packages: squidGuard/squidGuard-long-urls-buffer-overflow.patch (NEW) - new...

adamg adamg at pld-linux.org
Tue Feb 16 20:24:26 CET 2010 

Author: adamg                        Date: Tue Feb 16 19:24:26 2010 GMT
Module: packages                      Tag: HEAD
---- Log message:
- new (based on http://www.squidguard.org/Downloads/Patches/1.4/squidGuard-1.4-patch-20091015.tar.gz)

---- Files affected:
packages/squidGuard:
   squidGuard-long-urls-buffer-overflow.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/squidGuard/squidGuard-long-urls-buffer-overflow.patch
diff -u /dev/null packages/squidGuard/squidGuard-long-urls-buffer-overflow.patch:1.1
--- /dev/null	Tue Feb 16 20:24:26 2010
+++ packages/squidGuard/squidGuard-long-urls-buffer-overflow.patch	Tue Feb 16 20:24:21 2010
@@ -0,0 +1,46 @@
+based on http://www.squidguard.org/Downloads/Patches/1.4/squidGuard-1.4-patch-20091015.tar.gz
+
+--- a/src/sgLog.c	2007-11-16 17:58:32.000000000 +0100
++++ b/src/sgLog.c	2009-10-15 21:25:14.000000000 +0200
+@@ -2,7 +2,7 @@
+   By accepting this notice, you agree to be bound by the following
+   agreements:
+   
+-  This software product, squidGuard, is copyrighted (C) 1998-2007
++  This software product, squidGuard, is copyrighted (C) 1998-2009
+   by Christine Kronberg, Shalla Secure Services. All rights reserved.
+  
+   This program is free software; you can redistribute it and/or modify it
+@@ -55,8 +55,8 @@
+   char msg[MAX_BUF];
+   va_list ap;
+   VA_START(ap, format);
+-  if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) 
+-    fprintf(stderr,"overflow in vsprintf (sgLog): %s",strerror(errno));
++  if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) 
++    fprintf(stderr,"overflow in vsnprintf (sgLog): %s",strerror(errno));
+   va_end(ap);
+   date = niso(0);
+   if(globalDebug || log == NULL) {
+@@ -87,8 +87,8 @@
+   char msg[MAX_BUF];
+   va_list ap;
+   VA_START(ap, format);
+-  if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) 
+-    sgLogFatalError("overflow in vsprintf (sgLogError): %s",strerror(errno));
++  if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) 
++    sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
+   va_end(ap);
+   sgLog(globalErrorLog,"%s",msg);
+ }
+@@ -104,8 +104,8 @@
+   char msg[MAX_BUF];
+   va_list ap;
+   VA_START(ap, format);
+-  if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) 
+-    return;
++  if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) 
++    sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
+   va_end(ap);
+   sgLog(globalErrorLog,"%s",msg);
+   sgEmergency();
================================================================

More information about the pld-cvs-commit mailing list