1.143 2005/03/24 09:47:40 wojtekka Exp $";
+= "$Id: libgadu.c,v 1.144 2005/04/12 15:39:22 szalik Exp $";
 #endif 
 
 /*
@@ -408,7 +408,7 @@
  */
 int gg_write(struct gg_session *sess, const char *buf, int length)
 {
-	int res;
+	int res = 0;
 
 #ifdef __GG_LIBGADU_HAVE_OPENSSL
 	if (sess->ssl) {
@@ -1202,7 +1202,7 @@
 	struct gg_send_msg s;
 	const char *tmp;
 	char buf[1910];
-	int res;
+	int res = -1;
 
 	gg_debug(GG_DEBUG_FUNCTION, "** gg_image_reply(%p, %d, \"%s\", %p, %d);\n", sess, recipient, filename, image, size);
 
--- ekg-1.5+20050411.orig/lib/libgadu.h
+++ ekg-1.5+20050411/lib/libgadu.h
@@ -942,7 +942,7 @@
 #define GG_DEFAULT_PROTOCOL_VERSION 0x20
 #define GG_DEFAULT_TIMEOUT 30
 #define GG_HAS_AUDIO_MASK 0x40000000
-#define GG_LIBGADU_VERSION "20050411"
+#define GG_LIBGADU_VERSION "20050507"
 
 #define GG_DEFAULT_DCC_PORT 1550

Attachment: signature.asc
Description: Digital signature