diff options
| author | cube <cube> | 2003-10-29 10:43:23 +0000 |
|---|---|---|
| committer | cube <cube> | 2003-10-29 10:43:23 +0000 |
| commit | 2c8d4e24d7b10b7f583d62951422b7b4699acf36 (patch) | |
| tree | a7ab785d177d97a8b46126b08b79225282c3e531 /www | |
| parent | d3c412552c7d275e4162848a5c730a22d10c4309 (diff) | |
| download | pkgsrc-2c8d4e24d7b10b7f583d62951422b7b4699acf36.tar.gz | |
Import security fix from 1.3.29 distribution for a buffer overflow in
mod_rewrite and mod_alias, referenced CAN-2003-0542. Bump PKGREVISION.
Diffstat (limited to 'www')
| -rw-r--r-- | www/apache/Makefile | 4 | ||||
| -rw-r--r-- | www/apache/distinfo | 6 | ||||
| -rw-r--r-- | www/apache/patches/patch-ap | 26 | ||||
| -rw-r--r-- | www/apache/patches/patch-aq | 50 | ||||
| -rw-r--r-- | www/apache/patches/patch-ar | 22 | ||||
| -rw-r--r-- | www/apache/patches/patch-as | 14 | ||||
| -rw-r--r-- | www/apache6/Makefile | 4 | ||||
| -rw-r--r-- | www/apache6/distinfo | 6 | ||||
| -rw-r--r-- | www/apache6/patches/patch-an | 26 | ||||
| -rw-r--r-- | www/apache6/patches/patch-ao | 50 | ||||
| -rw-r--r-- | www/apache6/patches/patch-ap | 22 | ||||
| -rw-r--r-- | www/apache6/patches/patch-aq | 14 |
12 files changed, 238 insertions, 6 deletions
diff --git a/www/apache/Makefile b/www/apache/Makefile index 0cc899c5bb9..aefb227240b 100644 --- a/www/apache/Makefile +++ b/www/apache/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.134 2003/10/11 13:40:19 grant Exp $ +# $NetBSD: Makefile,v 1.135 2003/10/29 10:43:23 cube Exp $ # # This pkg does not compile in mod_ssl, only the `mod_ssl EAPI' (a set of # code hooks that allow mod_ssl to be compiled separately later, if desired). @@ -6,7 +6,7 @@ DISTNAME= apache_${APACHE_VERSION} PKGNAME= apache-${APACHE_VERSION} APACHE_VERSION= 1.3.28 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ ${MASTER_SITE_APACHE:=httpd/old/} diff --git a/www/apache/distinfo b/www/apache/distinfo index 0cff9f52f2c..74587522c68 100644 --- a/www/apache/distinfo +++ b/www/apache/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.27 2003/07/19 12:31:06 tron Exp $ +$NetBSD: distinfo,v 1.28 2003/10/29 10:43:23 cube Exp $ SHA1 (apache_1.3.28.tar.gz) = a4d0a9c57a53cb641928c882a9d3b6fd645e4e3e Size (apache_1.3.28.tar.gz) = 2388111 bytes @@ -20,3 +20,7 @@ SHA1 (patch-ak) = 8f790a692ed9b2dd6943be43fa1cf7629c673955 SHA1 (patch-al) = a27b9676998621229dc3a1d920ea44b8e622feb2 SHA1 (patch-am) = d05f7c30b73c0e90daf17d9d1c4838be7fd73b02 SHA1 (patch-ao) = 5930f9ea0f5080b260a6e0c66a37c6d1ad0df4d4 +SHA1 (patch-ap) = 5babca7afb771ab8e7766a999912f1e5d39ff187 +SHA1 (patch-aq) = f3ef867c9c638b0f62ef4bf0e9a78aaba0098da2 +SHA1 (patch-ar) = cd62c463b46e5ab223ca080087d066c7deefaec0 +SHA1 (patch-as) = 20fd8fec178b2969044676ab5621bc337ba9c14b diff --git a/www/apache/patches/patch-ap b/www/apache/patches/patch-ap new file mode 100644 index 00000000000..be04f7f0721 --- /dev/null +++ b/www/apache/patches/patch-ap @@ -0,0 +1,26 @@ +$NetBSD: patch-ap,v 1.1 2003/10/29 10:44:28 cube Exp $ + +--- src/modules/standard/mod_alias.c.orig 2003-04-24 18:08:21.000000000 +0200 ++++ src/modules/standard/mod_alias.c +@@ -299,7 +299,7 @@ static int alias_matches(const char *uri + static char *try_alias_list(request_rec *r, array_header *aliases, int doesc, int *status) + { + alias_entry *entries = (alias_entry *) aliases->elts; +- regmatch_t