network/squidGuard: Add missing patches.

Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
author: Willy Sudiarto Raharjo 2015-02-07 13:10:09 +0100
committer: Willy Sudiarto Raharjo 2015-02-07 16:29:32 +0100
commit: 241b765d8566546ecabc19413d5d353f233fa290 (patch)
tree: 6758a4b7f8a19c12a32a195f8067371663761f7e /network
parent: 1c8b4ee4d7ae7a2a44957ef16566b1e601f5566e (diff)
download: slackbuilds-241b765d8566546ecabc19413d5d353f233fa290.tar.gz
2 files changed, 79 insertions, 13 deletions
diff --git a/network/squidGuard/squidGuard.SlackBuild b/network/squidGuard/squidGuard.SlackBuild
index aff5b9e326..b79867661b 100644
--- a/network/squidGuard/squidGuard.SlackBuild
+++ b/network/squidGuard/squidGuard.SlackBuild
@@ -25,7 +25,7 @@
 
 PRGNAM=squidGuard
 VERSION=${VERSION:-1.4}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 TAG=${TAG:-_SBo}
 
 if [ -z "$ARCH" ]; then
@@ -63,18 +63,6 @@ cd $TMP
 rm -rf $PRGNAM-$VERSION
 tar xvf $CWD/$PRGNAM-$VERSION.tar.gz
 
-# Fixes a buffer overflow problem and prevents squidGuard from going into
-# emergency mode when overlong URLs are encountered (they can be perfectly
-# legal).
-tar xvf $CWD/patches/$PRGNAM-$VERSION-patch-20091015.tar.gz
-cat $PRGNAM-$VERSION-patch-20091015/sgLog.c > $PRGNAM-$VERSION/src/sgLog.c
-
-# Fixes two bypass problems with URLs having a length closed to the defined
-# MAX_BUF value (4096).
-tar xvf $CWD/patches/$PRGNAM-$VERSION-patch-20091019.tar.gz
-cat $PRGNAM-$VERSION-20091019/sg.h.in > $PRGNAM-$VERSION/src/sg.h.in
-cat $PRGNAM-$VERSION-20091019/sgDiv.c.in > $PRGNAM-$VERSION/src/sgDiv.c.in
-
 cd $PRGNAM-$VERSION
 chown -R root:root .
 find -L . \
@@ -83,6 +71,15 @@ find -L . \
  \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
   -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
 
+# Fixes a buffer overflow problem and prevents squidGuard from going into
+# emergency mode when overlong URLs are encountered (they can be perfectly
+# legal).
+
+# Fixes two bypass problems with URLs having a length closed to the defined
+# MAX_BUF value (4096).
+patch -p1 < $CWD/squidGuard.patch
+
+
 CFLAGS="$SLKCFLAGS" \
 CXXFLAGS="$SLKCFLAGS" \
 ./configure \
diff --git a/network/squidGuard/squidGuard.patch b/network/squidGuard/squidGuard.patch
new file mode 100644
index 0000000000..46880baf67
--- /dev/null
+++ b/network/squidGuard/squidGuard.patch
@@ -0,0 +1,69 @@
+diff -Nur squidGuard-1.4.orig/src/sg.h.in squidGuard-1.4/src/sg.h.in
+--- squidGuard-1.4.orig/src/sg.h.in	2007-11-16 23:58:32.000000000 +0700
++++ squidGuard-1.4/src/sg.h.in	2015-02-07 22:26:18.632797069 +0700
+@@ -73,7 +73,7 @@
+ #define REQUEST_TYPE_REDIRECT   2
+ #define REQUEST_TYPE_PASS       3
+ 
+-#define MAX_BUF 4096
++#define MAX_BUF 12288
+ 
+ #define DEFAULT_LOGFILE "squidGuard.log"
+ #define WARNING_LOGFILE "squidGuard.log"
+diff -Nur squidGuard-1.4.orig/src/sgDiv.c.in squidGuard-1.4/src/sgDiv.c.in
+--- squidGuard-1.4.orig/src/sgDiv.c.in	2008-07-14 23:02:43.000000000 +0700
++++ squidGuard-1.4/src/sgDiv.c.in	2015-02-07 22:26:18.632797069 +0700
+@@ -745,7 +745,7 @@
+       p++;
+       break;
+     case 'u': /* Requested URL */
+-      strcat(buf, req->orig);
++      strncat(buf, req->orig, 2048);
+       p++;
+       break;
+     default:
+diff -Nur squidGuard-1.4.orig/src/sgLog.c squidGuard-1.4/src/sgLog.c
+--- squidGuard-1.4.orig/src/sgLog.c	2007-11-16 23:58:32.000000000 +0700
++++ squidGuard-1.4/src/sgLog.c	2015-02-07 22:26:39.122853889 +0700
+@@ -2,7 +2,7 @@
+   By accepting this notice, you agree to be bound by the following
+   agreements:
+   
+-  This software product, squidGuard, is copyrighted (C) 1998-2007
++  This software product, squidGuard, is copyrighted (C) 1998-2009
+   by Christine Kronberg, Shalla Secure Services. All rights reserved.
+  
+   This program is free software; you can redistribute it and/or modify it
+@@ -55,8 +55,8 @@
+   char msg[MAX_BUF];
+   va_list ap;
+   VA_START(ap, format);
+-  if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) 
+-    fprintf(stderr,"overflow in vsprintf (sgLog): %s",strerror(errno));
++  if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) 
++    fprintf(stderr,"overflow in vsnprintf (sgLog): %s",strerror(errno));
+   va_end(ap);
+   date = niso(0);
+   if(globalDebug || log == NULL) {
+@@ -87,8 +87,8 @@
+   char msg[MAX_BUF];
+   va_list ap;
+   VA_START(ap, format);
+-  if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) 
+-    sgLogFatalError("overflow in vsprintf (sgLogError): %s",strerror(errno));
++  if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) 
++    sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
+   va_end(ap);
+   sgLog(globalErrorLog,"%s",msg);
+ }
+@@ -104,8 +104,8 @@
+   char msg[MAX_BUF];
+   va_list ap;
+   VA_START(ap, format);
+-  if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) 
+-    return;
++  if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) 
++    sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
+   va_end(ap);
+   sgLog(globalErrorLog,"%s",msg);
+   sgEmergency();
author	Willy Sudiarto Raharjo	2015-02-07 13:10:09 +0100
committer	Willy Sudiarto Raharjo	2015-02-07 16:29:32 +0100
commit	241b765d8566546ecabc19413d5d353f233fa290 (patch)
tree	6758a4b7f8a19c12a32a195f8067371663761f7e /network
parent	1c8b4ee4d7ae7a2a44957ef16566b1e601f5566e (diff)
download	slackbuilds-241b765d8566546ecabc19413d5d353f233fa290.tar.gz