]> git.ipfire.org Git - ipfire-2.x.git/blob - src/patches/squid/squid-3.5-14174.patch
projects / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
squid 3.5.26: latest patches (14169-14182)
[ipfire-2.x.git] / src / patches / squid / squid-3.5-14174.patch
1 ------------------------------------------------------------
2 revno: 14174
3 revision-id: squid3@treenet.co.nz-20170622153146-nxo8vl6a9r8z03v4
4 parent: squid3@treenet.co.nz-20170621201248-ezpvykg0b307ix61
5 fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4671
6 committer: Amos Jeffries <squid3@treenet.co.nz>
7 branch nick: 3.5
8 timestamp: Fri 2017-06-23 03:31:46 +1200
9 message:
10 Bug 4671 pt3: various GCC 7 compile errors
11
12 Also, remove limit on FTP realm strings
13
14 Convert ftpRealm() from generating char* to SBuf. This fixes issues identified
15 by GCC 7 where the realm string may be longer than the available buffer and
16 gets truncated.
17 The size of the buffer was making the occurance rather rare, but it is still
18 possible.
19 ------------------------------------------------------------
20 # Bazaar merge directive format 2 (Bazaar 0.90)
21 # revision_id: squid3@treenet.co.nz-20170622153146-nxo8vl6a9r8z03v4
22 # target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
23 # testament_sha1: b54e1a339544443ed9b34a094717b2781c746c76
24 # timestamp: 2017-06-22 15:50:59 +0000
25 # source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
26 # base_revision_id: squid3@treenet.co.nz-20170621201248-\
27 # ezpvykg0b307ix61
28 #
29 # Begin patch
30 === modified file 'src/DiskIO/DiskThreads/aiops.cc'
31 --- src/DiskIO/DiskThreads/aiops.cc 2017-01-01 00:16:45 +0000
32 +++ src/DiskIO/DiskThreads/aiops.cc 2017-06-22 15:31:46 +0000
33 @@ -290,7 +290,7 @@
34 /* Create threads and get them to sit in their wait loop */
35 squidaio_thread_pool = memPoolCreate("aio_thread", sizeof(squidaio_thread_t));
36
37 - assert(NUMTHREADS);
38 + assert(NUMTHREADS != 0);
39
40 for (i = 0; i < NUMTHREADS; ++i) {
41 threadp = (squidaio_thread_t *)squidaio_thread_pool->alloc();
42
43 === modified file 'src/clients/FtpGateway.cc'
44 --- src/clients/FtpGateway.cc 2017-06-21 19:54:39 +0000
45 +++ src/clients/FtpGateway.cc 2017-06-22 15:31:46 +0000
46 @@ -153,8 +153,8 @@
47 virtual void timeout(const CommTimeoutCbParams &io);
48 void ftpAcceptDataConnection(const CommAcceptCbParams &io);
49
50 - static HttpReply *ftpAuthRequired(HttpRequest * request, const char *realm);
51 - const char *ftpRealm(void);
52 + static HttpReply *ftpAuthRequired(HttpRequest * request, SBuf &realm);
53 + SBuf ftpRealm();
54 void loginFailed(void);
55
56 virtual void haveParsedReplyHeaders();
57 @@ -1189,7 +1189,8 @@
58 {
59 if (!checkAuth(&request->header)) {
60 /* create appropriate reply */
61 - HttpReply *reply = ftpAuthRequired(request, ftpRealm());
62 + SBuf realm(ftpRealm()); // local copy so SBuf wont disappear too early
63 + HttpReply *reply = ftpAuthRequired(request, realm);
64 entry->replaceHttpReply(reply);
65 serverComplete();
66 return;
67 @@ -1290,7 +1291,9 @@
68
69 #if HAVE_AUTH_MODULE_BASIC
70 /* add Authenticate header */
71 - newrep->header.putAuth("Basic", ftpRealm());
72 + // XXX: performance regression. c_str() may reallocate
73 + SBuf realm(ftpRealm()); // local copy so SBuf wont disappear too early
74 + newrep->header.putAuth("Basic", realm.c_str());
75 #endif
76
77 // add it to the store entry for response....
78 @@ -1298,18 +1301,19 @@
79 serverComplete();
80 }
81
82 -const char *
83 +SBuf
84 Ftp::Gateway::ftpRealm()
85 {
86 - static char realm[8192];
87 + SBuf realm;
88
89 /* This request is not fully authenticated */
90 - if (!request) {
91 - snprintf(realm, 8192, "FTP %s unknown", user);
92 - } else if (request->port == 21) {
93 - snprintf(realm, 8192, "FTP %s %s", user, request->GetHost());
94 - } else {
95 - snprintf(realm, 8192, "FTP %s %s port %d", user, request->GetHost(), request->port);
96 + realm.appendf("FTP %s ", user);
97 + if (!request)
98 + realm.append("unknown", 7);
99 + else {
100 + realm.append(request->GetHost());
101 + if (request->port != 21)
102 + realm.appendf(" port %d", request->port);
103 }
104 return realm;
105 }
106 @@ -2673,13 +2677,14 @@
107 }
108
109 HttpReply *
110 -Ftp::Gateway::ftpAuthRequired(HttpRequest * request, const char *realm)
111 +Ftp::Gateway::ftpAuthRequired(HttpRequest * request, SBuf &realm)
112 {
113 ErrorState err(ERR_CACHE_ACCESS_DENIED, Http::scUnauthorized, request);
114 HttpReply *newrep = err.BuildHttpReply();
115 #if HAVE_AUTH_MODULE_BASIC
116 /* add Authenticate header */
117 - newrep->header.putAuth("Basic", realm);
118 + // XXX: performance regression. c_str() may reallocate
119 + newrep->header.putAuth("Basic", realm.c_str());
120 #endif
121 return newrep;
122 }
123
124 === modified file 'src/fde.cc'
125 --- src/fde.cc 2017-01-01 00:16:45 +0000
126 +++ src/fde.cc 2017-06-22 15:31:46 +0000
127 @@ -85,15 +85,15 @@
128 char const *
129 fde::remoteAddr() const
130 {
131 - LOCAL_ARRAY(char, buf, MAX_IPSTRLEN );
132 + static char buf[MAX_IPSTRLEN+7]; // 7 = length of ':port' strings
133
134 if (type != FD_SOCKET)
135 return null_string;
136
137 if ( *ipaddr )
138 - snprintf( buf, MAX_IPSTRLEN, "%s:%d", ipaddr, (int)remote_port);
139 + snprintf(buf, sizeof(buf), "%s:%u", ipaddr, remote_port);
140 else
141 - local_addr.toUrl(buf,MAX_IPSTRLEN); // toHostStr does not include port.
142 + local_addr.toUrl(buf, sizeof(buf)); // toHostStr does not include port.
143
144 return buf;
145 }
146
147 === modified file 'src/fs/ufs/RebuildState.cc'
148 --- src/fs/ufs/RebuildState.cc 2017-01-01 00:16:45 +0000
149 +++ src/fs/ufs/RebuildState.cc 2017-06-22 15:31:46 +0000
150 @@ -444,7 +444,7 @@
151 }
152
153 if (0 == in_dir) { /* we need to read in a new directory */
154 - snprintf(fullpath, MAXPATHLEN, "%s/%02X/%02X",
155 + snprintf(fullpath, sizeof(fullpath), "%s/%02X/%02X",
156 sd->path,
157 curlvl1, curlvl2);
158
159 @@ -489,7 +489,7 @@
160 continue;
161 }
162
163 - snprintf(fullfilename, MAXPATHLEN, "%s/%s",
164 + snprintf(fullfilename, sizeof(fullfilename), "%s/%s",
165 fullpath, entry->d_name);
166 debugs(47, 3, HERE << "Opening " << fullfilename);
167 fd = file_open(fullfilename, O_RDONLY | O_BINARY);
168
169 === modified file 'src/fs/ufs/RebuildState.h'
170 --- src/fs/ufs/RebuildState.h 2017-01-01 00:16:45 +0000
171 +++ src/fs/ufs/RebuildState.h 2017-06-22 15:31:46 +0000
172 @@ -54,7 +54,7 @@
173 dirent_t *entry;
174 DIR *td;
175 char fullpath[MAXPATHLEN];
176 - char fullfilename[MAXPATHLEN];
177 + char fullfilename[MAXPATHLEN*2];
178
179 StoreRebuildData counts;
180
181
182 === modified file 'src/gopher.cc'
183 --- src/gopher.cc 2017-01-01 00:16:45 +0000
184 +++ src/gopher.cc 2017-06-22 15:31:46 +0000
185 @@ -820,7 +820,7 @@
186 * This will be called when request write is complete. Schedule read of reply.
