rpms/squidGuard/F-10 squidGuard-1.2.1-SG-2008-06-13.patch, NONE, 1.1 squidGuard.spec, 1.10, 1.11
Jon Ciesla
limb at fedoraproject.org
Thu Feb 12 14:33:53 UTC 2009
- Previous message: rpms/openoffice.org/devel workspace.gtkmenuimages.patch, NONE, 1.1 workspace.transogl03redux.patch, NONE, 1.1 openoffice.org-1.9.87.rh151357.setlangtolocale.patch, 1.29, 1.30 openoffice.org-2.0.3.rh127576.gtkunixprintdialog.patch, 1.54, 1.55 openoffice.org-2.2.0.ooo68717.gstreamer.video.patch, 1.13, 1.14 openoffice.org-2.4.0.ooo85921.sd.editmasterundermouse.patch, 1.4, 1.5 openoffice.org-2.4.0.rh133741.alwaysgtk.vcl.patch, 1.2, 1.3 openoffice.org-3.0.0.ooo87970.vcl.samenamesubs.patch, 1.3, 1.4 openoffice.org-3.0.0.ooo88303.vcl.dynamicfontoptions.patch, 1.3, 1.4 openoffice.org-3.0.0.ooo88341.sc.verticalboxes.patch, 1.1, 1.2 openoffice.org-3.0.1.ooo97488.sw.ww8toc.patch, 1.1, 1.2 openoffice.org-3.0.1.ooo97975.bridges.mainalreadyexited.patch, 1.1, 1.2 openoffice.org.spec, 1.1791, 1.1792 openoffice.org-3.0.0.ooo95318.system-showicons.patch, 1.2, NONE workspace.cmcfixes48.patch, 1.7, NONE workspace.cmcfixes49.patch, 1.5, NONE workspace.cmcfixes50.patch, 1.7, NONE workspace.cmcfixes51.patch, 1.1, NONE workspace.configuretoplevel.patch, 1.1, NONE workspace.fpicker8.patch, 1.1, NONE workspace.fwk92.patch, 1.1, NONE workspace.fwk99.patch, 1.1, NONE workspace.gcc44.patch, 1.3, NONE workspace.hb12.patch, 1.2, NONE workspace.i18n45.patch, 1.2, NONE workspace.impressfontsize.patch, 1.4, NONE workspace.impressfontsize.tar.gz, 1.1, NONE workspace.locales31.patch, 1.1, NONE workspace.sb101.patch, 1.1, NONE workspace.selinux01.patch, 1.1, NONE workspace.sw31bf02.patch, 1.2, NONE workspace.tkr16.patch, 1.1, NONE workspace.transogl03.patch, 1.2, NONE workspace.vcl94.patch, 1.2, NONE workspace.vcl95.patch, 1.2, NONE workspace.vcl96.patch, 1.1, NONE workspace.vcl97.patch, 1.4, NONE workspace.vcl98.patch, 1.6, NONE
- Next message: rpms/squidGuard/F-9 squidGuard-1.2.1-SG-2008-06-13.patch, NONE, 1.1 squidGuard.spec, 1.10, 1.11
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: limb
Update of /cvs/pkgs/rpms/squidGuard/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28381/F-10
Modified Files:
squidGuard.spec
Added Files:
squidGuard-1.2.1-SG-2008-06-13.patch
Log Message:
Patch for SG-2008-06-13.
