Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP5:GA
squid
SQUID-2023_11.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File SQUID-2023_11.patch of Package squid
commit 7e8eec79880cc207ba61b662eb8b93081101b62c Author: Alex Rousskov <rousskov@measurement-factory.com> Date: Sun Nov 12 09:33:20 2023 +0000 Do not update StoreEntry expiration after errorAppendEntry() (#1580) errorAppendEntry() is responsible for setting entry expiration times, which it does by calling StoreEntry::storeErrorResponse() that calls StoreEntry::negativeCache(). This change was triggered by a vulnerability report by Joshua Rogers at https://megamansec.github.io/Squid-Security-Audit/cache-uaf.html where it was filed as "Use-After-Free in Cache Manager Errors". The reported "use after free" vulnerability was unknowingly addressed by 2022 commit 1fa761a that removed excessively long "reentrant" store_client calls responsible for the disappearance of the properly locked StoreEntry in this (and probably other) contexts. diff --git a/src/cache_manager.cc b/src/cache_manager.cc index dbb99d9f0..9348fdc12 100644 --- a/src/cache_manager.cc +++ b/src/cache_manager.cc @@ -332,7 +332,6 @@ CacheManager::start(const Comm::ConnectionPointer &client, HttpRequest *request, err->url = xstrdup(entry->url()); err->detailError(new ExceptionErrorDetail(Here().id())); errorAppendEntry(entry, err); - entry->expires = squid_curtime; return; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor