squid13233-3.4-13233.patch: cachemgr.cgi: use dynamic MemBuf for internal content generation
squid-3.4-13234.patch: nullptr is a C++11 feature
squid-3.4-13235.patch: Fix several ESI element construction issues
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org --- lfs/squid | 3 + src/patches/squid-3.4-13233.patch | 274 ++++++++++++++++++++++++++++++++++++++ src/patches/squid-3.4-13234.patch | 33 +++++ src/patches/squid-3.4-13235.patch | 97 ++++++++++++++ 4 files changed, 407 insertions(+) create mode 100644 src/patches/squid-3.4-13233.patch create mode 100644 src/patches/squid-3.4-13234.patch create mode 100644 src/patches/squid-3.4-13235.patch
diff --git a/lfs/squid b/lfs/squid index 7e41c16..80e6cac 100644 --- a/lfs/squid +++ b/lfs/squid @@ -75,6 +75,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13230.patch cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13231.patch cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13232.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13233.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13234.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13235.patch cd $(DIR_APP) && autoreconf -vfi cd $(DIR_APP)/libltdl && autoreconf -vfi
diff --git a/src/patches/squid-3.4-13233.patch b/src/patches/squid-3.4-13233.patch new file mode 100644 index 0000000..d657838 --- /dev/null +++ b/src/patches/squid-3.4-13233.patch @@ -0,0 +1,274 @@ +------------------------------------------------------------ +revno: 13233 +revision-id: squid3@treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11 +parent: squid3@treenet.co.nz-20160330141410-t6p2dhzr8ri36fap +committer: Amos Jeffries squid3@treenet.co.nz +branch nick: 3.4 +timestamp: Wed 2016-04-20 18:39:07 +1200 +message: + cachemgr.cgi: use dynamic MemBuf for internal content generation + + Using a fixed size buffer limits how big content lines can be. Modern + HTTP is fast reaching the point where such limits are problematic. + Also fixes incorrect uses of snprintf() by removing them. +------------------------------------------------------------ +# Bazaar merge directive format 2 (Bazaar 0.90) +# revision_id: squid3@treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11 +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 +# testament_sha1: 161e86814f6f14d74557a3fa169b37b6601c08a1 +# timestamp: 2016-04-20 06:50:57 +0000 +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 +# base_revision_id: squid3@treenet.co.nz-20160330141410-\ +# t6p2dhzr8ri36fap +# +# Begin patch +=== modified file 'src/tests/stub_cbdata.cc' +--- src/tests/stub_cbdata.cc 2012-11-01 10:31:28 +0000 ++++ src/tests/stub_cbdata.cc 2016-04-20 06:39:07 +0000 +@@ -5,7 +5,13 @@ + #include "tests/STUB.h" + + void cbdataRegisterWithCacheManager(void) STUB +- ++void *cbdataInternalAlloc(cbdata_type type, const char *, int sz) { ++ return xcalloc(1, sz); ++} ++void *cbdataInternalFree(void *p, const char *, int) { ++ xfree(p); ++ return nullptr; ++} + #if USE_CBDATA_DEBUG + void *cbdataInternalAllocDbg(cbdata_type type, const char *, int) STUB_RETVAL(NULL) + void *cbdataInternalFreeDbg(void *p, const char *, int) STUB_RETVAL(NULL) + +=== modified file 'src/tests/stub_mem.cc' +--- src/tests/stub_mem.cc 2012-08-29 07:29:35 +0000 ++++ src/tests/stub_mem.cc 2016-04-20 06:39:07 +0000 +@@ -5,7 +5,7 @@ + #include "squid.h" + + #define STUB_API "stub_mem.cc" +-#include "STUB.h" ++#include "tests/STUB.h" + #include "Mem.h" + + void + +=== modified file 'tools/Makefile.am' +--- tools/Makefile.am 2014-04-06 04:37:08 +0000 ++++ tools/Makefile.am 2016-04-20 06:39:07 +0000 +@@ -35,15 +35,24 @@ + stub_debug.cc: $(top_srcdir)/src/tests/stub_debug.cc + cp $(top_srcdir)/src/tests/stub_debug.cc . + ++MemBuf.cc: $(top_srcdir)/src/MemBuf.cc ++ cp $(top_srcdir)/src/MemBuf.cc $@ ++ + time.cc: $(top_srcdir)/src/time.cc + cp $(top_srcdir)/src/time.cc . + ++stub_cbdata.cc: $(top_srcdir)/src/tests/stub_cbdata.cc ++ cp $(top_srcdir)/src/tests/stub_cbdata.cc $@ ++ ++stub_mem.cc: $(top_srcdir)/src/tests/stub_mem.cc ++ cp $(top_srcdir)/src/tests/stub_mem.cc $@ ++ + # stock tools for unit tests - library independent versions of dlink_list + # etc. + # globals.cc is needed by test_tools.cc. + # Neither of these should be disted from here. + TESTSOURCES= test_tools.cc +-CLEANFILES += test_tools.cc stub_debug.cc time.cc ++CLEANFILES += test_tools.cc MemBuf.cc stub_debug.cc time.cc stub_cbdata.cc stub_mem.cc + + ## ##### helper-mux ##### + +@@ -74,7 +83,10 @@ + libexec_PROGRAMS = cachemgr$(CGIEXT) + + cachemgr__CGIEXT__SOURCES = cachemgr.cc \ ++ MemBuf.cc \ ++ stub_cbdata.cc \ + stub_debug.cc \ ++ stub_mem.cc \ + test_tools.cc \ + time.cc + + +=== modified file 'tools/cachemgr.cc' +--- tools/cachemgr.cc 2015-01-09 10:32:57 +0000 ++++ tools/cachemgr.cc 2016-04-20 06:39:07 +0000 +@@ -35,6 +35,7 @@ + #include "getfullhostname.h" + #include "html_quote.h" + #include "ip/Address.h" ++#include "MemBuf.h" + #include "rfc1123.h" + #include "rfc1738.h" + #include "util.h" +@@ -460,8 +461,8 @@ + return url; + } + +-static const char * +-munge_menu_line(const char *buf, cachemgr_request * req) ++static void ++munge_menu_line(MemBuf &out, const char *buf, cachemgr_request * req) + { + char *x; + const char *a; +@@ -469,15 +470,14 @@ + const char *p; + char *a_url; + char *buf_copy; +- static char html[2 * 1024]; +- +- if (strlen(buf) < 1) +- return buf; +- +- if (*buf != ' ') +- return buf; +- +- buf_copy = x = xstrdup(buf); ++ ++ const char bufLen = strlen(buf); ++ if (bufLen < 1 || *buf != ' ') { ++ out.append(buf, bufLen); ++ return; ++ } ++ ++ buf_copy = x = xstrndup(buf, bufLen); + + a = xstrtok(&x, '\t'); + +@@ -489,59 +489,56 @@ + + /* no reason to give a url for a disabled action */ + if (!strcmp(p, "disabled")) +- snprintf(html, sizeof(html), "<LI type="circle">%s (disabled)<A HREF="%s">.</A>\n", d, a_url); ++ out.Printf("<LI type="circle">%s (disabled)<A HREF="%s">.</A>\n", d, a_url); + else + /* disable a hidden action (requires a password, but password is not in squid.conf) */ + if (!strcmp(p, "hidden")) +- snprintf(html, sizeof(html), "<LI type="circle">%s (hidden)<A HREF="%s">.</A>\n", d, a_url); ++ out.Printf("<LI type="circle">%s (hidden)<A HREF="%s">.</A>\n", d, a_url); + else + /* disable link if authentication is required and we have no password */ + if (!strcmp(p, "protected") && !req->passwd) +- snprintf(html, sizeof(html), "<LI type="circle">%s (requires <a href="%s">authentication</a>)<A HREF="%s">.</A>\n", +- d, menu_url(req, "authenticate"), a_url); ++ out.Printf("<LI type="circle">%s (requires <a href="%s">authentication</a>)<A HREF="%s">.</A>\n", ++ d, menu_url(req, "authenticate"), a_url); + else + /* highlight protected but probably available entries */ + if (!strcmp(p, "protected")) +- snprintf(html, sizeof(html), "<LI type="square"><A HREF="%s"><font color="#FF0000">%s</font></A>\n", +- a_url, d); ++ out.Printf("<LI type="square"><A HREF="%s"><font color="#FF0000">%s</font></A>\n", ++ a_url, d); + + /* public entry or unknown type of protection */ + else +- snprintf(html, sizeof(html), "<LI type="disk"><A HREF="%s">%s</A>\n", a_url, d); ++ out.Printf("<LI type="disk"><A HREF="%s">%s</A>\n", a_url, d); + + xfree(a_url); + + xfree(buf_copy); +- +- return html; + } + +-static const char * +-munge_other_line(const char *buf, cachemgr_request * req) ++static void ++munge_other_line(MemBuf &out, const char *buf, cachemgr_request *) + { + static const char *ttags[] = {"td", "th"}; + +- static char html[4096]; + static int table_line_num = 0; + static int next_is_header = 0; + int is_header = 0; + const char *ttag; + char *buf_copy; + char *x, *p; +- int l = 0; + /* does it look like a table? */ + + if (!strchr(buf, '\t') || *buf == '\t') { + /* nope, just text */ +- snprintf(html, sizeof(html), "%s%s", +- table_line_num ? "</table>\n<pre>" : "", html_quote(buf)); ++ if (table_line_num) ++ out.append("</table>\n<pre>", 14); ++ out.Printf("%s", html_quote(buf)); + table_line_num = 0; +- return html; ++ return; + } + + /* start html table */ + if (!table_line_num) { +- l += snprintf(html + l, sizeof(html) - l, "</pre><table cellpadding="2" cellspacing="1">\n"); ++ out.append("</pre><table cellpadding="2" cellspacing="1">\n", 46); + next_is_header = 0; + } + +@@ -551,7 +548,7 @@ + ttag = ttags[is_header]; + + /* record starts */ +- l += snprintf(html + l, sizeof(html) - l, "<tr>"); ++ out.append("<tr>", 4); + + /* substitute '\t' */ + buf_copy = x = xstrdup(buf); +@@ -568,18 +565,17 @@ + ++x; + } + +- l += snprintf(html + l, sizeof(html) - l, "<%s colspan="%d" align="%s">%s</%s>", +- ttag, column_span, +- is_header ? "center" : is_number(cell) ? "right" : "left", +- html_quote(cell), ttag); ++ out.Printf("<%s colspan="%d" align="%s">%s</%s>", ++ ttag, column_span, ++ is_header ? "center" : is_number(cell) ? "right" : "left", ++ html_quote(cell), ttag); + } + + xfree(buf_copy); + /* record ends */ +- snprintf(html + l, sizeof(html) - l, "</tr>\n"); ++ out.append("</tr>\n", 6); + next_is_header = is_header && strstr(buf, "\t\t"); + ++table_line_num; +- return html; + } + + static const char * +@@ -736,14 +732,18 @@ + /* yes, fall through, we do not want to loose the first line */ + + case isBody: ++ { + /* interpret [and reformat] cache response */ +- ++ MemBuf out; ++ out.init(); + if (parse_menu) +- fputs(munge_menu_line(buf, req), stdout); ++ munge_menu_line(out, buf, req); + else +- fputs(munge_other_line(buf, req), stdout); ++ munge_other_line(out, buf, req); + +- break; ++ fputs(out.buf, stdout); ++ } ++ break; + + case isForward: + /* forward: no modifications allowed */ + diff --git a/src/patches/squid-3.4-13234.patch b/src/patches/squid-3.4-13234.patch new file mode 100644 index 0000000..6f701fa --- /dev/null +++ b/src/patches/squid-3.4-13234.patch @@ -0,0 +1,33 @@ +------------------------------------------------------------ +revno: 13234 +revision-id: squid3@treenet.co.nz-20160420101437-36eofkldxfku61kj +parent: squid3@treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11 +committer: Amos Jeffries squid3@treenet.co.nz +branch nick: 3.4 +timestamp: Wed 2016-04-20 22:14:37 +1200 +message: + nullptr is a C++11 feature +------------------------------------------------------------ +# Bazaar merge directive format 2 (Bazaar 0.90) +# revision_id: squid3@treenet.co.nz-20160420101437-36eofkldxfku61kj +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 +# testament_sha1: 0f9f2a5b29a7ef02befe2a4e2e6357ef4bcffbce +# timestamp: 2016-04-20 10:51:03 +0000 +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 +# base_revision_id: squid3@treenet.co.nz-20160420063907-\ +# hcnf4qmcg5hbjc11 +# +# Begin patch +=== modified file 'src/tests/stub_cbdata.cc' +--- src/tests/stub_cbdata.cc 2016-04-20 06:39:07 +0000 ++++ src/tests/stub_cbdata.cc 2016-04-20 10:14:37 +0000 +@@ -10,7 +10,7 @@ + } + void *cbdataInternalFree(void *p, const char *, int) { + xfree(p); +- return nullptr; ++ return NULL; + } + #if USE_CBDATA_DEBUG + void *cbdataInternalAllocDbg(cbdata_type type, const char *, int) STUB_RETVAL(NULL) + diff --git a/src/patches/squid-3.4-13235.patch b/src/patches/squid-3.4-13235.patch new file mode 100644 index 0000000..e380225 --- /dev/null +++ b/src/patches/squid-3.4-13235.patch @@ -0,0 +1,97 @@ +------------------------------------------------------------ +revno: 13235 +revision-id: squid3@treenet.co.nz-20160420111514-4hpxglbn9k15l5sa +parent: squid3@treenet.co.nz-20160420101437-36eofkldxfku61kj +committer: Amos Jeffries squid3@treenet.co.nz +branch nick: 3.4 +timestamp: Wed 2016-04-20 23:15:14 +1200 +message: + Fix several ESI element construction issues + + * Do not wrap active logic in assert(). + + * Fix localbuf array bounds checking. + + * Add Must() conditions to verify array writes will succeed +------------------------------------------------------------ +# Bazaar merge directive format 2 (Bazaar 0.90) +# revision_id: squid3@treenet.co.nz-20160420111514-4hpxglbn9k15l5sa +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 +# testament_sha1: e95687b13c98667ab09966e7f94d511ca3e6ad96 +# timestamp: 2016-04-20 11:18:22 +0000 +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 +# base_revision_id: squid3@treenet.co.nz-20160420101437-\ +# 36eofkldxfku61kj +# +# Begin patch +=== modified file 'src/esi/Esi.cc' +--- src/esi/Esi.cc 2013-06-27 15:58:46 +0000 ++++ src/esi/Esi.cc 2016-04-20 11:15:14 +0000 +@@ -991,7 +991,7 @@ + ESIElement::Pointer element; + int specifiedattcount = attrCount * 2; + char *position; +- assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */ ++ Must(ellen < sizeof(localbuf)); /* prevent unexpected overruns. */ + + debugs(86, 5, "ESIContext::Start: element '" << el << "' with " << specifiedattcount << " tags"); + +@@ -1005,15 +1005,17 @@ + /* Spit out elements we aren't interested in */ + localbuf[0] = '<'; + localbuf[1] = '\0'; +- assert (xstrncpy (&localbuf[1], el, sizeof(localbuf) - 2)); ++ xstrncpy(&localbuf[1], el, sizeof(localbuf) - 2); + position = localbuf + strlen (localbuf); + + for (i = 0; i < specifiedattcount && attr[i]; i += 2) { ++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1); + *position = ' '; + ++position; + /* TODO: handle thisNode gracefully */ +- assert (xstrncpy (position, attr[i], sizeof(localbuf) + (position - localbuf))); ++ xstrncpy(position, attr[i], sizeof(localbuf) - (position - localbuf)); + position += strlen (position); ++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 2); + *position = '='; + ++position; + *position = '"'; +@@ -1022,18 +1024,21 @@ + char ch; + while ((ch = *chPtr++) != '\0') { + if (ch == '"') { +- assert( xstrncpy(position, """, sizeof(localbuf) + (position-localbuf)) ); ++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 6); ++ xstrncpy(position, """, sizeof(localbuf) - (position-localbuf)); + position += 6; + } else { ++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1); + *position = ch; + ++position; + } + } +- position += strlen (position); ++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1); + *position = '"'; + ++position; + } + ++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 2); + *position = '>'; + ++position; + *position = '\0'; +@@ -1119,11 +1124,11 @@ + switch (ESIElement::IdentifyElement (el)) { + + case ESIElement::ESI_ELEMENT_NONE: +- assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */ ++ Must(ellen < sizeof(localbuf) - 3); /* prevent unexpected overruns. */ + /* Add elements we aren't interested in */ + localbuf[0] = '<'; + localbuf[1] = '/'; +- assert (xstrncpy (&localbuf[2], el, sizeof(localbuf) - 3)); ++ xstrncpy(&localbuf[2], el, sizeof(localbuf) - 3); + position = localbuf + strlen (localbuf); + *position = '>'; + ++position; +