aboutsummaryrefslogtreecommitdiffstats
path: root/www
diff options
context:
space:
mode:
authordelphij <delphij@FreeBSD.org>2009-10-23 07:01:54 +0800
committerdelphij <delphij@FreeBSD.org>2009-10-23 07:01:54 +0800
commit974b3700dd3d907af5d3bbac36eda7d05b27c6e5 (patch)
tree259b95fb1727500fbd82a0553d56f47a6ff834c4 /www
parente203ff359d4c7a9198da25b23839fb6a08011536 (diff)
downloadfreebsd-ports-gnome-974b3700dd3d907af5d3bbac36eda7d05b27c6e5.tar.gz
freebsd-ports-gnome-974b3700dd3d907af5d3bbac36eda7d05b27c6e5.tar.zst
freebsd-ports-gnome-974b3700dd3d907af5d3bbac36eda7d05b27c6e5.zip
Apply vendor fixes 20091015 and 20091019 to fix multiple vulnerabilities
of squidGuard 1.4. Requested by: maintainer Security: 692ab645-bf5d-11de-849b-00151797c2d4
Diffstat (limited to 'www')
-rw-r--r--www/squidguard/Makefile2
-rw-r--r--www/squidguard/files/patch-src__sg.h.in11
-rw-r--r--www/squidguard/files/patch-src__sgDiv.c.in11
-rw-r--r--www/squidguard/files/patch-src__sgLog.c44
4 files changed, 67 insertions, 1 deletions
diff --git a/www/squidguard/Makefile b/www/squidguard/Makefile
index 147a6e59609e..69b219ae8aa6 100644
--- a/www/squidguard/Makefile
+++ b/www/squidguard/Makefile
@@ -7,7 +7,7 @@
PORTNAME= squidGuard
PORTVERSION= 1.4
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= www
MASTER_SITES= http://www.squidguard.org/Downloads/
diff --git a/www/squidguard/files/patch-src__sg.h.in b/www/squidguard/files/patch-src__sg.h.in
new file mode 100644
index 000000000000..9bbdfb5f7e20
--- /dev/null
+++ b/www/squidguard/files/patch-src__sg.h.in
@@ -0,0 +1,11 @@
+--- ./src/sg.h.in.orig 2007-11-16 08:58:32.000000000 -0800
++++ ./src/sg.h.in 2009-10-19 12:25:23.000000000 -0700
+@@ -73,7 +73,7 @@
+ #define REQUEST_TYPE_REDIRECT 2
+ #define REQUEST_TYPE_PASS 3
+
+-#define MAX_BUF 4096
++#define MAX_BUF 12288
+
+ #define DEFAULT_LOGFILE "squidGuard.log"
+ #define WARNING_LOGFILE "squidGuard.log"
diff --git a/www/squidguard/files/patch-src__sgDiv.c.in b/www/squidguard/files/patch-src__sgDiv.c.in
new file mode 100644
index 000000000000..2a7a855ba54b
--- /dev/null
+++ b/www/squidguard/files/patch-src__sgDiv.c.in
@@ -0,0 +1,11 @@
+--- ./src/sgDiv.c.in.orig 2008-07-14 09:02:43.000000000 -0700
++++ ./src/sgDiv.c.in 2009-10-19 12:26:04.000000000 -0700
+@@ -745,7 +745,7 @@
+ p++;
+ break;
+ case 'u': /* Requested URL */
+- strcat(buf, req->orig);
++ strncat(buf, req->orig, 2048);
+ p++;
+ break;
+ default:
diff --git a/www/squidguard/files/patch-src__sgLog.c b/www/squidguard/files/patch-src__sgLog.c
new file mode 100644
index 000000000000..2df5be1b35a9
--- /dev/null
+++ b/www/squidguard/files/patch-src__sgLog.c
@@ -0,0 +1,44 @@
+--- ./src/sgLog.c.orig 2007-11-16 08:58:32.000000000 -0800
++++ ./src/sgLog.c 2009-10-15 12:25:14.000000000 -0700
+@@ -2,7 +2,7 @@
+ By accepting this notice, you agree to be bound by the following
+ agreements:
+
+- This software product, squidGuard, is copyrighted (C) 1998-2007
++ This software product, squidGuard, is copyrighted (C) 1998-2009
+ by Christine Kronberg, Shalla Secure Services. All rights reserved.
+
+ This program is free software; you can redistribute it and/or modify it
+@@ -55,8 +55,8 @@
+ char msg[MAX_BUF];
+ va_list ap;
+ VA_START(ap, format);
+- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
+- fprintf(stderr,"overflow in vsprintf (sgLog): %s",strerror(errno));
++ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
++ fprintf(stderr,"overflow in vsnprintf (sgLog): %s",strerror(errno));
+ va_end(ap);
+ date = niso(0);
+ if(globalDebug || log == NULL) {
+@@ -87,8 +87,8 @@
+ char msg[MAX_BUF];
+ va_list ap;
+ VA_START(ap, format);
+- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
+- sgLogFatalError("overflow in vsprintf (sgLogError): %s",strerror(errno));
++ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
++ sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
+ va_end(ap);
+ sgLog(globalErrorLog,"%s",msg);
+ }
+@@ -104,8 +104,8 @@
+ char msg[MAX_BUF];
+ va_list ap;
+ VA_START(ap, format);
+- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
+- return;
++ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
++ sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
+ va_end(ap);
+ sgLog(globalErrorLog,"%s",msg);
+ sgEmergency();