Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
squid
SQUID_2016_6.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File SQUID_2016_6.patch of Package squid
------------------------------------------------------------ revno: 12697 revision-id: squid3@treenet.co.nz-20160420111636-ft1dbd1iuktj8ift parent: squid3@treenet.co.nz-20160420101500-nm50i4u3iftemzs6 committer: Amos Jeffries <squid3@treenet.co.nz> branch nick: 3.3 timestamp: Wed 2016-04-20 23:16:36 +1200 message: Fix several ESI element construction issues * Do not wrap active logic in assert(). * Fix localbuf array bounds checking. * Add Must() conditions to verify array writes will succeed ------------------------------------------------------------ # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: squid3@treenet.co.nz-20160420111636-ft1dbd1iuktj8ift # target_branch: http://bzr.squid-cache.org/bzr/squid3/3.3 # testament_sha1: 51aac9164cc49f99fb4332cec62403e3500433fd # timestamp: 2016-04-20 11:21:10 +0000 # source_branch: http://bzr.squid-cache.org/bzr/squid3/3.3 # base_revision_id: squid3@treenet.co.nz-20160420101500-\ # nm50i4u3iftemzs6 # # Begin patch === modified file 'src/esi/Esi.cc' --- src/esi/Esi.cc 2013-01-02 03:44:55 +0000 +++ src/esi/Esi.cc 2016-04-20 11:16:36 +0000 @@ -1007,7 +1007,7 @@ ESIElement::Pointer element; int specifiedattcount = attrCount * 2; char *position; - assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */ + Must(ellen < sizeof(localbuf)); /* prevent unexpected overruns. */ debugs(86, 5, "ESIContext::Start: element '" << el << "' with " << specifiedattcount << " tags"); @@ -1021,15 +1021,17 @@ /* Spit out elements we aren't interested in */ localbuf[0] = '<'; localbuf[1] = '\0'; - assert (xstrncpy (&localbuf[1], el, sizeof(localbuf) - 2)); + xstrncpy(&localbuf[1], el, sizeof(localbuf) - 2); position = localbuf + strlen (localbuf); for (i = 0; i < specifiedattcount && attr[i]; i += 2) { + Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1); *position = ' '; ++position; /* TODO: handle thisNode gracefully */ - assert (xstrncpy (position, attr[i], sizeof(localbuf) + (position - localbuf))); + xstrncpy(position, attr[i], sizeof(localbuf) - (position - localbuf)); position += strlen (position); + Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 2); *position = '='; ++position; *position = '\"'; @@ -1038,18 +1040,21 @@ char ch; while ((ch = *chPtr++) != '\0') { if (ch == '\"') { - assert( xstrncpy(position, """, sizeof(localbuf) + (position-localbuf)) ); + Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 6); + xstrncpy(position, """, sizeof(localbuf) - (position-localbuf)); position += 6; } else { + Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1); *position = ch; ++position; } } - position += strlen (position); + Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1); *position = '\"'; ++position; } + Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 2); *position = '>'; ++position; *position = '\0'; @@ -1135,11 +1140,11 @@ switch (ESIElement::IdentifyElement (el)) { case ESIElement::ESI_ELEMENT_NONE: - assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */ + Must(ellen < sizeof(localbuf) - 3); /* prevent unexpected overruns. */ /* Add elements we aren't interested in */ localbuf[0] = '<'; localbuf[1] = '/'; - assert (xstrncpy (&localbuf[2], el, sizeof(localbuf) - 3)); + xstrncpy(&localbuf[2], el, sizeof(localbuf) - 3); position = localbuf + strlen (localbuf); *position = '>'; ++position;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
