* [PATCH] squid 3.5.27: latest patch from upstream (2018_1))
@ 2018-01-20 17:50 Matthias Fischer
2018-01-21 19:06 ` Michael Tremer
0 siblings, 1 reply; 5+ messages in thread
From: Matthias Fischer @ 2018-01-20 17:50 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 3617 bytes --]
First patch after a long time, for details see:
http://www.squid-cache.org/Versions/v3/3.5/changesets/
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
lfs/squid | 5 ++--
src/patches/squid/SQUID-2018_1.patch | 28 ++++++++++++++++++++++
.../squid-3.5.27-fix-max-file-descriptors.patch | 0
3 files changed, 31 insertions(+), 2 deletions(-)
create mode 100644 src/patches/squid/SQUID-2018_1.patch
rename src/patches/{ => squid}/squid-3.5.27-fix-max-file-descriptors.patch (100%)
diff --git a/lfs/squid b/lfs/squid
index 08583d0b9..ae4d7ea44 100644
--- a/lfs/squid
+++ b/lfs/squid
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2017 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -70,7 +70,8 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.27-fix-max-file-descriptors.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squid/SQUID-2018_1.patch
+ cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
cd $(DIR_APP) && autoreconf -vfi
cd $(DIR_APP)/libltdl && autoreconf -vfi
diff --git a/src/patches/squid/SQUID-2018_1.patch b/src/patches/squid/SQUID-2018_1.patch
new file mode 100644
index 000000000..9392219a9
--- /dev/null
+++ b/src/patches/squid/SQUID-2018_1.patch
@@ -0,0 +1,28 @@
+commit eb2db98a676321b814fc4a51c4fb7928a8bb45d9 (refs/remotes/origin/v3.5)
+Author: Amos Jeffries <yadij(a)users.noreply.github.com>
+Date: 2018-01-19 13:54:14 +1300
+
+ ESI: make sure endofName never exceeds tagEnd (#130)
+
+diff --git a/src/esi/CustomParser.cc b/src/esi/CustomParser.cc
+index d86d2d3..db634d9 100644
+--- a/src/esi/CustomParser.cc
++++ b/src/esi/CustomParser.cc
+@@ -121,7 +121,7 @@ ESICustomParser::parse(char const *dataToParse, size_t const lengthOfData, bool
+
+ char * endofName = strpbrk(const_cast<char *>(tag), w_space);
+
+- if (endofName > tagEnd)
++ if (!endofName || endofName > tagEnd)
+ endofName = const_cast<char *>(tagEnd);
+
+ *endofName = '\0';
+@@ -214,7 +214,7 @@ ESICustomParser::parse(char const *dataToParse, size_t const lengthOfData, bool
+
+ char * endofName = strpbrk(const_cast<char *>(tag), w_space);
+
+- if (endofName > tagEnd)
++ if (!endofName || endofName > tagEnd)
+ endofName = const_cast<char *>(tagEnd);
+
+ *endofName = '\0';
diff --git a/src/patches/squid-3.5.27-fix-max-file-descriptors.patch b/src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
similarity index 100%
rename from src/patches/squid-3.5.27-fix-max-file-descriptors.patch
rename to src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
--
2.15.1
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] squid 3.5.27: latest patch from upstream (2018_1))
2018-01-20 17:50 [PATCH] squid 3.5.27: latest patch from upstream (2018_1)) Matthias Fischer
@ 2018-01-21 19:06 ` Michael Tremer
2018-01-21 20:37 ` Matthias Fischer
2018-01-22 10:21 ` Matthias Fischer
0 siblings, 2 replies; 5+ messages in thread
From: Michael Tremer @ 2018-01-21 19:06 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 3837 bytes --]
Do we even use ESI?