187 */
188 static void
189 -gopherSendComplete(const Comm::ConnectionPointer &conn, char *buf, size_t size, Comm::Flag errflag, int xerrno, void *data)
190 +gopherSendComplete(const Comm::ConnectionPointer &conn, char *, size_t size, Comm::Flag errflag, int xerrno, void *data)
191 {
192 GopherStateData *gopherState = (GopherStateData *) data;
193 StoreEntry *entry = gopherState->entry;
194 @@ -840,10 +840,6 @@
195 err->url = xstrdup(entry->url());
196 gopherState->fwd->fail(err);
197 gopherState->serverConn->close();
198 -
199 - if (buf)
200 - memFree(buf, MEM_4K_BUF); /* Allocated by gopherSendRequest. */
201 -
202 return;
203 }
204
205 @@ -885,9 +881,6 @@
206 AsyncCall::Pointer call = commCbCall(5,5, "gopherReadReply",
207 CommIoCbPtrFun(gopherReadReply, gopherState));
208 entry->delayAwareRead(conn, gopherState->replybuf, BUFSIZ, call);
209 -
210 - if (buf)
211 - memFree(buf, MEM_4K_BUF); /* Allocated by gopherSendRequest. */
212 }
213
214 /**
215 @@ -898,32 +891,31 @@
216 gopherSendRequest(int fd, void *data)
217 {
218 GopherStateData *gopherState = (GopherStateData *)data;
219 - char *buf = (char *)memAllocate(MEM_4K_BUF);
220 + MemBuf mb;
221 + mb.init();
222
223 if (gopherState->type_id == GOPHER_CSO) {
224 const char *t = strchr(gopherState->request, '?');
225
226 - if (t != NULL)
227 + if (t)
228 ++t; /* skip the ? */
229 else
230 t = "";
231
232 - snprintf(buf, 4096, "query %s\r\nquit\r\n", t);
233 - } else if (gopherState->type_id == GOPHER_INDEX) {
234 - char *t = strchr(gopherState->request, '?');
235 -
236 - if (t != NULL)
237 - *t = '\t';
238 -
239 - snprintf(buf, 4096, "%s\r\n", gopherState->request);
240 + mb.Printf("query %s\r\nquit", t);
241 } else {
242 - snprintf(buf, 4096, "%s\r\n", gopherState->request);
243 + if (gopherState->type_id == GOPHER_INDEX) {
244 + if (char *t = strchr(gopherState->request, '?'))
245 + *t = '\t';
246 + }
247 + mb.append(gopherState->request, strlen(gopherState->request));
248 }
249 + mb.append("\r\n", 2);
250
251 - debugs(10, 5, HERE << gopherState->serverConn);
252 + debugs(10, 5, gopherState->serverConn);
253 AsyncCall::Pointer call = commCbCall(5,5, "gopherSendComplete",
254 CommIoCbPtrFun(gopherSendComplete, gopherState));
255 - Comm::Write(gopherState->serverConn, buf, strlen(buf), call, NULL);
256 + Comm::Write(gopherState->serverConn, &mb, call);
257
258 gopherState->entry->makePublic();
259 }
260
261 === modified file 'src/icmp/Makefile.am'
262 --- src/icmp/Makefile.am 2017-01-01 00:16:45 +0000
263 +++ src/icmp/Makefile.am 2017-06-22 15:31:46 +0000
264 @@ -59,7 +59,8 @@
265 pinger_LDFLAGS = $(LIBADD_DL)
266 pinger_LDADD=\
267 libicmp-core.la \
268 - ../ip/libip.la \
269 + $(top_builddir)/src/ip/libip.la \
270 + $(top_builddir)/src/base/libbase.la \
271 $(COMPAT_LIB) \
272 $(XTRA_LIBS)
273
274
IPFire 2.x development tree