regm[10]; ++ regmatch_t regm[AP_MAX_REG_MATCH]; + char *found = NULL; + int i; + +@@ -308,10 +308,10 @@ static char *try_alias_list(request_rec + int l; + + if (p->regexp) { +- if (!ap_regexec(p->regexp, r->uri, p->regexp->re_nsub + 1, regm, 0)) { ++ if (!ap_regexec(p->regexp, r->uri, AP_MAX_REG_MATCH, regm, 0)) { + if (p->real) { + found = ap_pregsub(r->pool, p->real, r->uri, +- p->regexp->re_nsub + 1, regm); ++ AP_MAX_REG_MATCH, regm); + if (found && doesc) { + found = ap_escape_uri(r->pool, found); + } diff --git a/www/apache/patches/patch-aq b/www/apache/patches/patch-aq new file mode 100644 index 00000000000..8c5fadf1547 --- /dev/null +++ b/www/apache/patches/patch-aq @@ -0,0 +1,50 @@ +$NetBSD: patch-aq,v 1.1 2003/10/29 10:44:28 cube Exp $ + +--- src/modules/standard/mod_rewrite.c.orig 2003-10-29 09:25:17.000000000 +0100 ++++ src/modules/standard/mod_rewrite.c +@@ -1834,7 +1834,7 @@ static int apply_rewrite_rule(request_re + const char *vary; + char newuri[MAX_STRING_LEN]; + regex_t *regexp; +- regmatch_t regmatch[MAX_NMATCH]; ++ regmatch_t regmatch[AP_MAX_REG_MATCH]; + backrefinfo *briRR = NULL; + backrefinfo *briRC = NULL; + int prefixstrip; +@@ -1891,7 +1891,7 @@ static int apply_rewrite_rule(request_re + rewritelog(r, 3, "[per-dir %s] applying pattern '%s' to uri '%s'", + perdir, p->pattern, uri); + } +- rc = (ap_regexec(regexp, uri, regexp->re_nsub+1, regmatch, 0) == 0); ++ rc = (ap_regexec(regexp, uri, AP_MAX_REG_MATCH, regmatch, 0) == 0); + if (! (( rc && !(p->flags & RULEFLAG_NOTMATCH)) || + (!rc && (p->flags & RULEFLAG_NOTMATCH)) ) ) { + return 0; +@@ -2179,7 +2179,7 @@ static int apply_rewrite_cond(request_re + char input[MAX_STRING_LEN]; + struct stat sb; + request_rec *rsub; +- regmatch_t regmatch[MAX_NMATCH]; ++ regmatch_t regmatch[AP_MAX_REG_MATCH]; + int rc; + + /* +@@ -2283,8 +2283,7 @@ static int apply_rewrite_cond(request_re + } + else { + /* it is really a regexp pattern, so apply it */ +- rc = (ap_regexec(p->regexp, input, +- p->regexp->re_nsub+1, regmatch,0) == 0); ++ rc = (ap_regexec(p->regexp, input, AP_MAX_REG_MATCH, regmatch,0) == 0); + + /* if it isn't a negated pattern and really matched + we update the passed-through regex subst info structure */ +@@ -2442,7 +2441,7 @@ static void do_expand(request_rec *r, ch + bri = briRC; + } + /* see ap_pregsub() in src/main/util.c */ +- if (bri && n <= bri->nsub && ++ if (bri && n < AP_MAX_REG_MATCH && + bri->regmatch[n].rm_eo > bri->regmatch[n].rm_so) { + span = bri->regmatch[n].rm_eo - bri->regmatch[n].rm_so; + if (span > space) { diff --git a/www/apache/patches/patch-ar b/www/apache/patches/patch-ar new file mode 100644 index 00000000000..0a045bb6ff1 --- /dev/null +++ b/www/apache/patches/patch-ar @@ -0,0 +1,22 @@ +$NetBSD: patch-ar,v 1.1 2003/10/29 10:44:28 cube Exp $ + +--- src/modules/standard/mod_rewrite.h.orig 2003-05-19 04:35:31.000000000 +0200 ++++ src/modules/standard/mod_rewrite.h +@@ -253,8 +253,6 @@ + + #define MAX_ENV_FLAGS 15 + +-#define MAX_NMATCH 10 +- + /* default maximum number of internal redirects */ + #define REWRITE_REDIRECT_LIMIT 10 + +@@ -368,7 +366,7 @@ typedef struct cache { + typedef struct backrefinfo { + char *source; + int nsub; +- regmatch_t regmatch[10]; ++ regmatch_t regmatch[AP_MAX_REG_MATCH]; + } backrefinfo; + + diff --git a/www/apache/patches/patch-as b/www/apache/patches/patch-as