diff options
Diffstat (limited to 'network/thttpd/patches/2.25b')
8 files changed, 327 insertions, 0 deletions
diff --git a/network/thttpd/patches/2.25b/additional-input-validation-httpd.c.diff b/network/thttpd/patches/2.25b/additional-input-validation-httpd.c.diff new file mode 100644 index 0000000000..04f59eac8e --- /dev/null +++ b/network/thttpd/patches/2.25b/additional-input-validation-httpd.c.diff @@ -0,0 +1,62 @@ +--- thttpd-2.25b/extras/htpasswd.c.orig 2006-03-31 04:12:42.281317000 +0000 ++++ thttpd-2.25b/extras/htpasswd.c 2006-03-31 05:21:37.741632392 +0000 +@@ -151,6 +151,7 @@ void interrupted(int signo) { + int main(int argc, char *argv[]) { + FILE *tfp,*f; + char user[MAX_STRING_LEN]; ++ char pwfilename[MAX_STRING_LEN]; + char line[MAX_STRING_LEN]; + char l[MAX_STRING_LEN]; + char w[MAX_STRING_LEN]; +@@ -168,6 +169,25 @@ int main(int argc, char *argv[]) { + perror("fopen"); + exit(1); + } ++ if (strlen(argv[2]) > (sizeof(pwfilename) - 1)) { ++ fprintf(stderr, "%s: filename is too long\n", argv[0]); ++ exit(1); ++ } ++ if (((strchr(argv[2], ';')) != NULL) || ((strchr(argv[2], '>')) != NULL)) { ++ fprintf(stderr, "%s: filename contains an illegal character\n", ++ argv[0]); ++ exit(1); ++ } ++ if (strlen(argv[3]) > (sizeof(user) - 1)) { ++ fprintf(stderr, "%s: username is too long\n", argv[0], ++ sizeof(user) - 1); ++ exit(1); ++ } ++ if ((strchr(argv[3], ':')) != NULL) { ++ fprintf(stderr, "%s: username contains an illegal character\n", ++ argv[0]); ++ exit(1); ++ } + printf("Adding password for %s.\n",argv[3]); + add_password(argv[3],tfp); + fclose(tfp); +@@ -180,6 +200,25 @@ int main(int argc, char *argv[]) { + exit(1); + } + ++ if (strlen(argv[1]) > (sizeof(pwfilename) - 1)) { ++ fprintf(stderr, "%s: filename is too long\n", argv[0]); ++ exit(1); ++ } ++ if (((strchr(argv[1], ';')) != NULL) || ((strchr(argv[1], '>')) != NULL)) { ++ fprintf(stderr, "%s: filename contains an illegal character\n", ++ argv[0]); ++ exit(1); ++ } ++ if (strlen(argv[2]) > (sizeof(user) - 1)) { ++ fprintf(stderr, "%s: username is too long\n", argv[0], ++ sizeof(user) - 1); ++ exit(1); ++ } ++ if ((strchr(argv[2], ':')) != NULL) { ++ fprintf(stderr, "%s: username contains an illegal character\n", ++ argv[0]); ++ exit(1); ++ } + if(!(f = fopen(argv[1],"r"))) { + fprintf(stderr, + "Could not open passwd file %s for reading.\n",argv[1]); diff --git a/network/thttpd/patches/2.25b/fix-buffer-overflow.diff b/network/thttpd/patches/2.25b/fix-buffer-overflow.diff new file mode 100644 index 0000000000..cacd732148 --- /dev/null +++ b/network/thttpd/patches/2.25b/fix-buffer-overflow.diff @@ -0,0 +1,21 @@ +diff -Nrup thttpd-2.25b.orig/libhttpd.c thttpd-2.25b/libhttpd.c +--- thttpd-2.25b.orig/libhttpd.c 2003-12-25 19:06:05.000000000 +0000 ++++ thttpd-2.25b/libhttpd.c 2007-01-08 21:43:28.000000000 +0000 +@@ -1469,7 +1469,7 @@ expand_symlinks( char* path, char** rest + httpd_realloc_str( &checked, &maxchecked, checkedlen ); + (void) strcpy( checked, path ); + /* Trim trailing slashes. */ +- while ( checked[checkedlen - 1] == '/' ) ++ while ( checkedlen && checked[checkedlen - 1] == '/' ) + { + checked[checkedlen - 1] = '\0'; + --checkedlen; +@@ -1488,7 +1488,7 @@ expand_symlinks( char* path, char** rest + restlen = strlen( path ); + httpd_realloc_str( &rest, &maxrest, restlen ); + (void) strcpy( rest, path ); +- if ( rest[restlen - 1] == '/' ) ++ if ( restlen && rest[restlen - 1] == '/' ) + rest[--restlen] = '\0'; /* trim trailing slash */ + if ( ! tildemapped ) + /* Remove any leading slashes. */ diff --git a/network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff b/network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff new file mode 100644 index 0000000000..c41ec46b97 --- /dev/null +++ b/network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff @@ -0,0 +1,19 @@ +diff -ru thttpd-2.23beta1.orig/extras/syslogtocern thttpd-2.23beta1/extras/syslogtocern +--- thttpd-2.23beta1.orig/extras/syslogtocern 1999-09-15 18:00:54.000000000 +0200 ++++ thttpd-2.23beta1/extras/syslogtocern 2005-10-26 01:45:34.000000000 +0200 +@@ -31,8 +31,8 @@ + exit 1 + fi + +-tmp1=/tmp/stc1.$$ +-rm -f $tmp1 ++tmp1=``mktemp -t stc1.XXXXXX` || { echo "$0: Cannot create temporary file" >&2; exit 1; } ++trap " [ -f \"$tmp1\" ] && /bin/rm -f -- \"$tmp1\"" 0 1 2 3 13 15 + + # Gather up all the thttpd entries. + egrep ' thttpd\[' $* > $tmp1 +@@ -65,4 +65,3 @@ + sed -e "s,\([A-Z][a-z][a-z] [0-9 ][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\) [^ ]* thttpd\[[0-9]*\]: \(.*\),[\1 ${year}] \2," > error_log + + # Done. +-rm -f $tmp1 diff --git a/network/thttpd/patches/2.25b/thttpd-2.25b-fix-illegal-path-info.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-fix-illegal-path-info.patch new file mode 100644 index 0000000000..d1688f1446 --- /dev/null +++ b/network/thttpd/patches/2.25b/thttpd-2.25b-fix-illegal-path-info.patch @@ -0,0 +1,17 @@ +diff -Naur thttpd-2.25b.orig/libhttpd.c thttpd-2.25b/libhttpd.c +--- thttpd-2.25b.orig/libhttpd.c 2007-10-14 10:09:55.000000000 +0000 ++++ thttpd-2.25b/libhttpd.c 2007-10-14 10:09:11.000000000 +0000 +@@ -2322,8 +2320,11 @@ + { + int i; + i = strlen( hc->origfilename ) - strlen( hc->pathinfo ); +- if ( i > 0 && strcmp( &hc->origfilename[i], hc->pathinfo ) == 0 ) +- hc->origfilename[i - 1] = '\0'; ++ if ( strcmp( &hc->origfilename[i], hc->pathinfo ) == 0 ) ++ { ++ if ( i == 0 ) hc->origfilename[0] = '\0'; ++ else hc->origfilename[i - 1] = '\0'; ++ } + } + + /* If the expanded filename is an absolute path, check that it's still diff --git a/network/thttpd/patches/2.25b/thttpd-2.25b-monolithic-timer.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-monolithic-timer.patch new file mode 100644 index 0000000000..9ff38aec45 --- /dev/null +++ b/network/thttpd/patches/2.25b/thttpd-2.25b-monolithic-timer.patch @@ -0,0 +1,126 @@ +diff -Nru thttpd-2.25b.orig/configure.in thttpd-2.25b/configure.in +--- thttpd-2.25b.orig/configure.in 2003-12-25 20:41:13.000000000 +0200 ++++ thttpd-2.25b/configure.in 2010-07-08 00:04:25.000000000 +0300 +@@ -123,6 +123,8 @@ + ;; + esac + ++AC_CHECK_LIB(rt, clock_gettime) ++ + AC_ACME_TM_GMTOFF + AC_ACME_INT64T + AC_ACME_SOCKLENT +diff -Nru thttpd-2.25b.orig/thttpd.c thttpd-2.25b/thttpd.c +--- thttpd-2.25b.orig/thttpd.c 2003-12-25 21:06:52.000000000 +0200 ++++ thttpd-2.25b/thttpd.c 2010-07-08 00:41:28.000000000 +0300 +@@ -742,7 +742,7 @@ + } + + /* Main loop. */ +- (void) gettimeofday( &tv, (struct timezone*) 0 ); ++ tmr_prepare_timeval( &tv ); + while ( ( ! terminate ) || num_connects > 0 ) + { + /* Do we need to re-open the log file? */ +@@ -761,7 +761,7 @@ + syslog( LOG_ERR, "fdwatch - %m" ); + exit( 1 ); + } +- (void) gettimeofday( &tv, (struct timezone*) 0 ); ++ tmr_prepare_timeval( &tv ); + + if ( num_ready == 0 ) + { +diff -Nru thttpd-2.25b.orig/timers.c thttpd-2.25b/timers.c +--- thttpd-2.25b.orig/timers.c 2002-08-22 04:04:12.000000000 +0300 ++++ thttpd-2.25b/timers.c 2010-07-08 11:47:03.000000000 +0300 +@@ -41,7 +41,13 @@ + + ClientData JunkClientData; + +- ++#undef HAVE_LIBRT_MONO ++#if defined(HAVE_LIBRT) && defined(CLOCK_MONOTONIC) ++#define HAVE_LIBRT_MONO ++#include <time.h> ++static int use_monotonic = 0; /* monotonic clock runtime availability flag */ ++static struct timeval tv_diff; /* system time - monotonic difference at start */ ++#endif + + static unsigned int + hash( Timer* t ) +@@ -145,6 +151,26 @@ + timers[h] = (Timer*) 0; + free_timers = (Timer*) 0; + alloc_count = active_count = free_count = 0; ++ ++ /* Check for monotonic clock availability */ ++#ifdef HAVE_LIBRT_MONO ++ struct timespec ts; ++ struct timeval tv_start, tv; ++ ++ /* Try to get monotonic clock time */ ++ if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0) { ++ use_monotonic = 1; ++ ++ /* Get current system time */ ++ (void) gettimeofday( &tv_start , (struct timezone*) 0 ); ++ tv.tv_sec = ts.tv_sec; ++ tv.tv_usec = ts.tv_nsec / 1000L; ++ /* Calculate and save the difference: tv_start is since the Epoch, so tv_start > ts ++ tv_diff = tv_start - tv */ ++ timersub( &tv_start, &tv, &tv_diff ); ++ } ++#endif ++ + } + + +@@ -176,7 +202,7 @@ + if ( nowP != (struct timeval*) 0 ) + t->time = *nowP; + else +- (void) gettimeofday( &t->time, (struct timezone*) 0 ); ++ tmr_prepare_timeval( &t->time ); + t->time.tv_sec += msecs / 1000L; + t->time.tv_usec += ( msecs % 1000L ) * 1000L; + if ( t->time.tv_usec >= 1000000L ) +@@ -349,3 +375,27 @@ + if ( active_count + free_count != alloc_count ) + syslog( LOG_ERR, "timer counts don't add up!" ); + } ++ ++/* Fill timeval structure for further usage by the package. */ ++void ++tmr_prepare_timeval( struct timeval *tv ) ++{ ++#ifdef HAVE_LIBRT_MONO ++ struct timespec ts; ++ struct timeval tv0; ++ ++ if (use_monotonic) { /* use monotonic clock source ? */ ++ if (clock_gettime(CLOCK_MONOTONIC,&ts) < 0) { ++ perror("clock_gettime"); return; ++ } ++ tv0.tv_sec = ts.tv_sec; ++ tv0.tv_usec = ts.tv_nsec / 1000L; ++ /* Return system time value like it was running accurately */ ++ timeradd( &tv_diff, &tv0, tv ); ++ } else { ++#endif ++ (void) gettimeofday( tv , (struct timezone*) 0 ); ++#ifdef HAVE_LIBRT_MONO ++ } ++#endif ++} +diff -Nru thttpd-2.25b.orig/timers.h thttpd-2.25b/timers.h +--- thttpd-2.25b.orig/timers.h 2001-04-13 08:37:41.000000000 +0300 ++++ thttpd-2.25b/timers.h 2010-07-08 00:09:15.000000000 +0300 +@@ -106,4 +106,7 @@ + /* Generate debugging statistics syslog message. */ + extern void tmr_logstats( long secs ); + ++/* Fill timeval structure for further usage by the package. */ ++extern void tmr_prepare_timeval( struct timeval *tv ); ++ + #endif /* _TIMERS_H_ */ diff --git a/network/thttpd/patches/2.25b/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch new file mode 100644 index 0000000000..ce915c706b --- /dev/null +++ b/network/thttpd/patches/2.25b/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch @@ -0,0 +1,55 @@ +diff -Naur thttpd-2.25b.orig/cgi-src/Makefile.in thttpd-2.25b/cgi-src/Makefile.in +--- thttpd-2.25b.orig/cgi-src/Makefile.in 