aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2012-12-07 09:04:56 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2012-12-07 09:04:56 +0000
commitbb68f414c363d434f63d836ea89ca949dcd2f3be (patch)
treeb42c76957a93a1b3e3b0011aa660ded37727c313
parent83db3c31e399abdaa03f971945d1df3c5530a50f (diff)
downloadaports-bb68f414c363d434f63d836ea89ca949dcd2f3be.tar.bz2
aports-bb68f414c363d434f63d836ea89ca949dcd2f3be.tar.xz
main/tinyproxy: security fix for CVE-2012-3505
fixes #1519
-rw-r--r--main/tinyproxy/APKBUILD11
-rw-r--r--main/tinyproxy/tinyproxy-1.6.5-limit_headers.patch42
2 files changed, 51 insertions, 2 deletions
diff --git a/main/tinyproxy/APKBUILD b/main/tinyproxy/APKBUILD
index 4e9cf93cc1..1362ad5c15 100644
--- a/main/tinyproxy/APKBUILD
+++ b/main/tinyproxy/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Michael Mason <ms13sp@gmail.com>
pkgname=tinyproxy
pkgver=1.6.5
-pkgrel=7
+pkgrel=8
pkgdesc="Lightweight HTTP proxy"
pkgusers="tinyproxy"
pkggroups="tinyproxy"
@@ -13,13 +13,19 @@ depends=
makedepends=wget
install="tinyproxy.pre-install tinyproxy.post-install"
subpackages="$pkgname-doc"
-source="https://www.banu.com/pub/$pkgname/1.6/$pkgname-$pkgver.tar.gz
+source="https://www.banu.com/pub/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.gz
+ tinyproxy-1.6.5-limit_headers.patch
tinyproxy.initd
"
_builddir="$srcdir/$pkgname-$pkgver"
build() {
cd "$_builddir"
+ for i in $source; do
+ case $i in
+ *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+ esac
+ done
# set default user to tinyproxy:tinyproxy and correct pidfile
sed -i -e 's:^User.*:User tinyproxy:' \
@@ -43,4 +49,5 @@ package() {
}
md5sums="2b2862ba33d2939e4572688d442ba415 tinyproxy-1.6.5.tar.gz
+da3585389c4fd4ba5fae89b0e8327ee4 tinyproxy-1.6.5-limit_headers.patch
ce2b2e3c79fa0e8491fe625bbb15710a tinyproxy.initd"
diff --git a/main/tinyproxy/tinyproxy-1.6.5-limit_headers.patch b/main/tinyproxy/tinyproxy-1.6.5-limit_headers.patch
new file mode 100644
index 0000000000..e1ca9a901a
--- /dev/null
+++ b/main/tinyproxy/tinyproxy-1.6.5-limit_headers.patch
@@ -0,0 +1,42 @@
+diff --git a/src/reqs.c b/src/reqs.c
+index bc77f8c..f33c450 100644
+--- a/src/reqs.c
++++ b/src/reqs.c
+@@ -864,6 +864,11 @@ add_header_to_connection(hashmap_t hashofheaders, char *header, size_t len)
+ return hashmap_insert(hashofheaders, header, sep, len);
+ }
+
++/* define max number of headers. big enough to handle legitimate cases,
++ * but limited to avoid DoS
++ */
++#define MAX_HEADERS 10000
++
+ /*
+ * Read all the headers from the stream
+ */
+@@ -873,11 +878,12 @@ get_all_headers(int fd, hashmap_t hashofheaders)
+ char *header;
+ ssize_t len;
+ unsigned int double_cgi = FALSE; /* boolean */
++ int count;
+
+ assert(fd >= 0);
+ assert(hashofheaders != NULL);
+
+- for (;;) {
++ for (count = 0; count < MAX_HEADERS; count++) {
+ if ((len = readline(fd, &header)) <= 0) {
+ safefree(header);
+ return -1;
+@@ -918,6 +924,11 @@ get_all_headers(int fd, hashmap_t hashofheaders)
+
+ safefree(header);
+ }
++
++ /* if we get there, this is we reached MAX_HEADERS count.
++ bail out with error */
++ safefree (header);
++ return -1;
+ }
+
+ /*