Defend against calling select() with nfds >= FD_SETSIZE.

PR pkg/50995

5 files changed, 119 insertions, 8 deletions

diff --git a/www/dansguardian/Makefile b/www/dansguardian/Makefile
index d2459a67ef6..7994850522c 100644
--- a/www/dansguardian/Makefile
+++ b/www/dansguardian/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.23 2015/09/03 11:55:40 sborrill Exp $
+# $NetBSD: Makefile,v 1.24 2016/04/20 13:52:24 prlw1 Exp $
 
 DISTNAME=	dansguardian-2.12.0.3
-PKGREVISION=	4
+PKGREVISION=	5
 CATEGORIES=	www
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=dansguardian/}
 EXTRACT_SUFX=	.tar.bz2
@@ -45,6 +45,7 @@ CONFIGURE_ARGS+=	--with-proxyuser=${DANSGUARDIAN_USER}
 CONFIGURE_ARGS+=	--with-proxygroup=${DANSGUARDIAN_GROUP}
 CONFIGURE_ARGS+=	--with-piddir=${VARBASE}/run
 CONFIGURE_ARGS+=	--with-logdir=${VARBASE}/log/dansguardian
+CONFIGURE_ARGS+=	CPPFLAGS=-DFD_SETSIZE=512
 
 .include "options.mk"
 
diff --git a/www/dansguardian/distinfo b/www/dansguardian/distinfo
index 6f64db6f9d5..04e670715ab 100644
--- a/www/dansguardian/distinfo
+++ b/www/dansguardian/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.12 2015/11/04 02:46:52 agc Exp $
+$NetBSD: distinfo,v 1.13 2016/04/20 13:52:24 prlw1 Exp $
 
 SHA1 (dansguardian-2.12.0.3.tar.bz2) = c5d8175910310f9a03efc2e6cb440ea418adb896
 RMD160 (dansguardian-2.12.0.3.tar.bz2) = 312db0ce2db9d1b2ed537807f9b2eca5d76a4123
@@ -7,9 +7,11 @@ Size (dansguardian-2.12.0.3.tar.bz2) = 577701 bytes
 SHA1 (patch-configs_dansguardian.conf.in) = 8707f9506ea7d93b3ff2caca3612054d1b0724e7
 SHA1 (patch-configs_dansguardianf1.conf.in) = 777e1b3a463d7619d937ff193ee94a7a44410c7a
 SHA1 (patch-configure) = be2ccff5ecd42994cf8727843372e5997004e5e4
-SHA1 (patch-src_ConnectionHandler.cpp) = c7d9ed8f825a3d1d74c3e2612169e8ad11d7fd44
+SHA1 (patch-src_BaseSocket.cpp) = 6dc031deba326ab3e1e0db19482dd416f75ad988
+SHA1 (patch-src_ConnectionHandler.cpp) = 8bab3959f18b08702bc9af250c5e09803e21e716
 SHA1 (patch-src_FOptionContainer.cpp) = 09ed12353ea4622e5b78dc8d0a12cacd65283ea4
 SHA1 (patch-src_FOptionContainer.hpp) = bbb939f9c862a2564eec05bd9259d57b274e9777
+SHA1 (patch-src_FatController.cpp) = af08248a063884df29bbc9c5261f07f3ea11147e
 SHA1 (patch-src_ImageContainer.cpp) = b1296ac496a699d2089255b61841f607eba9d084
 SHA1 (patch-src_OptionContainer.cpp) = d94a851522751b53c61a2b96e335170db0e1f86e
 SHA1 (patch-src_SocketArray.cpp) = 393bb901cf090b543a16da27f16c1bc99db8f155
diff --git a/www/dansguardian/patches/patch-src_BaseSocket.cpp b/www/dansguardian/patches/patch-src_BaseSocket.cpp
new file mode 100644
index 00000000000..d43f5e1829c
--- /dev/null
+++ b/www/dansguardian/patches/patch-src_BaseSocket.cpp
@@ -0,0 +1,55 @@
+$NetBSD: patch-src_BaseSocket.cpp,v 1.1 2016/04/20 13:52:24 prlw1 Exp $
+
+Defend against calling select() with nfds >= FD_SETSIZE. PR pkg/50995
+https://github.com/e2guardian/e2guardian/issues/119
+
+--- src/BaseSocket.cpp.orig	2012-09-29 20:06:45.000000000 +0000
++++ src/BaseSocket.cpp
+@@ -61,6 +61,12 @@ int selectEINTR(int numfds, fd_set * rea
+ 	timeval exittime;
+ 	timeval elapsedtime;
+ 	timeval timeoutcopy;
++
++	if (numfds >= FD_SETSIZE) {
++		syslog(LOG_ERR, "selectEINTR called with numfds (%d) >= FD_SETSIZE (%d)", numfds, FD_SETSIZE);
++		errno = EBADF;
++		return -1;
++	}
+ 	while (true) {  // using the while as a restart point with continue
+ 		if (timeout != NULL) {
+ 			gettimeofday(&entrytime, NULL);
+@@ -313,6 +319,9 @@ int BaseSocket::getLine(char *buff, int 
+ #endif
+ 		//if there was a socket error
+ 		if (bufflen < 0) {
++#ifdef DGDEBUG
++			syslog(LOG_ERR, "getLine recv returned error = %d (%m)\n", errno);
++#endif
+ 			if (errno == EINTR && (honour_reloadconfig ? !reloadconfig : true)) {
+ 				continue;
+ 			}
+@@ -423,6 +432,9 @@ int BaseSocket::readFromSocketn(char *bu
+ 		}
+ 		rc = recv(sck, buff, cnt, flags);
+ 		if (rc < 0) {
++#ifdef DGDEBUG
++			syslog(LOG_ERR, "readFromSocketn recv returned error = %d (%m)\n", errno);
++#endif
+ 			if (errno == EINTR) {
+ 				continue;
+ 			}
+@@ -473,9 +485,14 @@ int BaseSocket::readFromSocket(char *buf
+ 	while (true) {
+ 		rc = recv(sck, buff, cnt, flags);
+ 		if (rc < 0) {
++#ifdef DGDEBUG
++			syslog(LOG_ERR, "readFromSocket recv returned unhandled? error = %d (%m)\n", errno);
++#endif
+ 			if (errno == EINTR && (honour_reloadconfig ? !reloadconfig : true)) {
+ 				continue;
+ 			}
++			sleep(1);
++			continue;
+ 		}
+ 
+ 		break;
diff --git a/www/dansguardian/patches/patch-src_ConnectionHandler.cpp b/www/dansguardian/patches/patch-src_ConnectionHandler.cpp
index a1fba6d4413..53641966ab9 100644
--- a/www/dansguardian/patches/patch-src_ConnectionHandler.cpp
+++ b/www/dansguardian/patches/patch-src_ConnectionHandler.cpp
@@ -1,9 +1,27 @@
-$NetBSD: patch-src_ConnectionHandler.cpp,v 1.1 2015/09/03 11:55:40 sborrill Exp $
+$NetBSD: patch-src_ConnectionHandler.cpp,v 1.2 2016/04/20 13:52:24 prlw1 Exp $
+
 maxuploadsize is a filtergroup setting
+informative error messages
 
