main/squid/SQUID-2016_8.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

------------------------------------------------------------
revno: 13236
revision-id: squid3@treenet.co.nz-20160502034253-axee4hqa4wuhlpkg
parent: squid3@treenet.co.nz-20160420111514-4hpxglbn9k15l5sa
committer: Amos Jeffries <squid3@treenet.co.nz>
branch nick: 3.4
timestamp: Mon 2016-05-02 15:42:53 +1200
message:
  Require exact match in Host header name lookup
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20160502034253-axee4hqa4wuhlpkg
# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
# testament_sha1: c50f0048991f1b3e797b164cd0af166e3ea6763a
# timestamp: 2016-05-02 03:50:58 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
# base_revision_id: squid3@treenet.co.nz-20160420111514-\
#   4hpxglbn9k15l5sa
# 
# Begin patch
=== modified file 'src/mime_header.cc'
--- a/src/mime_header.cc	2012-08-29 12:36:10 +0000
+++ b/src/mime_header.cc	2016-05-02 03:42:53 +0000
@@ -62,9 +62,6 @@
         if (strcmp(p, "\r\n\r\n") == 0 || strcmp(p, "\n\n") == 0)
             return NULL;
 
-        while (xisspace(*p))
-            ++p;
-
         if (strncasecmp(p, name, namelen))
             continue;
 

------------------------------------------------------------
revno: 13239
revision-id: squid3@treenet.co.nz-20160508124218-6vhq4icj0fwu5aof
parent: squid3@treenet.co.nz-20160506094614-zyjq1i8ym2gcvwbu
fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4515
committer: Amos Jeffries <squid3@treenet.co.nz>
branch nick: 3.4
timestamp: Mon 2016-05-09 00:42:18 +1200
message:
  Bug 4515: regression after CVE-2016-4554 patch
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20160508124218-6vhq4icj0fwu5aof
# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
# testament_sha1: 41116e273d27c1353b02457a2a719251c1a4551c
# timestamp: 2016-05-08 12:50:09 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
# base_revision_id: squid3@treenet.co.nz-20160506094614-\
#   zyjq1i8ym2gcvwbu
# 
# Begin patch
=== modified file 'src/mime_header.cc'
--- a/src/mime_header.cc	2016-05-02 03:42:53 +0000
+++ b/src/mime_header.cc	2016-05-08 12:42:18 +0000
@@ -58,10 +58,13 @@
 
     debugs(25, 5, "mime_get_header: looking for '" << name << "'");
 
-    for (p = mime; *p; p += strcspn(p, "\n\r")) {
-        if (strcmp(p, "\r\n\r\n") == 0 || strcmp(p, "\n\n") == 0)
+    for (p = mime; *p; p += strcspn(p, "\n")) {
+        if (strcmp(p, "\n\r\n") == 0 || strcmp(p, "\n\n") == 0)
             return NULL;
 
+        if (*p == '\n')
+            ++p;
+
         if (strncasecmp(p, name, namelen))
             continue;