new file mode 100644 index 00000000000..bd849791034 --- /dev/null +++ b/www/apache/patches/patch-as @@ -0,0 +1,14 @@ +$NetBSD: patch-as,v 1.1 2003/10/29 10:44:28 cube Exp $ + +--- src/include/httpd.h.orig 2003-10-29 09:28:40.000000000 +0100 ++++ src/include/httpd.h +@@ -291,6 +291,9 @@ extern "C" { + /* The size of the server's internal read-write buffers */ + #define IOBUFSIZE 8192 + ++/* The max number of regex captures that can be expanded by ap_pregsub */ ++#define AP_MAX_REG_MATCH 10 ++ + /* Number of servers to spawn off by default --- also, if fewer than + * this free when the caretaker checks, it will spawn more. + */ diff --git a/www/apache6/Makefile b/www/apache6/Makefile index 651a7d9c132..9c1fcb68a9e 100644 --- a/www/apache6/Makefile +++ b/www/apache6/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.84 2003/10/18 13:08:49 cjep Exp $ +# $NetBSD: Makefile,v 1.85 2003/10/29 10:45:26 cube Exp $ # # This package does not compile in mod_ssl support hooks, as it conflicts # with IPv6-enable patch. @@ -9,7 +9,7 @@ DISTNAME= apache_${APACHE_VERSION} PKGNAME= apache6-${APACHE_VERSION} APACHE_VERSION= 1.3.28 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ ${MASTER_SITE_APACHE:=httpd/old/} diff --git a/www/apache6/distinfo b/www/apache6/distinfo index 9f2fe3cf41e..79fb0f897de 100644 --- a/www/apache6/distinfo +++ b/www/apache6/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.16 2003/09/13 23:37:07 itojun Exp $ +$NetBSD: distinfo,v 1.17 2003/10/29 10:45:26 cube Exp $ SHA1 (apache_1.3.28.tar.gz) = a4d0a9c57a53cb641928c882a9d3b6fd645e4e3e Size (apache_1.3.28.tar.gz) = 2388111 bytes @@ -15,3 +15,7 @@ SHA1 (patch-ah) = 553f8f2bf4bf7278adb46ff8749be154f10e39d3 SHA1 (patch-ai) = 46d9a97fbc248a2bea97943b9f3b2f9f693f3695 SHA1 (patch-aj) = 1cdd2f010d381ec9c13f59b31caab7d1f6f63100 SHA1 (patch-ak) = 8f790a692ed9b2dd6943be43fa1cf7629c673955 +SHA1 (patch-an) = 5babca7afb771ab8e7766a999912f1e5d39ff187 +SHA1 (patch-ao) = f3ef867c9c638b0f62ef4bf0e9a78aaba0098da2 +SHA1 (patch-ap) = cd62c463b46e5ab223ca080087d066c7deefaec0 +SHA1 (patch-aq) = 20fd8fec178b2969044676ab5621bc337ba9c14b diff --git a/www/apache6/patches/patch-an b/www/apache6/patches/patch-an new file mode 100644 index 00000000000..985ed732ed6 --- /dev/null +++ b/www/apache6/patches/patch-an @@ -0,0 +1,26 @@ +$NetBSD: patch-an,v 1.1 2003/10/29 10:45:26 cube Exp $ + +--- src/modules/standard/mod_alias.c.orig 2003-04-24 18:08:21.000000000 +0200 ++++ src/modules/standard/mod_alias.c +@@ -299,7 +299,7 @@ static int alias_matches(const char *uri + static char *try_alias_list(request_rec *r, array_header *aliases, int doesc, int *status) + { + alias_entry *entries = (alias_entry *) aliases->elts; +- regmatch_t regm[10]; ++ regmatch_t regm[AP_MAX_REG_MATCH]; + char *found = NULL; + int i; + +@@ -308,10 +308,10 @@ static char *try_alias_list(request_rec + int l; + + if (p->regexp) { +- if (!ap_regexec(p->regexp, r->uri, p->regexp->re_nsub + 1, regm, 0)) { ++ if (!ap_regexec(p->regexp, r->uri, AP_MAX_REG_MATCH, regm, 0)) { + if (p->real) { + found = ap_pregsub(r->pool, p->real, r->uri, +- p->regexp->re_nsub + 1, regm); ++ AP_MAX_REG_MATCH, regm); + if (found && doesc) { + found = ap_escape_uri(r->pool, found); + } diff --git a/www/apache6/patches/patch-ao b/www/apache6/patches/patch-ao new file mode 100644 index 00000000000..b597218f01e --- /dev/null +++ b/www/apache6/patches/patch-ao @@ -0,0 +1,50 @@ +$NetBSD: patch-ao,v 1.1 2003/10/29 10:45:26 cube Exp $ + +--- src/modules/standard/mod_rewrite.c.orig 2003-10-29 09:25:17.000000000 +0100 ++++ src/modules/standard/mod_rewrite.c +@@ -1834,7 +1834,7 @@ static int apply_rewrite_rule(request_re + const char *vary; + char newuri[MAX_STRING_LEN]; + regex_t *regexp; +- regmatch_t regmatch[MAX_NMATCH]; ++ regmatch_t regmatch[AP_MAX_REG_MATCH]; + backrefinfo *briRR = NULL; + backrefinfo *briRC = NULL; + int prefixstrip; +@@ -1891,7 +1891,7 @@ static int apply_rewrite_rule(request_re + rewritelog(r, 3, "[per-dir %s] applying pattern '%s' to uri '%s'", + perdir, p->pattern, uri); + } +- rc = (ap_regexec(regexp, uri, regexp->re_nsub+1, regmatch, 0) == 0); ++ rc = (ap_regexec(regexp, uri, AP_MAX_REG_MATCH, regmatch, 0) == 0); + if (! (( rc && !(p->flags & RULEFLAG_NOTMATCH)) || + (!rc && (p->flags & RULEFLAG_NOTMATCH)) ) ) { + return 0; +@@ -2179,7 +2179,7 @@ static int apply_rewrite_cond(request_re + char input[MAX_STRING_LEN]; + struct stat sb; + request_rec *rsub; +- regmatch_t regmatch[MAX_NMATCH]; ++ regmatch_t regmatch[AP_MAX_REG_MATCH]; + int rc; + + /* +@@ -2283,8 +2283,7 @@ static int apply_rewrite_cond(request_re + } + else { + /* it is really a regexp pattern, so apply it */ +- rc = (ap_regexec(p->regexp, input, +- p->regexp->re_nsub+1, regmatch,0) == 0); ++ rc = (ap_regexec(p->regexp, input, AP_MAX_REG_MATCH, regmatch,0) == 0); + + /* if it isn't a negated pattern and really matched + we update the passed-through regex subst info structure */ +@@ -2442,7 +2441,7 @@ static void do_expand(request_rec *r, ch + bri = briRC; + } + /* see ap_pregsub() in src/main/util.c */ +- if (bri && n <= bri->nsub && ++ if (bri && n < AP_MAX_REG_MATCH && + bri->regmatch[n].rm_eo > bri->regmatch[n].rm_so) { + span = bri->regmatch[n].rm_eo - bri->regmatch[n].rm_so; + if (span > space) { diff --git a/www/apache6/patches/patch-ap b/www/apache6/patches/patch-ap new file mode 100644 index 00000000000..9b2d0ce8044 --- /dev/null +++ b/www/apache6/patches/patch-ap @@ -0,0 +1,22 @@ +$NetBSD: patch-ap,v 1.1 2003/10/29 10:45:26 cube Exp $ + +--- src/modules/standard/mod_rewrite.h.orig 2003-05-19 04:35:31.000000000 +0200 ++++ src/modules/standard/mod_rewrite.h +@@ -253,8 +253,6 @@ + + #define MAX_ENV_FLAGS 15 + +-#define MAX_NMATCH 10 +- + /* default maximum number of internal redirects */ + #define REWRITE_REDIRECT_LIMIT 10 + +@@ -368,7 +366,7 @@ typedef struct cache { + typedef struct backrefinfo { + char *source; + int nsub; +- regmatch_t regmatch[10]; ++ regmatch_t regmatch[AP_MAX_REG_MATCH]; + } backrefinfo; + + diff --git a/www/apache6/patches/patch-aq b/www/apache6/patches/patch-aq new file mode 100644 index 00000000000..d9ff658bba0 --- /dev/null +++ b/www/apache6/patches/patch-aq @@ -0,0 +1,14 @@ +$NetBSD: patch-aq,v 1.1 2003/10/29 10:45:26 cube Exp $ + +--- src/include/httpd.h.orig 2003-10-29 09:28:40.000000000 +0100 ++++ src/include/httpd.h +@@ -291,6 +291,9 @@ extern "C" { + /* The size of the server's internal read-write buffers */ + #define IOBUFSIZE 8192 + ++/* The max number of regex captures that can be expanded by ap_pregsub */ ++#define AP_MAX_REG_MATCH 10 ++ + /* Number of servers to spawn off by default --- also, if fewer than + * this free when the caretaker checks, it will spawn more. + */ |