---- src/ConnectionHandler.cpp.orig	2015-09-03 12:05:59.000000000 +0100
-+++ src/ConnectionHandler.cpp	2015-09-03 12:06:56.000000000 +0100
-@@ -1598,14 +1598,14 @@
+--- src/ConnectionHandler.cpp.orig	2012-09-29 20:06:45.000000000 +0000
++++ src/ConnectionHandler.cpp
+@@ -555,12 +555,14 @@ void ConnectionHandler::handleConnection
+ #ifdef DGDEBUG
+ 						std::cerr << dbgPeerPort << " -Error connecting to proxy" << std::endl;
+ #endif
+-						syslog(LOG_ERR, "Error connecting to proxy");
++						syslog(LOG_ERR, "Error %d (%m) connecting to proxy %s:%d by client %s", errno, o.proxy_ip.c_str(), o.proxy_port, clientip.c_str());
++
+ 						return;
+ 					}
+ 				}
+ 				catch(std::exception & e) {
+ #ifdef DGDEBUG
++					syslog(LOG_ERR, "Exception while creating proxysock to proxy %s:%d by client %s", o.proxy_ip.c_str(), o.proxy_port, clientip.c_str());
+ 					std::cerr << dbgPeerPort << " -exception while creating proxysock: " << e.what() << std::endl;
+ #endif
+ 				}
+@@ -1598,14 +1600,14 @@ void ConnectionHandler::handleConnection
  				// Check for POST upload size blocking, unless request is an exception
  				// MIME type test is just an approximation, but probably good enough
  				if (!isbypass && !isexception
diff --git a/www/dansguardian/patches/patch-src_FatController.cpp b/www/dansguardian/patches/patch-src_FatController.cpp
new file mode 100644
index 00000000000..206a27ad1a1
--- /dev/null
+++ b/www/dansguardian/patches/patch-src_FatController.cpp
@@ -0,0 +1,35 @@
+$NetBSD: patch-src_FatController.cpp,v 1.1 2016/04/20 13:52:24 prlw1 Exp $
+
+Defend against calling select() with nfds >= FD_SETSIZE.
+PR pkg/50995
+
+--- src/FatController.cpp.orig	2012-09-29 20:06:45.000000000 +0000
++++ src/FatController.cpp
+@@ -1473,6 +1473,13 @@ int url_list_listener(bool logconerror)
+ 	std::cout << "url ipcsockfd:" << ipcsockfd << std::endl;
+ #endif
+ 
++	if (ipcsockfd + 1 >= FD_SETSIZE) {
++		syslog(LOG_ERR, "ipcsockfd+1 (%d) >= FD_SETSIZE (%d)", ipcsockfd+1, FD_SETSIZE);
++		delete[]logline;
++		urllistsock.close();
++		return 1;
++        }
++
+ 	fd_set fdSet;  // our set of fds (only 1) that select monitors for us
+ 	fd_set fdcpy;  // select modifes the set so we need to use a copy
+ 	FD_ZERO(&fdSet);  // clear the set
+@@ -1597,6 +1604,13 @@ int ip_list_listener(std::string stat_lo
+ 
+ 	ipcsockfd = iplistsock.getFD();
+ 
++	if (ipcsockfd + 1 >= FD_SETSIZE) {
++		syslog(LOG_ERR, "ipcsockfd+1 (%d) >= FD_SETSIZE (%d)", ipcsockfd+1, FD_SETSIZE);
++		delete[]inbuff;
++		urllistsock.close();
++		return 1;
++        }
++
+ 	unsigned long int ip;
+ 	char reply;
+ 	struct in_addr inaddr;