Overview

File squidGuard-CVE-2009-3826.patch of Package squidGuard

Index: squidGuard-1.3/src/sg.h.in
===================================================================
--- squidGuard-1.3.orig/src/sg.h.in	2010-07-29 14:29:25.000000000 +0200
+++ squidGuard-1.3/src/sg.h.in	2010-07-29 14:33:58.000000000 +0200
@@ -73,13 +73,13 @@ int tolower();
 #define REQUEST_TYPE_REDIRECT   2
 #define REQUEST_TYPE_PASS       3
 
-#define MAX_BUF 4096
+#define MAX_BUF 12288
 
 #define DEFAULT_LOGFILE "squidGuard.log"
 #define WARNING_LOGFILE "squidGuard.log"
 #define ERROR_LOGFILE   "squidGuard.error"
 
-#define DEFAULT_CONFIGFILE "/etc/squidguard.conf"
+#define DEFAULT_CONFIGFILE "@prefix@/squidGuard/squidGuard.conf"
 #define DEFAULT_LOGDIR "@prefix@/squidGuard/log"
 #define DEFAULT_DBHOME "@prefix@/squidGuard/db"
 #define EXEC_PROGRAM "@prefix@/bin/squidGuard"
Index: squidGuard-1.3/src/sgDiv.c.in
===================================================================
--- squidGuard-1.3.orig/src/sgDiv.c.in	2010-07-29 14:29:26.000000000 +0200
+++ squidGuard-1.3/src/sgDiv.c.in	2010-07-29 14:33:58.000000000 +0200
@@ -745,7 +745,7 @@ char *sgParseRedirect(redirect, req, acl
       p++;
       break;
     case 'u': /* Requested URL */
-      strcat(buf, req->orig);
+      strncat(buf, req->orig, 2048);
       p++;
       break;
     default:
openSUSE Build Service is sponsored by
Places