d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-skq/contrib/ipfilter/lib
History
Stanislav Sedov 6760b335c6 - Prevent buffer overflow in IPFilter's load_http function used to load 
ipfilter tables via http by the user-level ippool utility. Previously
  the 1024-byte buffer used to store a http request coudld easily overflow
  if the length of the hostname part of the url passes exceeded 496 bytes. [1]
- Use snprintf to prevent possieble buffer overflows in future. [2]
- Do not try to close the descriptor twice on failure. [2]

Reported by:	Maksymilian Arciemowicz <cxib@securityreason.com> [1]
Obtained from:	NetBSD CVS [2]
MFC after:	2 weeks
2009-05-29 16:24:23 +00:00
..
addicmp.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
addipopt.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
alist_free.c
Import IPFilter 4.1.23 to vendor branch.
2007-06-04 02:50:28 +00:00
alist_new.c
Import IPFilter 4.1.28
2007-10-18 21:42:51 +00:00
bcopywrap.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
binprint.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
buildopts.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
checkrev.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
count4bits.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
count6bits.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
debug.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
facpri.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
facpri.h
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
fill6bits.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
flags.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
gethost.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
getifname.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
getnattype.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
getport.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
getportproto.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
getproto.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
getsumd.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
hostname.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
icmpcode.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
inet_addr.c
Resolve conflicts (and believe me...you don't want to know).
2005-12-30 11:52:26 +00:00
initparse.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
ionames.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
ipf_dotuning.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
ipft_ef.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
ipft_hx.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
ipft_pc.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
ipft_sn.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
ipft_td.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
ipft_tx.c
Pullup IPFilter 4.1.28 from the vendor branch into HEAD.
2007-10-18 21:52:14 +00:00
ipoptsec.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
kmem.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
kmem.h
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
kmemcpywrap.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
kvatoname.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
load_file.c
Import IPFilter 4.1.23 to vendor branch.
2007-06-04 02:50:28 +00:00
load_hash.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
load_hashnode.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
load_http.c
- Prevent buffer overflow in IPFilter's load_http function used to load
2009-05-29 16:24:23 +00:00
load_pool.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
load_poolnode.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
load_url.c
Import IPFilter 4.1.23 to vendor branch.
2007-06-04 02:50:28 +00:00
Makefile
Import IPFilter 4.1.28
2007-10-18 21:42:51 +00:00
mutex_emul.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
nametokva.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
nat_setgroupmap.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
ntomask.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
optname.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
optprint.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
optprintv6.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
optvalue.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
portname.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
print_toif.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printactivenat.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printaps.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printbuf.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printfr.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printfraginfo.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printhash_live.c
Import IPFilter 4.1.23 to vendor branch.
2007-06-04 02:50:28 +00:00
printhash.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printhashdata.c
Import IPFilter 4.1.23 to vendor branch.
2007-06-04 02:50:28 +00:00
printhashnode.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printhostmap.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printhostmask.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printifname.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printip.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printlog.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printmask.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printnat.c
2020447 IPFilter's NAT can undo name server random port selection
2008-07-24 12:35:05 +00:00
printpacket6.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printpacket.c
Pullup IPFilter 4.1.28 from the vendor branch into HEAD.
2007-10-18 21:52:14 +00:00
printpool_live.c
Import IPFilter 4.1.28
2007-10-18 21:42:51 +00:00
printpool.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printpooldata.c
Import IPFilter 4.1.23 to vendor branch.
2007-06-04 02:50:28 +00:00
printpoolnode.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printportcmp.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printproto.c
Import IPFilter 4.1.23 to vendor branch.
2007-06-04 02:50:28 +00:00
printsbuf.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
printstate.c
Pullup IPFilter 4.1.28 from the vendor branch into HEAD.
2007-10-18 21:52:14 +00:00
printtqtable.c
Import IPFilter 4.1.23 to vendor branch.
2007-06-04 02:50:28 +00:00
printtunable.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
remove_hash.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
remove_hashnode.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
remove_pool.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
remove_poolnode.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
resetlexer.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
rwlock_emul.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
tcp_flags.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
tcpflags.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
tcpoptnames.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
v6ionames.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
v6optvalue.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
var.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00
verbose.c
Merge IPFilter 4.1.23 back to HEAD
2007-06-04 02:54:36 +00:00