Fix buffer overflow, thanks to emerald <dirk at liji-und-dirk dot de> (#259272).

Package-Manager: portage-2.1.6.4/cvs/Linux 2.6.25-gentoo-r6 x86_64
author: Alin Năstac <mrness@gentoo.org> 2009-02-17 22:42:18 +0000
committer: Alin Năstac <mrness@gentoo.org> 2009-02-17 22:42:18 +0000
commit: f17a68bb5368576148224726409d2f71049ed532 (patch)
tree: d52e4692035975dde3db480c32af4f06772ce7f2 /net-proxy
parent: Automated update of use.local.desc (diff)
download: historical-f17a68bb5368576148224726409d2f71049ed532.tar.gz
historical-f17a68bb5368576148224726409d2f71049ed532.tar.bz2
historical-f17a68bb5368576148224726409d2f71049ed532.zip
4 files changed, 126 insertions, 5 deletions
diff --git a/net-proxy/squidguard/ChangeLog b/net-proxy/squidguard/ChangeLog
index f78ea2c906cd..9e9b6faa85aa 100644
--- a/net-proxy/squidguard/ChangeLog
+++ b/net-proxy/squidguard/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-proxy/squidguard
 # Copyright 2002-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-proxy/squidguard/ChangeLog,v 1.29 2009/01/10 13:24:08 mrness Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squidguard/ChangeLog,v 1.30 2009/02/17 22:42:17 mrness Exp $
+
+*squidguard-1.4-r1 (17 Feb 2009)
+
+  17 Feb 2009; Alin Năstac <mrness@gentoo.org>
+  +files/squidguard-1.4-vsnprintf.patch, +squidguard-1.4-r1.ebuild:
+  Fix buffer overflow, thanks to emerald <dirk at liji-und-dirk dot de>
+  (#259272).
 
 *squidguard-1.4 (10 Jan 2009)
 
diff --git a/net-proxy/squidguard/Manifest b/net-proxy/squidguard/Manifest
index 72a4c5a92532..9fbbd47b51ce 100644
--- a/net-proxy/squidguard/Manifest
+++ b/net-proxy/squidguard/Manifest
@@ -9,17 +9,19 @@ AUX squidguard-1.3-gentoo.patch 4238 RMD160 a24e51a3170dec1595348d8e3c5e611eca27
 AUX squidguard-1.3-nolog.patch 4902 RMD160 a4a4f6a147d06afa2f4d25b208c5c2ef1518c3f2 SHA1 b1ca4d1f747b87ef85a68c0222618e1e16b178b8 SHA256 cc6d96bf4c9fc4608519e834db3e6d69094723d385549df5bbd00b1e007b820f
 AUX squidguard-1.4-autoheader.patch 1782 RMD160 48279027a0b7daeb39ce5e0782f00edd9fcf6c4c SHA1 539ee1ca0e769af7519f925f7fc6231c33d39916 SHA256 4b49dfb34973fcfed40efc426657c8a5fd6513b239fc28bbd9dd94d04b19a476
 AUX squidguard-1.4-gentoo.patch 2492 RMD160 c38896fb9b99a5d178280d0add599b96e84501f3 SHA1 1c65168136321fb27b3c434ec392aeac6d619274 SHA256 01d0270a2f8d0b7f4dcce096b4eccb3d65c4397fbc9a0208d6b16b31ae3e855d
+AUX squidguard-1.4-vsnprintf.patch 1735 RMD160 d07f4dda6456c7435b8e7bbd56ab2ed97f916898 SHA1 9f3702d752315e00bf243c51d5061d57b8b0d52f SHA256 51ca8486f8c195493a34496993d5ac9c4cf7ce56fef41f0c0e8871f5852f2a0f
 DIST squidGuard-1.3-patch-20080714.tar.gz 10502 RMD160 493a6a868f34d0b066c943f1969cf1e39debe6e2 SHA1 4345b0da96ca3470e55a4fe4df66217acbcf63cc SHA256 77bc306482059e231e3a3c3ee0d906a4d6dd40942421e12679e2d38e03eeee74
 DIST squidGuard-1.3.tar.gz 1905252 RMD160 4a6a9b5cf36d9e1d0994b3ec410f741a7b7955d3 SHA1 4a1e359679f328cff5970e92e93cc94236ead6c7 SHA256 be3342be74dadbf5c27ce0396db675a989c4f919a19e5c8240ce72c6b3c361a4
 DIST squidGuard-1.4.tar.gz 1968492 RMD160 c44880ddbfd7d1ad63fcda1c6ed777f24feedbba SHA1 0508ccb7db5c656b9952eacbcff2c956c01677d3 SHA256 0711ce60b8e2bbba107b980fed446a88df35e1584b39f079c0cae54a172c5141
 EBUILD squidguard-1.3-r4.ebuild 2100 RMD160 8cd37e4a7a5b773f9f8c8ce0c787e5a2b3fefeab SHA1 4264a68b07506d814338b629c199816323241f24 SHA256 14fbde253c088b6fdf2ff3dcd9e6d7f3389ce9b0da103f516fdfc325479ee699
+EBUILD squidguard-1.4-r1.ebuild 1785 RMD160 a714ce746f9a430632351ceb6fd090072ae6aa96 SHA1 4c947764d6d24ceec7d1de6e5a2926d1af9c7913 SHA256 798aa0f4627827810f37223983f75420278edaba202de11023dd8fd81c1dec8c
 EBUILD squidguard-1.4.ebuild 1739 RMD160 bf445dd342bbbb73cfdaea159079fb81fceed836 SHA1 87416607bd8c638f493449f4c87564b24e1f5398 SHA256 9f7df82663c7b296522a18d910471c2c91983e8457769f59542b5c90c3b1ceb3
-MISC ChangeLog 7218 RMD160 8d378fd0f0afcbb860d0e5dc9d721f094732cf12 SHA1 5fd8bb9fa24e847ee8a1575b595a01c808ab02a3 SHA256 f27290d426d50db7685c28303ee7b9f3dd6534e6c6191dfb922fd63f013f57a7
+MISC ChangeLog 7454 RMD160 ac35f59e4d26b22a015591ff962b748d5df2cacf SHA1 200ed3cf075163145f2f30ef53cd0defca5faa3c SHA256 3089073b21ccb172355faa0f007b6f9c8ace47ae02d2bf46736077973d3b2698
 MISC metadata.xml 264 RMD160 8daa5ffa55f6c07663817efed222d64000e6ddb9 SHA1 d2fece889cd4f6e8b3b1242a7e6e4ae6eb064afa SHA256 f8d4693b4abf0f53f7c5372bef0d946217d4a2dbb7d2a81e6ca4a6c59413c057
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.9 (GNU/Linux)
 
-iEYEARECAAYFAklooYkACgkQts85UDFmaOW6PwCeOGenheYQgJwQRW9N0NFxgTuc
-vaEAn2tZP2hs9Q85L5XepMS0m2MqL/lY
-=GiJp
+iEYEARECAAYFAkmbPVgACgkQts85UDFmaOXr/wCfdHC76FLXW3NF9z8fT/Jx9ces
+eo0An0hCtAlbCpqesFELkoRXsKwsapvE
+=I77I
 -----END PGP SIGNATURE-----
diff --git a/net-proxy/squidguard/files/squidguard-1.4-vsnprintf.patch b/net-proxy/squidguard/files/squidguard-1.4-vsnprintf.patch
new file mode 100644
index 000000000000..971d136fc988
--- /dev/null
+++ b/net-proxy/squidguard/files/squidguard-1.4-vsnprintf.patch
@@ -0,0 +1,42 @@
+diff -Nru squidGuard-1.4.orig/configure.in squidGuard-1.4/configure.in
+--- squidGuard-1.4.orig/configure.in	2009-02-17 22:35:28.000000000 +0000
++++ squidGuard-1.4/configure.in	2009-02-17 22:36:27.000000000 +0000
+@@ -421,7 +421,7 @@
+ AC_CHECK_FUNCS(regexec, , AC_MSG_ERROR([No regexec library function.]))
+ AC_CHECK_FUNCS(strdup, , AC_MSG_ERROR([No strdup library function.]))
+ AC_CHECK_FUNCS(strerror, , AC_MSG_ERROR([No strerror library function.]))
+-AC_CHECK_FUNCS(vsprintf, , AC_MSG_ERROR([No vsprintf library function.]))
++AC_CHECK_FUNCS(vsnprintf, , AC_MSG_ERROR([No vsnprintf library function.]))
+ AC_CHECK_FUNCS(sigaction)
+ AC_CHECK_FUNCS(signal)
+ 
+diff -Nru squidGuard-1.4.orig/src/sgLog.c squidGuard-1.4/src/sgLog.c
+--- squidGuard-1.4.orig/src/sgLog.c	2007-11-16 16:58:32.000000000 +0000
++++ squidGuard-1.4/src/sgLog.c	2009-02-17 22:37:04.000000000 +0000
+@@ -55,7 +55,7 @@
+   char msg[MAX_BUF];
+   va_list ap;
+   VA_START(ap, format);
+-  if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) 
++  if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) 
+     fprintf(stderr,"overflow in vsprintf (sgLog): %s",strerror(errno));
+   va_end(ap);
+   date = niso(0);
+@@ -87,7 +87,7 @@
+   char msg[MAX_BUF];
+   va_list ap;
+   VA_START(ap, format);
+-  if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) 
++  if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) 
+     sgLogFatalError("overflow in vsprintf (sgLogError): %s",strerror(errno));
+   va_end(ap);
+   sgLog(globalErrorLog,"%s",msg);
+@@ -104,7 +104,7 @@
+   char msg[MAX_BUF];
+   va_list ap;
+   VA_START(ap, format);
+-  if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) 
++  if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) 
+     return;
+   va_end(ap);
+   sgLog(globalErrorLog,"%s",msg);
diff --git a/net-proxy/squidguard/squidguard-1.4-r1.ebuild b/net-proxy/squidguard/squidguard-1.4-r1.ebuild
new file mode 100644
index 000000000000..54318c9a193f
--- /dev/null
+++ b/net-proxy/squidguard/squidguard-1.4-r1.ebuild
@@ -0,0 +1,70 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squidguard/squidguard-1.4-r1.ebuild,v 1.1 2009/02/17 22:42:17 mrness Exp $
+
+WANT_AUTOMAKE=none
+
+inherit eutils autotools
+
+DESCRIPTION="Combined filter, redirector and access controller plugin for Squid."
+HOMEPAGE="http://www.squidguard.org"
+SRC_URI="http://www.squidguard.org/Downloads/squidGuard-${PV}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~ppc64 ~x86"
+IUSE="ldap"
+
+RDEPEND=">=sys-libs/db-2
+	ldap? ( net-nds/openldap )"
+DEPEND="${RDEPEND}
+	sys-devel/bison
+	sys-devel/flex"
+
+S="${WORKDIR}/squidGuard-${PV}"
+
+src_unpack() {
+	unpack ${A}
+
+	cd "${S}"
+	epatch "${FILESDIR}/${P}-gentoo.patch"
+	epatch "${FILESDIR}/${P}-autoheader.patch"
+	epatch "${FILESDIR}/${P}-vsnprintf.patch"
+	eautoreconf
+}
+
+src_compile() {
+	econf \
+		$(use_with ldap) \
+		--with-sg-config=/etc/squidGuard/squidGuard.conf \
+		--with-sg-logdir=/var/log/squidGuard \
+		|| die "configure has failed"
+
+	emake || die "make has failed"
+}
+
+src_install() {
+	emake prefix="/usr" INSTDIR="${D}" install || die "emake install has failed"
+
+	keepdir /var/log/squidGuard
+	fowners squid:squid /var/log/squidGuard
+
+	insinto /etc/squidGuard/sample
+	doins "${FILESDIR}"/squidGuard.conf.*
+	insinto /etc/squidGuard/sample/db
+	doins "${FILESDIR}"/blockedsites
+
+	dodoc ANNOUNCE CHANGELOG README
+	dohtml doc/*.html
+	docinto text
+	dodoc doc/*.txt
+}
+
+pkg_postinst() {
+	einfo "To enable squidGuard, add the following lines to /etc/squid/squid.conf:"
+	einfo "    url_rewrite_program /usr/bin/squidGuard"
+	einfo "    url_rewrite_children 10"
+	einfo ""
+	einfo "Remember to edit /etc/squidGuard/squidGuard.conf first!"
+	einfo "Examples can be found in /etc/squidGuard/sample/"
+}
author	Alin Năstac <mrness@gentoo.org>	2009-02-17 22:42:18 +0000
committer	Alin Năstac <mrness@gentoo.org>	2009-02-17 22:42:18 +0000
commit	f17a68bb5368576148224726409d2f71049ed532 (patch)
tree	d52e4692035975dde3db480c32af4f06772ce7f2 /net-proxy
parent	Automated update of use.local.desc (diff)
download	historical-f17a68bb5368576148224726409d2f71049ed532.tar.gz historical-f17a68bb5368576148224726409d2f71049ed532.tar.bz2 historical-f17a68bb5368576148224726409d2f71049ed532.zip