squidGuard-1.2.1-SG-2008-06-13.patch:
--- NEW FILE squidGuard-1.2.1-SG-2008-06-13.patch ---
--- src/sgDiv.c.orig 2009-02-12 07:31:57.000000000 -0600
+++ src/sgDiv.c 2008-06-13 11:52:17.000000000 -0500
@@ -94,6 +94,9 @@
{
char *p, *d = NULL, *a = NULL, *e = NULL, *o, *field;
int i = 0;
+ int report_once = 1;
+ int trailingdot = 0;
+ size_t strsz;
char c;
int ndx = 0;
@@ -126,22 +129,38 @@
*/
/* Fix for multiple slash vulnerability (bug1). */
/* Check if there are still two or more slashes in sequence which must not happen */
- int report_once = 1;
+ strsz = strlen(p);
- /* loop thru the string 'p' until the char '?' is hit */
+ /* loop thru the string 'p' until the char '?' is hit or the "end" is hit */
while('?' != p[ndx] && '\0' != p[ndx])
{
- /* if this char and the next char are slashes,
- then shift the rest of the string left one char */
- if('/' == p[ndx] && '/' == p[ndx+1])
- {
- size_t sz = strlen(p+ndx+1);
- strncpy(p+ndx,p+ndx+1, sz);
- p[ndx+sz] = '\0';
- if(1 == report_once) {
- sgLogError("Warning: Possible bypass attempt. Found multiple slashes where only one is expected: %s", s->orig);
- report_once--;
+ /* in case this is a '://' skip over it, but try to not read past EOS */
+ if(3 <= strsz-ndx) {
+ if(':' == p[ndx] && '/' == p[ndx+1] && '/' == p[ndx+2]) {
+ ndx+=3; /* 3 == strlen("://"); */
+ }
}
+
+ /* if this char and the next char are slashes,
+ * then shift the rest of the string left one char */
+ if('/' == p[ndx] && '/' == p[ndx+1]) {
+ size_t sz = strlen(p+ndx+1);
+ strncpy(p+ndx,p+ndx+1, sz);
+ p[ndx+sz] = '\0';
+ if(1 == report_once) {
+ sgLogError("Warning: Possible bypass attempt. Found multiple slashes where only one is expected: %s", s->orig);
+ report_once--;
+ }
+ }
+ else if ('.' == p[ndx] && '/' == p[ndx+1] && trailingdot == 0) {
+ /* If the domain has trailing dot, remove (problem found with squid 3.0 stable1-5) the trailing dot (fixes bug 38). */
+ /* if this char is a dot and the next char is a slash, then shift the rest of the string left one char */
+ /* We do this only the first time it is encountered. */
+ trailingdot++;
+ size_t sz = strlen(p+ndx+1);
+ strncpy(p+ndx,p+ndx+1, sz);
+ p[ndx+sz] = '\0';
+ sgLogError("Warning: Possible bypass attempt. Found a trailing dot in the domain name: %s", s->orig);
}
else
{
@@ -537,13 +556,13 @@
#endif
{
struct sgRegExp *re;
- regmatch_t pm[10];
+ regmatch_t pm;
static char newstring[MAX_BUF];
char *result = NULL, *p;
int substlen;
*newstring='\0';
for(re = regexp; re != NULL; re = re->next){
- if (regexec (re->compiled, pattern, sizeof(pm) / sizeof(pm[0]), pm, 0) != 0){
+ if (regexec (re->compiled, pattern, 1, &pm, 0) != 0){
result = NULL;
} else {
substlen = strlen(re->substitute);
@@ -553,65 +572,14 @@
*newstring = '\0';
p = newstring;
do {
- if((p - newstring)+ pm[0].rm_so >= MAX_BUF)
+ if((p - newstring)+ pm.rm_so >= MAX_BUF)
break;
- p = strncat(newstring,pattern,pm[0].rm_so);
- {
- char *p_cur;
- char *p_next;
-
- for (p_next = p_cur = re->substitute;
- p_next < (re->substitute + substlen);
- p_next++)
- {
- if (*p_next == '\\')
- {
- if (p_cur < p_next)
- {
- if (((p - newstring) + (p_next - p_cur)) >= MAX_BUF)
- goto err;
- p = strncat(newstring, p_cur, p_next - p_cur);
- }
- p_next++;
- if (p_next < (re->substitute + substlen)
- && '0' <= *p_next && *p_next <= '9')
- {
- int i = *p_next - '0';
- if ((p - newstring) + (pm[i].rm_eo - pm[i].rm_so) >= MAX_BUF)
- goto err;
- p = strncat(newstring, pattern + pm[i].rm_so, pm[i].rm_eo - pm[i].rm_so);
- }
- else
- {
- if ((p - newstring + 1) >= MAX_BUF)
- goto err;
- p = strncat(newstring, p_next, 1);
- }
- p_cur = p_next + 1;
- }
- else if (*p_next == '&')
- {
- if (p_cur < p_next)
- {
- if (((p - newstring) + (p_next - p_cur)) >= MAX_BUF)
- goto err;
- p = strncat(newstring, p_cur, p_next - p_cur);
- }
- if (((p - newstring) + (pm[0].rm_eo - pm[0].rm_so)) >= MAX_BUF)
- goto err;