2010-10-28 23:33:28.000000000 +0200 ++++ thttpd-2.25b/cgi-src/Makefile.in 2010-10-29 00:05:43.000000000 +0200 +@@ -31,10 +31,9 @@ + MANDIR = @mandir@ + + CC = @CC@ +-CCOPT = @V_CCOPT@ + DEFS = @DEFS@ + INCLS = -I.. +-CFLAGS = $(CCOPT) $(DEFS) $(INCLS) ++CFLAGS += $(DEFS) $(INCLS) + LDFLAGS = @LDFLAGS@ @V_STATICFLAG@ + LIBS = @LIBS@ + NETLIBS = @V_NETLIBS@ +diff -Naur thttpd-2.25b.orig/extras/Makefile.in thttpd-2.25b/extras/Makefile.in +--- thttpd-2.25b.orig/extras/Makefile.in 2010-10-28 23:33:28.000000000 +0200 ++++ thttpd-2.25b/extras/Makefile.in 2010-10-29 00:06:36.000000000 +0200 +@@ -32,11 +32,9 @@ + MANDIR = @mandir@ + + CC = @CC@ +-CCOPT = @V_CCOPT@ + DEFS = @DEFS@ + INCLS = -I.. +-CFLAGS = $(CCOPT) $(DEFS) $(INCLS) +-STATICFLAG = @V_STATICFLAG@ ++CFLAGS += $(DEFS) $(INCLS) + LDFLAGS = @LDFLAGS@ + LIBS = @LIBS@ + NETLIBS = @V_NETLIBS@ +@@ -59,7 +57,7 @@ + $(CC) $(CFLAGS) -DWEBDIR=\"$(WEBDIR)\" -c makeweb.c + + htpasswd: htpasswd.o +- $(CC) $(LDFLAGS) $(STATICFLAG) htpasswd.o -o htpasswd $(LIBS) ++ $(CC) $(LDFLAGS) htpasswd.o -o htpasswd $(LIBS) + + htpasswd.o: htpasswd.c ../config.h + $(CC) $(CFLAGS) -DWEBDIR=\"$(WEBDIR)\" -c htpasswd.c +diff -Naur thttpd-2.25b.orig/Makefile.in thttpd-2.25b/Makefile.in +--- thttpd-2.25b.orig/Makefile.in 2010-10-28 23:33:28.000000000 +0200 ++++ thttpd-2.25b/Makefile.in 2010-10-29 00:05:43.000000000 +0200 +@@ -47,10 +47,9 @@ + # You shouldn't need to edit anything below here. + + CC = @CC@ +-CCOPT = @V_CCOPT@ + DEFS = @DEFS@ + INCLS = -I. +-CFLAGS = $(CCOPT) $(DEFS) $(INCLS) ++CFLAGS += $(DEFS) $(INCLS) + LDFLAGS = @LDFLAGS@ + LIBS = @LIBS@ + NETLIBS = @V_NETLIBS@ diff --git a/network/thttpd/patches/2.25b/thttpd-2.25b-use-Status-header.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-use-Status-header.patch new file mode 100644 index 0000000000..6aaae5a5d9 --- /dev/null +++ b/network/thttpd/patches/2.25b/thttpd-2.25b-use-Status-header.patch @@ -0,0 +1,12 @@ +diff -Naur thttpd-2.25b.orig/libhttpd.c thttpd-2.25b/libhttpd.c +--- thttpd-2.25b.orig/libhttpd.c 2007-10-14 10:09:11.000000000 +0000 ++++ thttpd-2.25b/libhttpd.c 2007-10-14 10:21:37.000000000 +0000 +@@ -3279,7 +3279,7 @@ + cp += strspn( cp, " \t" ); + status = atoi( cp ); + } +- if ( ( cp = strstr( headers, "Location:" ) ) != (char*) 0 && ++ else if ( ( cp = strstr( headers, "Location:" ) ) != (char*) 0 && + cp < br && + ( cp == headers || *(cp-1) == '\012' ) ) + status = 302; diff --git a/network/thttpd/patches/2.25b/thttpd-2.25b-use-X-Forwarded-For-header.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-use-X-Forwarded-For-header.patch new file mode 100644 index 0000000000..0fec25ef7c --- /dev/null +++ b/network/thttpd/patches/2.25b/thttpd-2.25b-use-X-Forwarded-For-header.patch @@ -0,0 +1,15 @@ +--- thttpd-2.25b/libhttpd.c 2003-12-25 20:06:05.000000000 +0100 ++++ thttpd-2.25b-patched/libhttpd.c 2005-01-09 00:26:04.867255248 +0100 +@@ -2207,6 +2207,12 @@ + if ( strcasecmp( cp, "keep-alive" ) == 0 ) + hc->keep_alive = 1; + } ++ else if ( strncasecmp( buf, "X-Forwarded-For:", 16 ) == 0 ) ++ { // Use real IP if available ++ cp = &buf[16]; ++ cp += strspn( cp, " \t" ); ++ inet_aton( cp, &(hc->client_addr.sa_in.sin_addr) ); ++ } + #ifdef LOG_UNKNOWN_HEADERS + else if ( strncasecmp( buf, "Accept-Charset:", 15 ) == 0 || + strncasecmp( buf, "Accept-Language:", 16 ) == 0 || |