On Sat, 2018-01-20 at 18:50 +0100, Matthias Fischer wrote:
> First patch after a long time, for details see:
> http://www.squid-cache.org/Versions/v3/3.5/changesets/
>
> Best,
> Matthias
>
> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> ---
> lfs/squid | 5 ++--
> src/patches/squid/SQUID-2018_1.patch | 28 ++++++++++++++++++++++
> .../squid-3.5.27-fix-max-file-descriptors.patch | 0
> 3 files changed, 31 insertions(+), 2 deletions(-)
> create mode 100644 src/patches/squid/SQUID-2018_1.patch
> rename src/patches/{ => squid}/squid-3.5.27-fix-max-file-descriptors.patch (100%)
>
> diff --git a/lfs/squid b/lfs/squid
> index 08583d0b9..ae4d7ea44 100644
> --- a/lfs/squid
> +++ b/lfs/squid
> @@ -1,7 +1,7 @@
> ###############################################################################
> # #
> # IPFire.org - A linux based firewall #
> -# Copyright (C) 2007-2017 IPFire Team <info(a)ipfire.org> #
> +# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
> # #
> # This program is free software: you can redistribute it and/or modify #
> # it under the terms of the GNU General Public License as published by #
> @@ -70,7 +70,8 @@ $(subst %,%_MD5,$(objects)) :
> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> @$(PREBUILD)
> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE)
> - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.27-fix-max-file-descriptors.patch
> + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squid/SQUID-2018_1.patch
> + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
>
> cd $(DIR_APP) && autoreconf -vfi
> cd $(DIR_APP)/libltdl && autoreconf -vfi
> diff --git a/src/patches/squid/SQUID-2018_1.patch b/src/patches/squid/SQUID-2018_1.patch
> new file mode 100644
> index 000000000..9392219a9
> --- /dev/null
> +++ b/src/patches/squid/SQUID-2018_1.patch
> @@ -0,0 +1,28 @@
> +commit eb2db98a676321b814fc4a51c4fb7928a8bb45d9 (refs/remotes/origin/v3.5)
> +Author: Amos Jeffries <yadij(a)users.noreply.github.com>
> +Date: 2018-01-19 13:54:14 +1300
> +
> + ESI: make sure endofName never exceeds tagEnd (#130)
> +
> +diff --git a/src/esi/CustomParser.cc b/src/esi/CustomParser.cc
> +index d86d2d3..db634d9 100644
> +--- a/src/esi/CustomParser.cc
> ++++ b/src/esi/CustomParser.cc
> +@@ -121,7 +121,7 @@ ESICustomParser::parse(char const *dataToParse, size_t const lengthOfData, bool
> +
> + char * endofName = strpbrk(const_cast<char *>(tag), w_space);
> +
> +- if (endofName > tagEnd)
> ++ if (!endofName || endofName > tagEnd)
> + endofName = const_cast<char *>(tagEnd);
> +
> + *endofName = '\0';
> +@@ -214,7 +214,7 @@ ESICustomParser::parse(char const *dataToParse, size_t const lengthOfData, bool
> +
> + char * endofName = strpbrk(const_cast<char *>(tag), w_space);
> +
> +- if (endofName > tagEnd)
> ++ if (!endofName || endofName > tagEnd)
> + endofName = const_cast<char *>(tagEnd);
> +
> + *endofName = '\0';
> diff --git a/src/patches/squid-3.5.27-fix-max-file-descriptors.patch b/src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
> similarity index 100%
> rename from src/patches/squid-3.5.27-fix-max-file-descriptors.patch
> rename to src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] squid 3.5.27: latest patch from upstream (2018_1))
2018-01-21 19:06 ` Michael Tremer
@ 2018-01-21 20:37 ` Matthias Fischer
2018-01-22 10:21 ` Matthias Fischer
1 sibling, 0 replies; 5+ messages in thread
From: Matthias Fischer @ 2018-01-21 20:37 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 4108 bytes --]
Hi,
On 21.01.2018 20:06, Michael Tremer wrote:
> Do we even use ESI?
Sorry, I'm not sure, I added this to be complete.
If not, you can safely ignore this one, no problem for me.
