File SQUID-2019_9.patch of Package squid.14299

Overview Repositories Revisions Requests Users Attributes Meta

File SQUID-2019_9.patch of Package squid.14299

commit e5f1813a674848dde570f7920873e1071f96e0b4
Author: Amos Jeffries <yadij@users.noreply.github.com>
Date:   2019-07-12 03:08:00 +0000

Prevent truncation for large origin-relative domains (#427)
    
    The domain in a URL must obey hostname length restrictions after
    append_domain is applied, not just MAX_URL for the normalized
    absolute-URL.

diff --git a/src/URL.h b/src/URL.h
index d8ad3f2..c17928a 100644
--- a/src/URL.h
+++ b/src/URL.h
@@ -115,6 +115,7 @@ enum MatchDomainNameFlags {
 int matchDomainName(const char *host, const char *domain, uint flags = mdnNone);
 int urlCheckRequest(const HttpRequest *);
 int urlDefaultPort(AnyP::ProtocolType p);
+bool urlAppendDomain(char *host);
 char *urlHostname(const char *url);
 void urlExtMethodConfigure(void);
 
diff --git a/src/internal.cc b/src/internal.cc
index 772255e..693aa1f 100644
--- a/src/internal.cc
+++ b/src/internal.cc
@@ -92,13 +92,9 @@ internalRemoteUri(const char *host, unsigned short port, const char *dir, const
 
     /*
      * append the domain in order to mirror the requests with appended
-     * domains
+     * domains. If that fails, just use the hostname anyway.
      */
-
-    /* For IPv6 addresses also check for a colon */
-    if (Config.appendDomain && !strchr(lc_host, '.') && !strchr(lc_host, ':'))
-        strncat(lc_host, Config.appendDomain, SQUIDHOSTNAMELEN -
-                strlen(lc_host) - 1);
+    (void)urlAppendDomain(lc_host);
 
     /* build uri in mb */
     static MemBuf mb;
diff --git a/src/url.cc b/src/url.cc
index 92aea36..2e54bef 100644
--- a/src/url.cc
+++ b/src/url.cc
@@ -175,6 +175,30 @@ urlDefaultPort(AnyP::ProtocolType p)
     }
 }
 
+/**
+ * Appends configured append_domain to hostname, assuming
+ * the given buffer is at least SQUIDHOSTNAMELEN bytes long,
+ * and that the host FQDN is not a 'dotless' TLD.
+ *
+ * \returns false if and only if there is not enough space to append
+ */
+bool
+urlAppendDomain(char *host)
+{
+    /* For IPv4 addresses check for a dot */
+    /* For IPv6 addresses also check for a colon */
+    if (Config.appendDomain && !strchr(host, '.') && !strchr(host, ':')) {
+        const uint64_t dlen = strlen(host);
+        const uint64_t want = dlen + Config.appendDomainLen;
+        if (want > SQUIDHOSTNAMELEN - 1) {
+            debugs(23, 2, "URL domain too large (" << dlen << " bytes)");
+            return false;
+        }
+        strncat(host, Config.appendDomain, SQUIDHOSTNAMELEN - dlen - 1);
+    }
+    return true;
+}
+
 /*
  * Parse a URI/URL.
  *
@@ -375,9 +399,8 @@ urlParse(const HttpRequestMethod& method, char *url, HttpRequest *request)
         return NULL;
     }
 
-    /* For IPV6 addresses also check for a colon */
-    if (Config.appendDomain && !strchr(host, '.') && !strchr(host, ':'))
-        strncat(host, Config.appendDomain, SQUIDHOSTNAMELEN - strlen(host) - 1);
+    if (!urlAppendDomain(host))
+        return NULL;
 
     /* remove trailing dots from hostnames */
     while ((l = strlen(host)) > 0 && host[--l] == '.')

Places

File SQUID-2019_9.patch of Package squid.14299

Places