- p = strncat(newstring, pattern + pm[0].rm_so, pm[0].rm_eo - pm[0].rm_so);
- p_cur = p_next + 1;
- }
- }
- if (p_cur < p_next)
- {
- if (((p - newstring) + (p_next - p_cur)) >= MAX_BUF)
- goto err;
- p = strncat(newstring, p_cur, p_next - p_cur);
- }
- }
- pattern = pattern + pm[0].rm_eo;
- } while(regexec (re->compiled, pattern, sizeof(pm) / sizeof(pm[0]), pm, REG_NOTBOL)== 0 &&
+ p = strncat(newstring,pattern,pm.rm_so);
+ if((p - newstring)+ substlen >= MAX_BUF)
+ break;
+ p = strcat(newstring,re->substitute);
+ pattern = pattern + pm.rm_eo;
+ } while(regexec (re->compiled, pattern, 1, &pm, REG_NOTBOL)== 0 &&
re->global);
if((p - newstring)+ strlen(pattern) <= MAX_BUF)
p = strcat(newstring,pattern);
@@ -619,7 +587,6 @@
break;
}
}
-err:
return result;
}
Index: squidGuard.spec
===================================================================
RCS file: /cvs/pkgs/rpms/squidGuard/F-10/squidGuard.spec,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- squidGuard.spec 12 Feb 2009 13:57:30 -0000 1.10
+++ squidGuard.spec 12 Feb 2009 14:33:23 -0000 1.11
@@ -7,7 +7,7 @@
Name: squidGuard
Version: 1.2.1
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: Filter, redirector and access controller plugin for squid
Group: System Environment/Daemons
@@ -34,6 +34,7 @@
Patch3: squidGuard-perlwarning.patch
Patch4: squidGuard-sed.patch
Patch5: squidGuard-makeinstall.patch
+Patch6: squidGuard-1.2.1-SG-2008-06-13.patch
URL: http://www.squidguard.org/
@@ -76,6 +77,7 @@
%patch3 -p2
%patch4 -p1
%patch5 -p1
+%patch6 -p0
%{__cp} %{SOURCE100} ./squidGuard.conf.k12ltsp.template
%{__cp} %{SOURCE101} ./update_squidguard_blacklists.k12ltsp.sh
@@ -182,7 +184,10 @@
%changelog
* Wed Feb 11 2009 Jon Ciesla <limb at jcomserv.net> - 1.2.1-1
-- Update to 1.2.1, fix sg-2008-06-13 BZ 245377, 452467.
+- Fix sg-2008-06-13, BZ 452467.
+
+* Wed Feb 11 2009 Jon Ciesla <limb at jcomserv.net> - 1.2.1-1
+- Update to 1.2.1, BZ 245377.
- Dropped upstream patch.
- Updated blacklists.
- Previous message: rpms/openoffice.org/devel workspace.gtkmenuimages.patch, NONE, 1.1 workspace.transogl03redux.patch, NONE, 1.1 openoffice.org-1.9.87.rh151357.setlangtolocale.patch, 1.29, 1.30 openoffice.org-2.0.3.rh127576.gtkunixprintdialog.patch, 1.54, 1.55 openoffice.org-2.2.0.ooo68717.gstreamer.video.patch, 1.13, 1.14 openoffice.org-2.4.0.ooo85921.sd.editmasterundermouse.patch, 1.4, 1.5 openoffice.org-2.4.0.rh133741.alwaysgtk.vcl.patch, 1.2, 1.3 openoffice.org-3.0.0.ooo87970.vcl.samenamesubs.patch, 1.3, 1.4 openoffice.org-3.0.0.ooo88303.vcl.dynamicfontoptions.patch, 1.3, 1.4 openoffice.org-3.0.0.ooo88341.sc.verticalboxes.patch, 1.1, 1.2 openoffice.org-3.0.1.ooo97488.sw.ww8toc.patch, 1.1, 1.2 openoffice.org-3.0.1.ooo97975.bridges.mainalreadyexited.patch, 1.1, 1.2 openoffice.org.spec, 1.1791, 1.1792 openoffice.org-3.0.0.ooo95318.system-showicons.patch, 1.2, NONE workspace.cmcfixes48.patch, 1.7, NONE workspace.cmcfixes49.patch, 1.5, NONE workspace.cmcfixes50.patch, 1.7, NONE workspace.cmcfixes51.patch, 1.1, NONE workspace.configuretoplevel.patch, 1.1, NONE workspace.fpicker8.patch, 1.1, NONE workspace.fwk92.patch, 1.1, NONE workspace.fwk99.patch, 1.1, NONE workspace.gcc44.patch, 1.3, NONE workspace.hb12.patch, 1.2, NONE workspace.i18n45.patch, 1.2, NONE workspace.impressfontsize.patch, 1.4, NONE workspace.impressfontsize.tar.gz, 1.1, NONE workspace.locales31.patch, 1.1, NONE workspace.sb101.patch, 1.1, NONE workspace.selinux01.patch, 1.1, NONE workspace.sw31bf02.patch, 1.2, NONE workspace.tkr16.patch, 1.1, NONE workspace.transogl03.patch, 1.2, NONE workspace.vcl94.patch, 1.2, NONE workspace.vcl95.patch, 1.2, NONE workspace.vcl96.patch, 1.1, NONE workspace.vcl97.patch, 1.4, NONE workspace.vcl98.patch, 1.6, NONE
- Next message: rpms/squidGuard/F-9 squidGuard-1.2.1-SG-2008-06-13.patch, NONE, 1.1 squidGuard.spec, 1.10, 1.11
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list