Best,
Matthias
> On Sat, 2018-01-20 at 18:50 +0100, Matthias Fischer wrote:
>> First patch after a long time, for details see:
>> http://www.squid-cache.org/Versions/v3/3.5/changesets/
>>
>> Best,
>> Matthias
>>
>> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
>> ---
>> lfs/squid | 5 ++--
>> src/patches/squid/SQUID-2018_1.patch | 28 ++++++++++++++++++++++
>> .../squid-3.5.27-fix-max-file-descriptors.patch | 0
>> 3 files changed, 31 insertions(+), 2 deletions(-)
>> create mode 100644 src/patches/squid/SQUID-2018_1.patch
>> rename src/patches/{ => squid}/squid-3.5.27-fix-max-file-descriptors.patch (100%)
>>
>> diff --git a/lfs/squid b/lfs/squid
>> index 08583d0b9..ae4d7ea44 100644
>> --- a/lfs/squid
>> +++ b/lfs/squid
>> @@ -1,7 +1,7 @@
>> ###############################################################################
>> # #
>> # IPFire.org - A linux based firewall #
>> -# Copyright (C) 2007-2017 IPFire Team <info(a)ipfire.org> #
>> +# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
>> # #
>> # This program is free software: you can redistribute it and/or modify #
>> # it under the terms of the GNU General Public License as published by #
>> @@ -70,7 +70,8 @@ $(subst %,%_MD5,$(objects)) :
>> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>> @$(PREBUILD)
>> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE)
>> - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.27-fix-max-file-descriptors.patch
>> + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squid/SQUID-2018_1.patch
>> + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
>>
>> cd $(DIR_APP) && autoreconf -vfi
>> cd $(DIR_APP)/libltdl && autoreconf -vfi
>> diff --git a/src/patches/squid/SQUID-2018_1.patch b/src/patches/squid/SQUID-2018_1.patch
>> new file mode 100644
>> index 000000000..9392219a9
>> --- /dev/null
>> +++ b/src/patches/squid/SQUID-2018_1.patch
>> @@ -0,0 +1,28 @@
>> +commit eb2db98a676321b814fc4a51c4fb7928a8bb45d9 (refs/remotes/origin/v3.5)
>> +Author: Amos Jeffries <yadij(a)users.noreply.github.com>
>> +Date: 2018-01-19 13:54:14 +1300
>> +
>> + ESI: make sure endofName never exceeds tagEnd (#130)
>> +
>> +diff --git a/src/esi/CustomParser.cc b/src/esi/CustomParser.cc
>> +index d86d2d3..db634d9 100644
>> +--- a/src/esi/CustomParser.cc
>> ++++ b/src/esi/CustomParser.cc
>> +@@ -121,7 +121,7 @@ ESICustomParser::parse(char const *dataToParse, size_t const lengthOfData, bool
>> +
>> + char * endofName = strpbrk(const_cast<char *>(tag), w_space);
>> +
>> +- if (endofName > tagEnd)
>> ++ if (!endofName || endofName > tagEnd)
>> + endofName = const_cast<char *>(tagEnd);
>> +
>> + *endofName = '\0';
>> +@@ -214,7 +214,7 @@ ESICustomParser::parse(char const *dataToParse, size_t const lengthOfData, bool
>> +
>> + char * endofName = strpbrk(const_cast<char *>(tag), w_space);
>> +
>> +- if (endofName > tagEnd)
>> ++ if (!endofName || endofName > tagEnd)
>> + endofName = const_cast<char *>(tagEnd);
>> +
>> + *endofName = '\0';
>> diff --git a/src/patches/squid-3.5.27-fix-max-file-descriptors.patch b/src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
>> similarity index 100%
>> rename from src/patches/squid-3.5.27-fix-max-file-descriptors.patch
>> rename to src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] squid 3.5.27: latest patch from upstream (2018_1))
2018-01-21 19:06 ` Michael Tremer
2018-01-21 20:37 ` Matthias Fischer
@ 2018-01-22 10:21 ` Matthias Fischer
2018-01-22 13:29 ` Michael Tremer
1 sibling, 1 reply; 5+ messages in thread
From: Matthias Fischer @ 2018-01-22 10:21 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 6864 bytes --]
Hi,
On 21.01.2018 20:06, Michael Tremer wrote:
> Do we even use ESI?
Still don't know if we are affected by this. In the meantime I got two
more detailed annoncements concerning this.
This is the one I sent in for 3.5.27:
***SNIP***
__________________________________________________________________
Squid Proxy Cache Security Update Advisory SQUID-2018:1
__________________________________________________________________
Advisory ID: SQUID-2018:1
Date: Jan 19, 2018
Summary: Denial of Service issue
in ESI Response processing.
Affected versions: Squid 3.x -> 3.5.27
Squid 4.x -> 4.0.22
Fixed in version: Squid 4.0.23
__________________________________________________________________
http://www.squid-cache.org/Advisories/SQUID-2018_1.txt
__________________________________________________________________
Problem Description:
Due to incorrect pointer handling Squid is vulnerable to denial
of service attack when processing ESI responses.
_________________________________________________________________
Severity:
This problem allows a remote server delivering certain ESI
response syntax to trigger a denial of service for all clients
accessing the Squid service.
This problem is limited to the Squid custom ESI parser.
Squid built to use libxml2 or libexpat XML parsers do not have
this problem.
***SNAP***
The next one - also for 3.5.27 - came today, 'Devel' is running:
***SNIP***
__________________________________________________________________
Squid Proxy Cache Security Update Advisory SQUID-2018:2
__________________________________________________________________
Advisory ID: SQUID-2018:2
Date: Jan 19, 2018
Summary: Denial of Service issue
in HTTP Message processing.
Affected versions: Squid 3.x -> 3.5.27
Squid 4.x -> 4.0.22
Fixed in version: Squid 4.0.23
__________________________________________________________________
http://www.squid-cache.org/Advisories/SQUID-2018_2.txt
__________________________________________________________________
Problem Description:
Due to incorrect pointer handling Squid is vulnerable to denial
of service attack when processing ESI responses or downloading
intermediate CA certificates.
__________________________________________________________________
Severity:
This problem allows a remote client delivering certain HTTP
requests in conjunction with certain trusted server responses to
trigger a denial of service for all clients accessing the Squid
service.
...
***SNAP***
Besides, they are "planning to remove the Custom XML parser used for ESI
processing from the next Squid version" and have therefore launched a
survey (RFC). No statement as to when this will happen.
Best,
Matthias
> On Sat, 2018-01-20 at 18:50 +0100, Matthias Fischer wrote:
>> First patch after a long time, for details see:
>> http://www.squid-cache.org/Versions/v3/3.5/changesets/
>>
>> Best,
>> Matthias
>>
>> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
>> ---
>> lfs/squid | 5 ++--
>> src/patches/squid/SQUID-2018_1.patch | 28 ++++++++++++++++++++++
>> .../squid-3.5.27-fix-max-file-descriptors.patch | 0
>> 3 files changed, 31 insertions(+), 2 deletions(-)
>> create mode 100644 src/patches/squid/SQUID-2018_1.patch
>> rename src/patches/{ => squid}/squid-3.5.27-fix-max-file-descriptors.patch (100%)
>>
>> diff --git a/lfs/squid b/lfs/squid
>> index 08583d0b9..ae4d7ea44 100644
>> --- a/lfs/squid
>> +++ b/lfs/squid
>> @@ -1,7 +1,7 @@
>> ###############################################################################
>> # #
>> # IPFire.org - A linux based firewall #
>> -# Copyright (C) 2007-2017 IPFire Team <info(a)ipfire.org> #
>> +# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
>> # #
>> # This program is free software: you can redistribute it and/or modify #
>> # it under the terms of the GNU General Public License as published by #
>> @@ -70,7 +70,8 @@ $(subst %,%_MD5,$(objects)) :
>> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>> @$(PREBUILD)
>> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE)
>> - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.27-fix-max-file-descriptors.patch
>> + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squid/SQUID-2018_1.patch
>> + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
>>
>> cd $(DIR_APP) && autoreconf -vfi
>> cd $(DIR_APP)/libltdl && autoreconf -vfi
>> diff --git a/src/patches/squid/SQUID-2018_1.patch b/src/patches/squid/SQUID-2018_1.patch
>> new file mode 100644
>> index 000000000..9392219a9
>> --- /dev/null
>> +++ b/src/patches/squid/SQUID-2018_1.patch
>> @@ -0,0 +1,28 @@
>> +commit eb2db98a676321b814fc4a51c4fb7928a8bb45d9 (refs/remotes/origin/v3.5)
>> +Author: Amos Jeffries <yadij(a)users.noreply.github.com>
>> +Date: 2018-01-19 13:54:14 +1300
>> +
>> + ESI: make sure endofName never exceeds tagEnd (#130)
>> +
>> +diff --git a/src/esi/CustomParser.cc b/src/esi/CustomParser.cc
>> +index d86d2d3..db634d9 100644
>> +--- a/src/esi/CustomParser.cc
>> ++++ b/src/esi/CustomParser.cc
>> +@@ -121,7 +121,7 @@ ESICustomParser::parse(char const *dataToParse, size_t const lengthOfData, bool
>> +
>> + char * endofName = strpbrk(const_cast<char *>(tag), w_space);
>> +
>> +- if (endofName > tagEnd)
>> ++ if (!endofName || endofName > tagEnd)
>> + endofName = const_cast<char *>(tagEnd);
>> +
>> + *endofName = '\0';
>> +@@ -214,7 +214,7 @@ ESICustomParser::parse(char const *dataToParse, size_t const lengthOfData, bool
>> +
>> + char * endofName = strpbrk(const_cast<char *>(tag), w_space);
>> +
>> +- if (endofName > tagEnd)
>> ++ if (!endofName || endofName > tagEnd)
>> + endofName = const_cast<char *>(tagEnd);
>> +
>> + *endofName = '\0';
>> diff --git a/src/patches/squid-3.5.27-fix-max-file-descriptors.patch b/src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
>> similarity index 100%
>> rename from src/patches/squid-3.5.27-fix-max-file-descriptors.patch
>> rename to src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] squid 3.5.27: latest patch from upstream (2018_1))
2018-01-22 10:21 ` Matthias Fischer
@ 2018-01-22 13:29 ` Michael Tremer
0 siblings, 0 replies; 5+ messages in thread
From: Michael Tremer @ 2018-01-22 13:29 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 7544 bytes --]
Why in gods name do they use their own XML parser?
