rpms/squidguard
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
main
squidguard/squidGuard-1.4-patch-20091019.patch

71 lines
2.5 KiB
Diff
Raw Permalink Blame History

--- src/sg.h.in 2007-11-16 17:58:32.000000000 +0100
+++ squidGuard-1.4-20091019/sg.h.in 2009-10-19 21:25:23.000000000 +0200
@@ -73,7 +73,7 @@
#define REQUEST_TYPE_REDIRECT 2
#define REQUEST_TYPE_PASS 3
-#define MAX_BUF 4096
+#define MAX_BUF 12288
#define DEFAULT_LOGFILE "squidGuard.log"
#define WARNING_LOGFILE "squidGuard.log"
--- src/sgDiv.c 2008-03-12 21:41:53.000000000 +0100
+++ squidGuard-1.4-20091019/sgDiv.c.in 2009-10-19 21:26:04.000000000 +0200
@@ -94,6 +94,7 @@
int i = 0;
char c;
int report_once = 1;
+ int trailingdot = 0;
size_t strsz;
int ndx = 0;
@@ -132,7 +133,7 @@
{
/* in case this is a '://' skip over it, but try to not read past EOS */
if(3 <= strsz-ndx) {
- if(':' == p[ndx] && '/' == p[ndx+1] && '/' == p[ndx+2]) {
+ if(':' == p[ndx] && '/' == p[ndx+1] && '/' == p[ndx+2] && '\0' != p[ndx+3]) {
ndx+=3; /* 3 == strlen("://"); */
}
}
@@ -144,10 +145,20 @@
strncpy(p+ndx,p+ndx+1, sz);
p[ndx+sz] = '\0';
if(1 == report_once) {
- sgLogError("Warning: Possible bypass attempt. Found multiple slashes where only one is expected: %s", s->orig);
+ @NOLOG1@ sgLogError("Warning: Possible bypass attempt. Found multiple slashes where only one is expected: %s", s->orig); @NOLOG2@
report_once--;
}
}
+ else if ('.' == p[ndx] && '/' == p[ndx+1] && trailingdot == 0) {
+ /* If the domain has trailing dot, remove (problem found with squid 3.0 stable1-5) */
+ /* if this char is a dot and the next char is a slash, then shift the rest of the string left one char */
+ /* We do this only the first time it is encountered. */
+ trailingdot++;
+ size_t sz = strlen(p+ndx+1);
+ strncpy(p+ndx,p+ndx+1, sz);
+ p[ndx+sz] = '\0';
+ @NOLOG1@ sgLogError("Warning: Possible bypass attempt. Found a trailing dot in the domain name: %s", s->orig); @NOLOG2@
+ }
else
{
/* increment the string indexer */
@@ -734,7 +745,7 @@
p++;
break;
case 'u': /* Requested URL */
- strcat(buf, req->orig);
+ strncat(buf, req->orig, 2048);
p++;
break;
default:
@@ -766,7 +777,7 @@
fprintf( stderr, " ****************\n");
fprintf( stderr, "FAILURE! Check your log file for problems with the database files!\n" );
fprintf( stderr, " ****************\n");
- exit(1);
+ exit(4);
}
}
sgLogError("Going into emergency mode");
Reference in New Issue View Git Blame Copy Permalink