Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
squid
CVE-2021-46784.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2021-46784.patch of Package squid
Based on: From 780c4ea1b4c9d2fb41f6962aa6ed73ae57f74b2b Mon Sep 17 00:00:00 2001 From: Joshua Rogers <MegaManSec@users.noreply.github.com> Date: Mon, 18 Apr 2022 13:42:36 +0000 Subject: [PATCH] Improve handling of Gopher responses (#1022) --- src/gopher.cc | 45 ++++++++++++++++++++------------------------- 1 file changed, 20 insertions(+), 25 deletions(-) Index: squid-3.5.21/src/gopher.cc =================================================================== --- squid-3.5.21.orig/src/gopher.cc +++ squid-3.5.21/src/gopher.cc @@ -366,7 +366,6 @@ gopherToHTML(GopherStateData * gopherSta char *lpos = NULL; char *tline = NULL; LOCAL_ARRAY(char, line, TEMP_BUF_SIZE); - LOCAL_ARRAY(char, tmpbuf, TEMP_BUF_SIZE); char *name = NULL; char *selector = NULL; char *host = NULL; @@ -376,7 +375,6 @@ gopherToHTML(GopherStateData * gopherSta char gtype; StoreEntry *entry = NULL; - memset(tmpbuf, '\0', TEMP_BUF_SIZE); memset(line, '\0', TEMP_BUF_SIZE); entry = gopherState->entry; @@ -411,7 +409,7 @@ gopherToHTML(GopherStateData * gopherSta return; } - String outbuf; + SBuf outbuf; if (!gopherState->HTML_header_added) { if (gopherState->conversion == gopher_ds::HTML_CSO_RESULT) @@ -578,34 +576,34 @@ gopherToHTML(GopherStateData * gopherSta break; } - memset(tmpbuf, '\0', TEMP_BUF_SIZE); - if ((gtype == GOPHER_TELNET) || (gtype == GOPHER_3270)) { if (strlen(escaped_selector) != 0) - snprintf(tmpbuf, TEMP_BUF_SIZE, "<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"telnet://%s@%s%s%s/\">%s</A>\n", - icon_url, escaped_selector, rfc1738_escape_part(host), - *port ? ":" : "", port, html_quote(name)); + outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"telnet://%s@%s%s%s/\">%s</A>\n", + icon_url, escaped_selector, rfc1738_escape_part(host), + *port ? ":" : "", port, html_quote(name)); else - snprintf(tmpbuf, TEMP_BUF_SIZE, "<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"telnet://%s%s%s/\">%s</A>\n", - icon_url, rfc1738_escape_part(host), *port ? ":" : "", - port, html_quote(name)); + outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"telnet://%s%s%s/\">%s</A>\n", + icon_url, rfc1738_escape_part(host), *port ? ":" : "", + port, html_quote(name)); } else if (gtype == GOPHER_INFO) { - snprintf(tmpbuf, TEMP_BUF_SIZE, "\t%s\n", html_quote(name)); + outbuf.appendf("\t%s\n", html_quote(name)); } else { if (strncmp(selector, "GET /", 5) == 0) { /* WWW link */ - snprintf(tmpbuf, TEMP_BUF_SIZE, "<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"http://%s/%s\">%s</A>\n", - icon_url, host, rfc1738_escape_unescaped(selector + 5), html_quote(name)); + outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"http://%s/%s\">%s</A>\n", + icon_url, host, rfc1738_escape_unescaped(selector + 5), html_quote(name)); + } else if (gtype == GOPHER_WWW) { + outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"gopher://%s/%c%s\">%s</A>\n", + icon_url, rfc1738_escape_unescaped(selector), html_quote(name)); } else { /* Standard link */ - snprintf(tmpbuf, TEMP_BUF_SIZE, "<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"gopher://%s/%c%s\">%s</A>\n", - icon_url, host, gtype, escaped_selector, html_quote(name)); + outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"gopher://%s/%c%s\">%s</A>\n", + icon_url, host, gtype, escaped_selector, html_quote(name)); } } safe_free(escaped_selector); - outbuf.append(tmpbuf); } else { memset(line, '\0', TEMP_BUF_SIZE); continue; @@ -638,13 +636,12 @@ gopherToHTML(GopherStateData * gopherSta break; if (gopherState->cso_recno != recno) { - snprintf(tmpbuf, TEMP_BUF_SIZE, "</PRE><HR noshade size=\"1px\"><H2>Record# %d<br><i>%s</i></H2>\n<PRE>", recno, html_quote(result)); + outbuf.appendf("</PRE><HR noshade size=\"1px\"><H2>Record# %d<br><i>%s</i></H2>\n<PRE>", recno, html_quote(result)); gopherState->cso_recno = recno; } else { - snprintf(tmpbuf, TEMP_BUF_SIZE, "%s\n", html_quote(result)); + outbuf.appendf("%s\n", html_quote(result)); } - outbuf.append(tmpbuf); break; } else { int code; @@ -672,8 +669,7 @@ gopherToHTML(GopherStateData * gopherSta case 502: { /* Too Many Matches */ /* Print the message the server returns */ - snprintf(tmpbuf, TEMP_BUF_SIZE, "</PRE><HR noshade size=\"1px\"><H2>%s</H2>\n<PRE>", html_quote(result)); - outbuf.append(tmpbuf); + outbuf.appendf("</PRE><HR noshade size=\"1px\"><H2>%s</H2>\n<PRE>", html_quote(result)); break; } @@ -689,13 +685,12 @@ gopherToHTML(GopherStateData * gopherSta } /* while loop */ - if (outbuf.size() > 0) { - entry->append(outbuf.rawBuf(), outbuf.size()); + if (outbuf.length() > 0) { + entry->append(outbuf.rawContent(), outbuf.length()); /* now let start sending stuff to client */ entry->flush(); } - outbuf.clean(); return; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor