April,
I removed the duplicate code from line 39-46
Webrev
http://jurassic.us.oracle.com/net/ssarva-us/export/home/srini/clone/Dec10-SRU//webrev/index.html
Thanks
Srini
On 12/12/11 16:00, April Chin wrote:
Hi Srini,
This looks like the initial fix for CVE-2011-3205, was made to the
gopher.cc file for squid 3.1.15,
but there was another change to gopher.cc in squid 3.1.16 which
removes an apparently duplicate
set of code added by the patch, at lines 39-46 in
components/squid/patches/src.gopher.cc.patch
27 + if (gopherState->len + llen>= TEMP_BUF_SIZE) {
28 + debugs(10, 1, "GopherHTML: Buffer overflow. Lost
some data on URL: "<< entry->url() );
29 + llen = TEMP_BUF_SIZE - gopherState->len - 1;
30 + }
31 + if (!lpos) {
32 + /* there is no complete line in inbuf */
33 + /* copy it to temp buffer */
34 + /* note: llen is adjusted above */
35 + xmemcpy(gopherState->buf + gopherState->len, pos,
llen);
36 + gopherState->len += llen;
37 + break;
38 + }
39 + if (!lpos) {
40 + /* there is no complete line in inbuf */
41 + /* copy it to temp buffer */
42 + /* note: llen is adjusted above */
43 + xmemcpy(gopherState->buf + gopherState->len, pos,
llen);
44 + gopherState->len += llen;
45 + break;
46 + }
47 if (gopherState->len != 0) {
48 /* there is something left from last tx. */
49 - xstrncpy(line, gopherState->buf, gopherState->len + 1);
It looks like you want to remove the duplicate code from the patch, so
it will look like the
squid 3.1.16 (same as 3.1.18) gopher.cc.
You can see the follow-up fix here:
http://www.squid-cache.org/Versions/v3/3.1/squid-3.1.16.patch:
...
diff -u -r -N squid-3.1.15/src/gopher.cc squid-3.1.16/src/gopher.cc
--- squid-3.1.15/src/gopher.cc 2011-08-28 19:53:14.000000000 +1200
+++ squid-3.1.16/src/gopher.cc 2011-10-13 21:30:05.000000000 +1300
@@ -462,14 +462,6 @@
gopherState->len += llen;
break;
}
- if (!lpos) {
- /* there is no complete line in inbuf */
- /* copy it to temp buffer */
- /* note: llen is adjusted above */
- xmemcpy(gopherState->buf + gopherState->len, pos, llen);
- gopherState->len += llen;
- break;
- }
if (gopherState->len != 0) {
/* there is something left from last tx. */
xmemcpy(line, gopherState->buf, gopherState->len);
,,,
April
On 12/12/11 12:22 PM, Srinivasa Sarva wrote:
April,
Yes, this should also go into SRU
CR7088912 Problem with utility/squid
(CVE-2011-3205)
Webrev
http://jurassic.us.oracle.com/net/ssarva-us/export/home/srini/clone/Dec10-SRU//webrev/index.html
Thanks
Srini
On 12/12/11 09:19, April Chin wrote:
Srini,
Should this update also be integrated into the SRU because of 7088912?
April
_______________________________________________
userland-discuss mailing list
userland-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/userland-discuss
