summaryrefslogtreecommitdiff
path: root/network/squidGuard
diff options
context:
space:
mode:
Diffstat (limited to 'network/squidGuard')
-rw-r--r--network/squidGuard/squidGuard.SlackBuild23
-rw-r--r--network/squidGuard/squidGuard.patch69
2 files changed, 79 insertions, 13 deletions
diff --git a/network/squidGuard/squidGuard.SlackBuild b/network/squidGuard/squidGuard.SlackBuild
index aff5b9e326..b79867661b 100644
--- a/network/squidGuard/squidGuard.SlackBuild
+++ b/network/squidGuard/squidGuard.SlackBuild
@@ -25,7 +25,7 @@
PRGNAM=squidGuard
VERSION=${VERSION:-1.4}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
TAG=${TAG:-_SBo}
if [ -z "$ARCH" ]; then
@@ -63,18 +63,6 @@ cd $TMP
rm -rf $PRGNAM-$VERSION
tar xvf $CWD/$PRGNAM-$VERSION.tar.gz
-# Fixes a buffer overflow problem and prevents squidGuard from going into
-# emergency mode when overlong URLs are encountered (they can be perfectly
-# legal).
-tar xvf $CWD/patches/$PRGNAM-$VERSION-patch-20091015.tar.gz
-cat $PRGNAM-$VERSION-patch-20091015/sgLog.c > $PRGNAM-$VERSION/src/sgLog.c
-
-# Fixes two bypass problems with URLs having a length closed to the defined
-# MAX_BUF value (4096).
-tar xvf $CWD/patches/$PRGNAM-$VERSION-patch-20091019.tar.gz
-cat $PRGNAM-$VERSION-20091019/sg.h.in > $PRGNAM-$VERSION/src/sg.h.in
-cat $PRGNAM-$VERSION-20091019/sgDiv.c.in > $PRGNAM-$VERSION/src/sgDiv.c.in
-
cd $PRGNAM-$VERSION
chown -R root:root .
find -L . \
@@ -83,6 +71,15 @@ find -L . \
\( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
-o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
+# Fixes a buffer overflow problem and prevents squidGuard from going into
+# emergency mode when overlong URLs are encountered (they can be perfectly
+# legal).
+
+# Fixes two bypass problems with URLs having a length closed to the defined
+# MAX_BUF value (4096).
+patch -p1 < $CWD/squidGuard.patch
+
+
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
./configure \
diff --git a/network/squidGuard/squidGuard.patch b/network/squidGuard/squidGuard.patch
new file mode 100644
index 0000000000..46880baf67
--- /dev/null
+++ b/network/squidGuard/squidGuard.patch
@@ -0,0 +1,69 @@
+diff -Nur squidGuard-1.4.orig/src/sg.h.in squidGuard-1.4/src/sg.h.in
+--- squidGuard-1.4.orig/src/sg.h.in 2007-11-16 23:58:32.000000000 +0700
++++ squidGuard-1.4/src/sg.h.in 2015-02-07 22:26:18.632797069 +0700
+@@ -73,7 +73,7 @@
+ #define REQUEST_TYPE_REDIRECT 2
+ #define REQUEST_TYPE_PASS 3
+
+-#define MAX_BUF 4096
++#define MAX_BUF 12288
+
+ #define DEFAULT_LOGFILE "squidGuard.log"
+ #define WARNING_LOGFILE "squidGuard.log"
+diff -Nur squidGuard-1.4.orig/src/sgDiv.c.in squidGuard-1.4/src/sgDiv.c.in
+--- squidGuard-1.4.orig/src/sgDiv.c.in 2008-07-14 23:02:43.000000000 +0700
++++ squidGuard-1.4/src/sgDiv.c.in 2015-02-07 22:26:18.632797069 +0700
+@@ -745,7 +745,7 @@
+ p++;
+ break;
+ case 'u': /* Requested URL */
+- strcat(buf, req->orig);
++ strncat(buf, req->orig, 2048);
+ p++;
+ break;
+ default:
+diff -Nur squidGuard-1.4.orig/src/sgLog.c squidGuard-1.4/src/sgLog.c
+--- squidGuard-1.4.orig/src/sgLog.c 2007-11-16 23:58:32.000000000 +0700
++++ squidGuard-1.4/src/sgLog.c 2015-02-07 22:26:39.122853889 +0700
+@@ -2,7 +2,7 @@
+ By accepting this notice, you agree to be bound by the following
+ agreements:
+
+- This software product, squidGuard, is copyrighted (C) 1998-2007
++ This software product, squidGuard, is copyrighted (C) 1998-2009
+ by Christine Kronberg, Shalla Secure Services. All rights reserved.
+
+ This program is free software; you can redistribute it and/or modify it
+@@ -55,8 +55,8 @@
+ char msg[MAX_BUF];
+ va_list ap;
+ VA_START(ap, format);
+- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
+- fprintf(stderr,"overflow in vsprintf (sgLog): %s",strerror(errno));
++ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
++ fprintf(stderr,"overflow in vsnprintf (sgLog): %s",strerror(errno));
+ va_end(ap);
+ date = niso(0);
+ if(globalDebug || log == NULL) {
+@@ -87,8 +87,8 @@
+ char msg[MAX_BUF];
+ va_list ap;
+ VA_START(ap, format);
+- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
+- sgLogFatalError("overflow in vsprintf (sgLogError): %s",strerror(errno));
++ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
++ sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
+ va_end(ap);
+ sgLog(globalErrorLog,"%s",msg);
+ }
+@@ -104,8 +104,8 @@
+ char msg[MAX_BUF];
+ va_list ap;
+ VA_START(ap, format);
+- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
+- return;
++ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
++ sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
+ va_end(ap);
+ sgLog(globalErrorLog,"%s",msg);
+ sgEmergency();