current/SOURCES/squidGuard-1.4-CVE-2009-3700.diff


 http://www.squidguard.org/Downloads/Patches/1.4/squidGuard-1.4-patch-20091015.tar.gz

--- src/sgLog.c 2007-11-16 17:58:32.000000000 +0100
+++ src/sgLog.c.oden    2009-10-15 21:25:14.000000000 +0200
@@ -2,7 +2,7 @@
   By accepting this notice, you agree to be bound by the following
   agreements:
   
-  This software product, squidGuard, is copyrighted (C) 1998-2007
+  This software product, squidGuard, is copyrighted (C) 1998-2009
   by Christine Kronberg, Shalla Secure Services. All rights reserved.
  
   This program is free software; you can redistribute it and/or modify it
@@ -55,8 +55,8 @@ void sgLog(log, format, va_alist)
   char msg[MAX_BUF];
   va_list ap;
   VA_START(ap, format);
-  if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) 
-    fprintf(stderr,"overflow in vsprintf (sgLog): %s",strerror(errno));
+  if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) 
+    fprintf(stderr,"overflow in vsnprintf (sgLog): %s",strerror(errno));
   va_end(ap);
   date = niso(0);
   if(globalDebug || log == NULL) {
@@ -87,8 +87,8 @@ void sgLogError(format, va_alist)
   char msg[MAX_BUF];
   va_list ap;
   VA_START(ap, format);
-  if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) 
-    sgLogFatalError("overflow in vsprintf (sgLogError): %s",strerror(errno));
+  if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) 
+    sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
   va_end(ap);
   sgLog(globalErrorLog,"%s",msg);
 }
@@ -104,8 +104,8 @@ void sgLogFatalError(format, va_alist)
   char msg[MAX_BUF];
   va_list ap;
   VA_START(ap, format);
-  if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) 
-    return;
+  if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) 
+    sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
   va_end(ap);
   sgLog(globalErrorLog,"%s",msg);
   sgEmergency();
1
2	http://www.squidguard.org/Downloads/Patches/1.4/squidGuard-1.4-patch-20091015.tar.gz
3
4	--- src/sgLog.c 2007-11-16 17:58:32.000000000 +0100
5	+++ src/sgLog.c.oden 2009-10-15 21:25:14.000000000 +0200
6	@@ -2,7 +2,7 @@
7	By accepting this notice, you agree to be bound by the following
8	agreements:
9
10	- This software product, squidGuard, is copyrighted (C) 1998-2007
11	+ This software product, squidGuard, is copyrighted (C) 1998-2009
12	by Christine Kronberg, Shalla Secure Services. All rights reserved.
13
14	This program is free software; you can redistribute it and/or modify it
15	@@ -55,8 +55,8 @@ void sgLog(log, format, va_alist)
16	char msg[MAX_BUF];
17	va_list ap;
18	VA_START(ap, format);
19	- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
20	- fprintf(stderr,"overflow in vsprintf (sgLog): %s",strerror(errno));
21	+ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
22	+ fprintf(stderr,"overflow in vsnprintf (sgLog): %s",strerror(errno));
23	va_end(ap);
24	date = niso(0);
25	if(globalDebug \|\| log == NULL) {
26	@@ -87,8 +87,8 @@ void sgLogError(format, va_alist)
27	char msg[MAX_BUF];
28	va_list ap;
29	VA_START(ap, format);
30	- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
31	- sgLogFatalError("overflow in vsprintf (sgLogError): %s",strerror(errno));
32	+ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
33	+ sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
34	va_end(ap);
35	sgLog(globalErrorLog,"%s",msg);
36	}
37	@@ -104,8 +104,8 @@ void sgLogFatalError(format, va_alist)
38	char msg[MAX_BUF];
39	va_list ap;
40	VA_START(ap, format);
41	- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
42	- return;
43	+ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
44	+ sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
45	va_end(ap);
46	sgLog(globalErrorLog,"%s",msg);
47	sgEmergency();