From: hno <>
Date: Thu, 18 Jul 2002 16:19:24 +0000 (+0000)
Subject: Guido:
X-Git-Tag: SQUID_3_0_PRE1~896
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=643e7dc8f42703f3ca5d1f875881d76729b44b19;p=thirdparty%2Fsquid.git

Guido:

Bugfixes in options processing.

Henrik:

Added a usage message. Displayed on invalid arguments or if the new -h
option is used.

Fixed a potential Squid DoS issue if oversized authe requests is sent to the
helper.
---

diff --git a/helpers/ntlm_auth/winbind/wb_ntlm_auth.c b/helpers/ntlm_auth/winbind/wb_ntlm_auth.c
index 2d519abb68..a7cd3627d8 100644
--- a/helpers/ntlm_auth/winbind/wb_ntlm_auth.c
+++ b/helpers/ntlm_auth/winbind/wb_ntlm_auth.c
@@ -266,8 +266,10 @@ manage_request(char *target_domain)
     char buf[BUFFER_SIZE + 1];
     char *c, *decoded;
     ntlmhdr *fast_header;
+    int oversized = 0;
 
 
+try_again:
     if (fgets(buf, BUFFER_SIZE, stdin) == NULL) {
 	warn("fgets() failed! dying..... errno=%d (%s)\n", errno,
 	    strerror(errno));
@@ -275,11 +277,18 @@ manage_request(char *target_domain)
     }
 
     c = memchr(buf, '\n', BUFFER_SIZE);
-    if (c)
+    if (c) {
+	if (oversized) {
+	    helperfail("illegal request received");
+	    warn("Illegal request received: '%s'\n", buf);
+	    return;
+	}
 	*c = '\0';
+    }
     else {
-	warn("No newline in '%s'. Dying.\n", buf);
-	exit(1);
+	warn("No newline in '%s'\n", buf);
+	oversized = 1;
+	goto try_again;
     }
 
     debug("Got '%s' from squid.\n", buf);
@@ -349,25 +358,44 @@ get_winbind_domain(void)
     return domain;
 }
 
+static void
+usage(char *program)
+{
+    fprintf(stderr,"Usage: %s [-d] [-h] [domain]\n"
+	    	" -d      enable debugging\n"
+		" -hi     this message\n"
+		" domain  target domain, if different from the winbind configuration\n",
+		program);
+}
+
 char *
 process_options(int argc, char *argv[])
 {
     int opt;
     char *target_domain = NULL;
 
-    while (-1 != (opt = getopt(argc, argv, "d"))) {
+    while (-1 != (opt = getopt(argc, argv, "dh"))) {
 	switch (opt) {
 	case 'd':
 	    debug_enabled = 1;
 	    break;
+	case 'h':
+	    usage(argv[0]);
+	    exit(0);
 	default:
-	    warn("Unknown option: -%c. Exiting\n", opt);
+	    warn("Unknown option: -%c\n\n", opt);
+	    usage(argv[0]);
 	    exit(1);
 	    break;		/* not reached */
 	}
-	if (optind >= argc - 1) {
-	    target_domain = argv[optind];
-	    warn("target domain is %s\n", target_domain);
+    }
+    if (optind < argc) {
+	target_domain = argv[optind++];
+	warn("target domain is %s\n", target_domain);
+	if (optind < argc) {
+	    warn("Unknown argument: %s\n\n", argv[optind]);
+	    usage(argv[0]);
+	    exit(1);
 	}
     }
     return target_domain;