Author: adamg Date: Tue Feb 16 19:24:26 2010 GMT Module: packages Tag: HEAD ---- Log message: - new (based on http://www.squidguard.org/Downloads/Patches/1.4/squidGuard-1.4-patch-20091015.tar.gz)
---- Files affected: packages/squidGuard: squidGuard-long-urls-buffer-overflow.patch (NONE -> 1.1) (NEW) ---- Diffs: ================================================================ Index: packages/squidGuard/squidGuard-long-urls-buffer-overflow.patch diff -u /dev/null packages/squidGuard/squidGuard-long-urls-buffer-overflow.patch:1.1 --- /dev/null Tue Feb 16 20:24:26 2010 +++ packages/squidGuard/squidGuard-long-urls-buffer-overflow.patch Tue Feb 16 20:24:21 2010 @@ -0,0 +1,46 @@ +based on http://www.squidguard.org/Downloads/Patches/1.4/squidGuard-1.4-patch-20091015.tar.gz + +--- a/src/sgLog.c 2007-11-16 17:58:32.000000000 +0100 ++++ b/src/sgLog.c 2009-10-15 21:25:14.000000000 +0200 +@@ -2,7 +2,7 @@ + By accepting this notice, you agree to be bound by the following + agreements: + +- This software product, squidGuard, is copyrighted (C) 1998-2007 ++ This software product, squidGuard, is copyrighted (C) 1998-2009 + by Christine Kronberg, Shalla Secure Services. All rights reserved. + + This program is free software; you can redistribute it and/or modify it +@@ -55,8 +55,8 @@ + char msg[MAX_BUF]; + va_list ap; + VA_START(ap, format); +- if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) +- fprintf(stderr,"overflow in vsprintf (sgLog): %s",strerror(errno)); ++ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) ++ fprintf(stderr,"overflow in vsnprintf (sgLog): %s",strerror(errno)); + va_end(ap); + date = niso(0); + if(globalDebug || log == NULL) { +@@ -87,8 +87,8 @@ + char msg[MAX_BUF]; + va_list ap; + VA_START(ap, format); +- if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) +- sgLogFatalError("overflow in vsprintf (sgLogError): %s",strerror(errno)); ++ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) ++ sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno)); + va_end(ap); + sgLog(globalErrorLog,"%s",msg); + } +@@ -104,8 +104,8 @@ + char msg[MAX_BUF]; + va_list ap; + VA_START(ap, format); +- if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) +- return; ++ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) ++ sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno)); + va_end(ap); + sgLog(globalErrorLog,"%s",msg); + sgEmergency(); ================================================================ _______________________________________________ pld-cvs-commit mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
