]> git.ipfire.org Git - ipfire-2.x.git/blob - src/patches/squid-3.4-13235.patch
projects / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
squid: Update to 3.5.19
[ipfire-2.x.git] / src / patches / squid-3.4-13235.patch
1 ------------------------------------------------------------
2 revno: 13235
3 revision-id: squid3@treenet.co.nz-20160420111514-4hpxglbn9k15l5sa
4 parent: squid3@treenet.co.nz-20160420101437-36eofkldxfku61kj
5 committer: Amos Jeffries <squid3@treenet.co.nz>
6 branch nick: 3.4
7 timestamp: Wed 2016-04-20 23:15:14 +1200
8 message:
9 Fix several ESI element construction issues
10
11 * Do not wrap active logic in assert().
12
13 * Fix localbuf array bounds checking.
14
15 * Add Must() conditions to verify array writes will succeed
16 ------------------------------------------------------------
17 # Bazaar merge directive format 2 (Bazaar 0.90)
18 # revision_id: squid3@treenet.co.nz-20160420111514-4hpxglbn9k15l5sa
19 # target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
20 # testament_sha1: e95687b13c98667ab09966e7f94d511ca3e6ad96
21 # timestamp: 2016-04-20 11:18:22 +0000
22 # source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
23 # base_revision_id: squid3@treenet.co.nz-20160420101437-\
24 # 36eofkldxfku61kj
25 #
26 # Begin patch
27 === modified file 'src/esi/Esi.cc'
28 --- src/esi/Esi.cc 2013-06-27 15:58:46 +0000
29 +++ src/esi/Esi.cc 2016-04-20 11:15:14 +0000
30 @@ -991,7 +991,7 @@
31 ESIElement::Pointer element;
32 int specifiedattcount = attrCount * 2;
33 char *position;
34 - assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */
35 + Must(ellen < sizeof(localbuf)); /* prevent unexpected overruns. */
36
37 debugs(86, 5, "ESIContext::Start: element '" << el << "' with " << specifiedattcount << " tags");
38
39 @@ -1005,15 +1005,17 @@
40 /* Spit out elements we aren't interested in */
41 localbuf[0] = '<';
42 localbuf[1] = '\0';
43 - assert (xstrncpy (&localbuf[1], el, sizeof(localbuf) - 2));
44 + xstrncpy(&localbuf[1], el, sizeof(localbuf) - 2);
45 position = localbuf + strlen (localbuf);
46
47 for (i = 0; i < specifiedattcount && attr[i]; i += 2) {
48 + Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1);
49 *position = ' ';
50 ++position;
51 /* TODO: handle thisNode gracefully */
52 - assert (xstrncpy (position, attr[i], sizeof(localbuf) + (position - localbuf)));
53 + xstrncpy(position, attr[i], sizeof(localbuf) - (position - localbuf));
54 position += strlen (position);
55 + Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 2);
56 *position = '=';
57 ++position;
58 *position = '\"';
59 @@ -1022,18 +1024,21 @@
60 char ch;
61 while ((ch = *chPtr++) != '\0') {
62 if (ch == '\"') {
63 - assert( xstrncpy(position, "&quot;", sizeof(localbuf) + (position-localbuf)) );
64 + Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 6);
65 + xstrncpy(position, "&quot;", sizeof(localbuf) - (position-localbuf));
66 position += 6;
67 } else {
68 + Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1);
69 *position = ch;
70 ++position;
71 }
72 }
73 - position += strlen (position);
74 + Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1);
75 *position = '\"';
76 ++position;
77 }
78
79 + Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 2);
80 *position = '>';
81 ++position;
82 *position = '\0';
83 @@ -1119,11 +1124,11 @@
84 switch (ESIElement::IdentifyElement (el)) {
85
86 case ESIElement::ESI_ELEMENT_NONE:
87 - assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */
88 + Must(ellen < sizeof(localbuf) - 3); /* prevent unexpected overruns. */
89 /* Add elements we aren't interested in */
90 localbuf[0] = '<';
91 localbuf[1] = '/';
92 - assert (xstrncpy (&localbuf[2], el, sizeof(localbuf) - 3));
93 + xstrncpy(&localbuf[2], el, sizeof(localbuf) - 3);
94 position = localbuf + strlen (localbuf);
95 *position = '>';
96 ++position;
97
IPFire 2.x development tree