network/squidGuard: Add missing patches.
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
This commit is contained in:
parent
1c8b4ee4d7
commit
241b765d85
|
@ -25,7 +25,7 @@
|
|||
|
||||
PRGNAM=squidGuard
|
||||
VERSION=${VERSION:-1.4}
|
||||
BUILD=${BUILD:-1}
|
||||
BUILD=${BUILD:-2}
|
||||
TAG=${TAG:-_SBo}
|
||||
|
||||
if [ -z "$ARCH" ]; then
|
||||
|
@ -63,18 +63,6 @@ cd $TMP
|
|||
rm -rf $PRGNAM-$VERSION
|
||||
tar xvf $CWD/$PRGNAM-$VERSION.tar.gz
|
||||
|
||||
# Fixes a buffer overflow problem and prevents squidGuard from going into
|
||||
# emergency mode when overlong URLs are encountered (they can be perfectly
|
||||
# legal).
|
||||
tar xvf $CWD/patches/$PRGNAM-$VERSION-patch-20091015.tar.gz
|
||||
cat $PRGNAM-$VERSION-patch-20091015/sgLog.c > $PRGNAM-$VERSION/src/sgLog.c
|
||||
|
||||
# Fixes two bypass problems with URLs having a length closed to the defined
|
||||
# MAX_BUF value (4096).
|
||||
tar xvf $CWD/patches/$PRGNAM-$VERSION-patch-20091019.tar.gz
|
||||
cat $PRGNAM-$VERSION-20091019/sg.h.in > $PRGNAM-$VERSION/src/sg.h.in
|
||||
cat $PRGNAM-$VERSION-20091019/sgDiv.c.in > $PRGNAM-$VERSION/src/sgDiv.c.in
|
||||
|
||||
cd $PRGNAM-$VERSION
|
||||
chown -R root:root .
|
||||
find -L . \
|
||||
|
@ -83,6 +71,15 @@ find -L . \
|
|||
\( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
|
||||
-o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
|
||||
|
||||
# Fixes a buffer overflow problem and prevents squidGuard from going into
|
||||
# emergency mode when overlong URLs are encountered (they can be perfectly
|
||||
# legal).
|
||||
|
||||
# Fixes two bypass problems with URLs having a length closed to the defined
|
||||
# MAX_BUF value (4096).
|
||||
patch -p1 < $CWD/squidGuard.patch
|
||||
|
||||
|
||||
CFLAGS="$SLKCFLAGS" \
|
||||
CXXFLAGS="$SLKCFLAGS" \
|
||||
./configure \
|
||||
|
|
|
@ -0,0 +1,69 @@
|
|||
diff -Nur squidGuard-1.4.orig/src/sg.h.in squidGuard-1.4/src/sg.h.in
|
||||
--- squidGuard-1.4.orig/src/sg.h.in 2007-11-16 23:58:32.000000000 +0700
|
||||
+++ squidGuard-1.4/src/sg.h.in 2015-02-07 22:26:18.632797069 +0700
|
||||
@@ -73,7 +73,7 @@
|
||||
#define REQUEST_TYPE_REDIRECT 2
|
||||
#define REQUEST_TYPE_PASS 3
|
||||
|
||||
-#define MAX_BUF 4096
|
||||
+#define MAX_BUF 12288
|
||||
|
||||
#define DEFAULT_LOGFILE "squidGuard.log"
|
||||
#define WARNING_LOGFILE "squidGuard.log"
|
||||
diff -Nur squidGuard-1.4.orig/src/sgDiv.c.in squidGuard-1.4/src/sgDiv.c.in
|
||||
--- squidGuard-1.4.orig/src/sgDiv.c.in 2008-07-14 23:02:43.000000000 +0700
|
||||
+++ squidGuard-1.4/src/sgDiv.c.in 2015-02-07 22:26:18.632797069 +0700
|
||||
@@ -745,7 +745,7 @@
|
||||
p++;
|
||||
break;
|
||||
case 'u': /* Requested URL */
|
||||
- strcat(buf, req->orig);
|
||||
+ strncat(buf, req->orig, 2048);
|
||||
p++;
|
||||
break;
|
||||
default:
|
||||
diff -Nur squidGuard-1.4.orig/src/sgLog.c squidGuard-1.4/src/sgLog.c
|
||||
--- squidGuard-1.4.orig/src/sgLog.c 2007-11-16 23:58:32.000000000 +0700
|
||||
+++ squidGuard-1.4/src/sgLog.c 2015-02-07 22:26:39.122853889 +0700
|
||||
@@ -2,7 +2,7 @@
|
||||
By accepting this notice, you agree to be bound by the following
|
||||
agreements:
|
||||
|
||||
- This software product, squidGuard, is copyrighted (C) 1998-2007
|
||||
+ This software product, squidGuard, is copyrighted (C) 1998-2009
|
||||
by Christine Kronberg, Shalla Secure Services. All rights reserved.
|
||||
|
||||
This program is free software; you can redistribute it and/or modify it
|
||||
@@ -55,8 +55,8 @@
|
||||
char msg[MAX_BUF];
|
||||
va_list ap;
|
||||
VA_START(ap, format);
|
||||
- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
|
||||
- fprintf(stderr,"overflow in vsprintf (sgLog): %s",strerror(errno));
|
||||
+ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
|
||||
+ fprintf(stderr,"overflow in vsnprintf (sgLog): %s",strerror(errno));
|
||||
va_end(ap);
|
||||
date = niso(0);
|
||||
if(globalDebug || log == NULL) {
|
||||
@@ -87,8 +87,8 @@
|
||||
char msg[MAX_BUF];
|
||||
va_list ap;
|
||||
VA_START(ap, format);
|
||||
- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
|
||||
- sgLogFatalError("overflow in vsprintf (sgLogError): %s",strerror(errno));
|
||||
+ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
|
||||
+ sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
|
||||
va_end(ap);
|
||||
sgLog(globalErrorLog,"%s",msg);
|
||||
}
|
||||
@@ -104,8 +104,8 @@
|
||||
char msg[MAX_BUF];
|
||||
va_list ap;
|
||||
VA_START(ap, format);
|
||||
- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
|
||||
- return;
|
||||
+ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
|
||||
+ sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
|
||||
va_end(ap);
|
||||
sgLog(globalErrorLog,"%s",msg);
|
||||
sgEmergency();
|
Loading…
Reference in New Issue