On Mon, 2018-01-22 at 11:21 +0100, Matthias Fischer wrote:
> Hi,
>
> On 21.01.2018 20:06, Michael Tremer wrote:
> > Do we even use ESI?
>
> Still don't know if we are affected by this. In the meantime I got two
> more detailed annoncements concerning this.
>
> This is the one I sent in for 3.5.27:
>
> ***SNIP***
> __________________________________________________________________
>
> Squid Proxy Cache Security Update Advisory SQUID-2018:1
> __________________________________________________________________
>
> Advisory ID: SQUID-2018:1
> Date: Jan 19, 2018
> Summary: Denial of Service issue
> in ESI Response processing.
> Affected versions: Squid 3.x -> 3.5.27
> Squid 4.x -> 4.0.22
> Fixed in version: Squid 4.0.23
> __________________________________________________________________
>
> http://www.squid-cache.org/Advisories/SQUID-2018_1.txt
> __________________________________________________________________
>
> Problem Description:
>
> Due to incorrect pointer handling Squid is vulnerable to denial
> of service attack when processing ESI responses.
>
> _________________________________________________________________
>
> Severity:
>
> This problem allows a remote server delivering certain ESI
> response syntax to trigger a denial of service for all clients
> accessing the Squid service.
>
> This problem is limited to the Squid custom ESI parser.
> Squid built to use libxml2 or libexpat XML parsers do not have
> this problem.
> ***SNAP***
>
> The next one - also for 3.5.27 - came today, 'Devel' is running:
>
> ***SNIP***
> __________________________________________________________________
>
> Squid Proxy Cache Security Update Advisory SQUID-2018:2
> __________________________________________________________________
>
> Advisory ID: SQUID-2018:2
> Date: Jan 19, 2018
> Summary: Denial of Service issue
> in HTTP Message processing.
> Affected versions: Squid 3.x -> 3.5.27
> Squid 4.x -> 4.0.22
> Fixed in version: Squid 4.0.23
> __________________________________________________________________
>
> http://www.squid-cache.org/Advisories/SQUID-2018_2.txt
> __________________________________________________________________
>
> Problem Description:
>
> Due to incorrect pointer handling Squid is vulnerable to denial
> of service attack when processing ESI responses or downloading
> intermediate CA certificates.
>
> __________________________________________________________________
>
> Severity:
>
> This problem allows a remote client delivering certain HTTP
> requests in conjunction with certain trusted server responses to
> trigger a denial of service for all clients accessing the Squid
> service.
> ...
> ***SNAP***
>
> Besides, they are "planning to remove the Custom XML parser used for ESI
> processing from the next Squid version" and have therefore launched a
> survey (RFC). No statement as to when this will happen.
