summaryrefslogtreecommitdiffstats
path: root/main/tinyproxy
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2012-12-06 20:41:34 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2012-12-07 08:30:24 +0000
commitd7c55cd683734666163de29824806a7096e998b3 (patch)
treea7f3443d6943c1ad2b9d567ca3431dfa8817caca /main/tinyproxy
parent02ce8a55c740b8a702d035d196a65e4a03725db0 (diff)
downloadaports-d7c55cd683734666163de29824806a7096e998b3.tar.bz2
aports-d7c55cd683734666163de29824806a7096e998b3.tar.xz
main/tinyproxy: fix CVE-2012-3505
fixes #1515
Diffstat (limited to 'main/tinyproxy')
-rw-r--r--main/tinyproxy/APKBUILD9
-rw-r--r--main/tinyproxy/limit_headers.patch46
2 files changed, 54 insertions, 1 deletions
diff --git a/main/tinyproxy/APKBUILD b/main/tinyproxy/APKBUILD
index 28ec287fe..8c62f955e 100644
--- a/main/tinyproxy/APKBUILD
+++ b/main/tinyproxy/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Michael Mason <ms13sp@gmail.com>
pkgname=tinyproxy
pkgver=1.8.3
-pkgrel=1
+pkgrel=2
pkgdesc="Lightweight HTTP proxy"
pkgusers="tinyproxy"
pkggroups="tinyproxy"
@@ -14,12 +14,18 @@ makedepends="asciidoc"
install="tinyproxy.pre-install"
subpackages="$pkgname-doc"
source="https://www.banu.com/pub/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.bz2
+ limit_headers.patch
tinyproxy.initd
"
_builddir="$srcdir/$pkgname-$pkgver"
prepare() {
cd "$_builddir"
+ for i in $source; do
+ case $i in
+ *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+ esac
+ done
# set default user to tinyproxy:tinyproxy and correct pidfile
sed -i -e 's:^User.*:User tinyproxy:' \
@@ -47,4 +53,5 @@ package() {
}
md5sums="292ac51da8ad6ae883d4ebf56908400d tinyproxy-1.8.3.tar.bz2
+cf72d2503f6415079c4702853d467ea8 limit_headers.patch
ce2b2e3c79fa0e8491fe625bbb15710a tinyproxy.initd"
diff --git a/main/tinyproxy/limit_headers.patch b/main/tinyproxy/limit_headers.patch
new file mode 100644
index 000000000..1e3e7fb32
--- /dev/null
+++ b/main/tinyproxy/limit_headers.patch
@@ -0,0 +1,46 @@
+diff --git a/src/reqs.c b/src/reqs.c
+index 2e13f48..ce46bf3 100644
+--- a/src/reqs.c
++++ b/src/reqs.c
+@@ -641,6 +641,11 @@ add_header_to_connection (hashmap_t hashofheaders, char *header, size_t len)
+ return hashmap_insert (hashofheaders, header, sep, len);
+ }
+
++/* define max number of headers. big enough to handle legitimate cases,
++ * but limited to avoid DoS
++ */
++#define MAX_HEADERS 10000
++
+ /*
+ * Read all the headers from the stream
+ */
+@@ -648,6 +653,7 @@ static int get_all_headers (int fd, hashmap_t hashofheaders)
+ {
+ char *line = NULL;
+ char *header = NULL;
++ int count;
+ char *tmp;
+ ssize_t linelen;
+ ssize_t len = 0;
+@@ -656,7 +662,7 @@ static int get_all_headers (int fd, hashmap_t hashofheaders)
+ assert (fd >= 0);
+ assert (hashofheaders != NULL);
+
+- for (;;) {
++ for (count = 0; count < MAX_HEADERS; count++) {
+ if ((linelen = readline (fd, &line)) <= 0) {
+ safefree (header);
+ safefree (line);
+@@ -722,6 +728,12 @@ static int get_all_headers (int fd, hashmap_t hashofheaders)
+
+ safefree (line);
+ }
++
++ /* if we get there, this is we reached MAX_HEADERS count.
++ bail out with error */
++ safefree (header);
++ safefree (line);
++ return -1;
+ }
+
+ /*