>
> Best,
> Matthias
>
> > On Sat, 2018-01-20 at 18:50 +0100, Matthias Fischer wrote:
> > > First patch after a long time, for details see:
> > > http://www.squid-cache.org/Versions/v3/3.5/changesets/
> > >
> > > Best,
> > > Matthias
> > >
> > > Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> > > ---
> > > lfs/squid | 5 ++--
> > > src/patches/squid/SQUID-2018_1.patch | 28
> > > ++++++++++++++++++++++
> > > .../squid-3.5.27-fix-max-file-descriptors.patch | 0
> > > 3 files changed, 31 insertions(+), 2 deletions(-)
> > > create mode 100644 src/patches/squid/SQUID-2018_1.patch
> > > rename src/patches/{ => squid}/squid-3.5.27-fix-max-file-
> > > descriptors.patch (100%)
> > >
> > > diff --git a/lfs/squid b/lfs/squid
> > > index 08583d0b9..ae4d7ea44 100644
> > > --- a/lfs/squid
> > > +++ b/lfs/squid
> > > @@ -1,7 +1,7 @@
> > > #########################################################################
> > > ######
> > > #
> > > #
> > > # IPFire.org - A linux based
> > > firewall #
> > > -# Copyright (C) 2007-2017 IPFire Team <info(a)ipfire.org>
> > > #
> > > +# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org>
> > > #
> > > #
> > > #
> > > # This program is free software: you can redistribute it and/or
> > > modify #
> > > # it under the terms of the GNU General Public License as published
> > > by #
> > > @@ -70,7 +70,8 @@ $(subst %,%_MD5,$(objects)) :
> > > $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> > > @$(PREBUILD)
> > > @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf
> > > $(DIR_DL)/$(DL_FILE)
> > > - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-
> > > 3.5.27-fix-max-file-descriptors.patch
> > > + cd $(DIR_APP) && patch -Np1 -i
> > > $(DIR_SRC)/src/patches/squid/SQUID-2018_1.patch
> > > + cd $(DIR_APP) && patch -Np0 -i
> > > $(DIR_SRC)/src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
> > >
> > > cd $(DIR_APP) && autoreconf -vfi
> > > cd $(DIR_APP)/libltdl && autoreconf -vfi
> > > diff --git a/src/patches/squid/SQUID-2018_1.patch
> > > b/src/patches/squid/SQUID-2018_1.patch
> > > new file mode 100644
> > > index 000000000..9392219a9
> > > --- /dev/null
> > > +++ b/src/patches/squid/SQUID-2018_1.patch
> > > @@ -0,0 +1,28 @@
> > > +commit eb2db98a676321b814fc4a51c4fb7928a8bb45d9
> > > (refs/remotes/origin/v3.5)
> > > +Author: Amos Jeffries <yadij(a)users.noreply.github.com>
> > > +Date: 2018-01-19 13:54:14 +1300
> > > +
> > > + ESI: make sure endofName never exceeds tagEnd (#130)
> > > +
> > > +diff --git a/src/esi/CustomParser.cc b/src/esi/CustomParser.cc
> > > +index d86d2d3..db634d9 100644
> > > +--- a/src/esi/CustomParser.cc
> > > ++++ b/src/esi/CustomParser.cc
> > > +@@ -121,7 +121,7 @@ ESICustomParser::parse(char const *dataToParse,
> > > size_t const lengthOfData, bool
> > > +
> > > + char * endofName = strpbrk(const_cast<char *>(tag),
> > > w_space);
> > > +
> > > +- if (endofName > tagEnd)
> > > ++ if (!endofName || endofName > tagEnd)
> > > + endofName = const_cast<char *>(tagEnd);
> > > +
> > > + *endofName = '\0';
> > > +@@ -214,7 +214,7 @@ ESICustomParser::parse(char const *dataToParse,
> > > size_t const lengthOfData, bool
> > > +
> > > + char * endofName = strpbrk(const_cast<char *>(tag),
> > > w_space);
> > > +
> > > +- if (endofName > tagEnd)
> > > ++ if (!endofName || endofName > tagEnd)
> > > + endofName = const_cast<char *>(tagEnd);
> > > +
> > > + *endofName = '\0';
> > > diff --git a/src/patches/squid-3.5.27-fix-max-file-descriptors.patch
> > > b/src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
> > > similarity index 100%
> > > rename from src/patches/squid-3.5.27-fix-max-file-descriptors.patch
> > > rename to src/patches/squid/squid-3.5.27-fix-max-file-descriptors.patch
>
>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2018-01-22 13:29 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-01-20 17:50 [PATCH] squid 3.5.27: latest patch from upstream (2018_1)) Matthias Fischer
2018-01-21 19:06 ` Michael Tremer
2018-01-21 20:37 ` Matthias Fischer
2018-01-22 10:21 ` Matthias Fischer
2018-01-22 13:29 ` Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox