[packages/anubis.git] / anubis-securityfixes.patch

diff -urN anubis-3.6.2/src/auth.c anubis-3.6.2-fix/src/auth.c
--- anubis-3.6.2/src/auth.c	Wed Dec  4 22:43:34 2002
+++ anubis-3.6.2-fix/src/auth.c	Wed Feb 25 20:29:40 2004
@@ -42,6 +42,66 @@
  IDENT protocol support
 ************************/
 
+#define USERNAME_C "USERID :"
+
+/* If the reply matches sscanf expression
+   
+      "%*[^:]: USERID :%*[^:]:%s"
+
+   and the length of "%s" part does not exceed size-1 bytes,
+   copies this part to USERNAME and returns 0. Otherwise,
+   returns 1 */
+
+static int
+ident_extract_username(char *reply, char *username, size_t size)
+{
+	char *p;
+
+	p = strchr (reply, ':');
+	if (!p)
+		return 1;
+	if (p[1] != ' '
+	    || strncmp (p + 2, USERNAME_C, sizeof (USERNAME_C) - 1))
+		return 1;
+	p += 2 + sizeof (USERNAME_C) - 1;
+	p = strchr (p, ':');
+	if (!p)
+		return 1;
+	p++;
+	if (strlen (p) >= size)
+		return 1;
+	strcpy(username, p);
+	return 0;
+}
+
+/* If the reply matches sscanf expression
+
+      "%*[^ ] %*[^ ] %*[^ ] %*[^ ] %*[^ ] %s"
+
+   and the length of "%s" part does not exceed size-1 bytes,
+   copies this part to USERNAME and returns 0. Otherwise,
+   returns 1 */
+
+static int
+crypt_extract_username(char *reply, char *username, size_t size)
+{
+	int i;
+	char *p = reply;
+#define skip_word(c) while (*c && (*c) != ' ') c++
+
+	/* Skip five words */
+	for (i = 0; i < 5; i++) {
+		skip_word(p);
+		if (!*p++)
+			return 1;
+	}
+	
+	if (strlen (p) >= size)
+		return 1;
+	strcpy(username, p);
+	return 0;
+}
+
 int
 auth_ident(struct sockaddr_in *addr, char *user, int size)
 {
@@ -51,7 +111,8 @@
 	int sd = 0;
 
 	if ((sd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
-		anubis_error(SOFT, _("IDENT: socket() failed: %s."), strerror(errno));
+		anubis_error(SOFT, _("IDENT: socket() failed: %s."),
+			     strerror(errno));
 		return 0;
 	}
 	memcpy(&ident, addr, sizeof(ident));
@@ -69,11 +130,7 @@
 	info(VERBOSE, _("IDENT: connected to %s:%u"),
 	inet_ntoa(ident.sin_addr), ntohs(ident.sin_port));
 
-	#ifdef HAVE_SNPRINTF
 	snprintf(buf, LINEBUFFER,
-	#else
-	sprintf(buf,
-	#endif /* HAVE_SNPRINTF */
 		"%u , %u"CRLF, ntohs(addr->sin_port), session.tunnel_port);
 
 	if (send(sd, buf, strlen(buf), 0) == -1) {
@@ -89,7 +146,8 @@
 	close_socket(sd);
 	memset(user, 0, size);
 
-	if (sscanf(buf, "%*[^:]: USERID :%*[^:]:%s", user) != 1) {
+	remcrlf (buf);
+	if (ident_extract_username(buf, user, size)) {
 		info(VERBOSE, _("IDENT: incorrect data."));
 		return 0;
 	}
@@ -105,7 +163,8 @@
 		if (rs == -1)
 			return 0;
 
-		if (sscanf(buf, "%*[^ ] %*[^ ] %*[^ ] %*[^ ] %*[^ ] %s", user) != 1) {
+		remcrlf (buf);
+		if (crypt_extract_username(buf, user, size)) {
 			info(VERBOSE, _("IDENT: incorrect data (DES deciphered)."));
 			return 0;
 		}
diff -urN anubis-3.6.2/src/errs.c anubis-3.6.2-fix/src/errs.c
--- anubis-3.6.2/src/errs.c	Wed Dec  4 22:42:02 2002
+++ anubis-3.6.2-fix/src/errs.c	Wed Feb 25 20:33:49 2004
@@ -51,7 +51,7 @@
 			if (options.slogfile)
 				filelog(options.slogfile, txt);
 			else
-				syslog(LOG_ERR | LOG_MAIL, txt);
+				syslog(LOG_ERR | LOG_MAIL, "%s", txt);
 
 			if (options.ulogfile && options.uloglevel >= FAILS)
 				filelog(options.ulogfile, txt);
diff -urN anubis-3.6.2/src/log.c anubis-3.6.2-fix/src/log.c
--- anubis-3.6.2/src/log.c	Wed Dec  4 22:42:26 2002
+++ anubis-3.6.2-fix/src/log.c	Wed Feb 25 20:32:30 2004
@@ -70,7 +70,7 @@
 		if (options.slogfile)
 			filelog(options.slogfile, txt);
 		else
-			syslog(LOG_INFO | LOG_MAIL, txt);
+			syslog(LOG_INFO | LOG_MAIL, "%s", txt);
 
 		if (options.ulogfile && options.uloglevel >= ALL)
 			filelog(options.ulogfile, txt);
diff -urN anubis-3.6.2/src/ssl.c anubis-3.6.2-fix/src/ssl.c
--- anubis-3.6.2/src/ssl.c	Wed Dec  4 22:40:45 2002
+++ anubis-3.6.2-fix/src/ssl.c	Wed Feb 25 20:33:28 2004
@@ -64,7 +64,7 @@
 	if (options.termlevel != SILENT) {
 		#ifdef HAVE_SYSLOG
 		if ((topt & T_DAEMON) && !(topt & T_FOREGROUND))
-			syslog(LOG_ERR | LOG_MAIL, string_error);
+			syslog(LOG_ERR | LOG_MAIL, "%s", string_error);
 		else
 		#endif /* HAVE_SYSLOG */
 			mprintf(">>%s", string_error);
Commit	Line	Data
bd7926b2 JB	1	diff -urN anubis-3.6.2/src/auth.c anubis-3.6.2-fix/src/auth.c
	2	--- anubis-3.6.2/src/auth.c Wed Dec 4 22:43:34 2002
	3	+++ anubis-3.6.2-fix/src/auth.c Wed Feb 25 20:29:40 2004
	4	@@ -42,6 +42,66 @@
	5	IDENT protocol support
	6	************************/
	7
	8	+#define USERNAME_C "USERID :"
	9	+
	10	+/* If the reply matches sscanf expression
	11	+
	12	+ "%[^:]: USERID :%[^:]:%s"
	13	+
	14	+ and the length of "%s" part does not exceed size-1 bytes,
	15	+ copies this part to USERNAME and returns 0. Otherwise,
	16	+ returns 1 */
	17	+
	18	+static int
	19	+ident_extract_username(char reply, char username, size_t size)
	20	+{
	21	+ char *p;
	22	+
	23	+ p = strchr (reply, ':');
	24	+ if (!p)
	25	+ return 1;
	26	+ if (p[1] != ' '
	27	+ \|\| strncmp (p + 2, USERNAME_C, sizeof (USERNAME_C) - 1))
	28	+ return 1;
	29	+ p += 2 + sizeof (USERNAME_C) - 1;
	30	+ p = strchr (p, ':');
	31	+ if (!p)
	32	+ return 1;
	33	+ p++;
	34	+ if (strlen (p) >= size)
	35	+ return 1;
	36	+ strcpy(username, p);
	37	+ return 0;
	38	+}
	39	+
	40	+/* If the reply matches sscanf expression
	41	+
	42	+ "%[^ ] %[^ ] %[^ ] %[^ ] %*[^ ] %s"
	43	+
	44	+ and the length of "%s" part does not exceed size-1 bytes,
	45	+ copies this part to USERNAME and returns 0. Otherwise,
	46	+ returns 1 */
	47	+
	48	+static int
	49	+crypt_extract_username(char reply, char username, size_t size)
	50	+{
	51	+ int i;
	52	+ char *p = reply;
	53	+#define skip_word(c) while (c && (c) != ' ') c++
	54	+
	55	+ /* Skip five words */
	56	+ for (i = 0; i < 5; i++) {
	57	+ skip_word(p);
	58	+ if (!*p++)
	59	+ return 1;
	60	+ }
	61	+
	62	+ if (strlen (p) >= size)
	63	+ return 1;
	64	+ strcpy(username, p);
65	+ return 0;
66	+}
67	+
68	int
69	auth_ident(struct sockaddr_in addr, char user, int size)
70	{
71	@@ -51,7 +111,8 @@
72	int sd = 0;
73
74	if ((sd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
75	- anubis_error(SOFT, _("IDENT: socket() failed: %s."), strerror(errno));
76	+ anubis_error(SOFT, _("IDENT: socket() failed: %s."),
77	+ strerror(errno));
78	return 0;
79	}
80	memcpy(&ident, addr, sizeof(ident));
81	@@ -69,11 +130,7 @@
82	info(VERBOSE, _("IDENT: connected to %s:%u"),
83	inet_ntoa(ident.sin_addr), ntohs(ident.sin_port));
84
85	- #ifdef HAVE_SNPRINTF
86	snprintf(buf, LINEBUFFER,
87	- #else
88	- sprintf(buf,
89	- #endif /* HAVE_SNPRINTF */
90	"%u , %u"CRLF, ntohs(addr->sin_port), session.tunnel_port);
91
92	if (send(sd, buf, strlen(buf), 0) == -1) {
93	@@ -89,7 +146,8 @@
94	close_socket(sd);
95	memset(user, 0, size);
96
97	- if (sscanf(buf, "%[^:]: USERID :%[^:]:%s", user) != 1) {
98	+ remcrlf (buf);
99	+ if (ident_extract_username(buf, user, size)) {
100	info(VERBOSE, _("IDENT: incorrect data."));
101	return 0;
102	}
103	@@ -105,7 +163,8 @@
104	if (rs == -1)
105	return 0;
106
107	- if (sscanf(buf, "%[^ ] %[^ ] %[^ ] %[^ ] %*[^ ] %s", user) != 1) {
108	+ remcrlf (buf);
109	+ if (crypt_extract_username(buf, user, size)) {
110	info(VERBOSE, _("IDENT: incorrect data (DES deciphered)."));
111	return 0;
112	}
113	diff -urN anubis-3.6.2/src/errs.c anubis-3.6.2-fix/src/errs.c
114	--- anubis-3.6.2/src/errs.c Wed Dec 4 22:42:02 2002
115	+++ anubis-3.6.2-fix/src/errs.c Wed Feb 25 20:33:49 2004
116	@@ -51,7 +51,7 @@
117	if (options.slogfile)
118	filelog(options.slogfile, txt);
119	else
120	- syslog(LOG_ERR \| LOG_MAIL, txt);
121	+ syslog(LOG_ERR \| LOG_MAIL, "%s", txt);
122
123	if (options.ulogfile && options.uloglevel >= FAILS)
124	filelog(options.ulogfile, txt);
125	diff -urN anubis-3.6.2/src/log.c anubis-3.6.2-fix/src/log.c
126	--- anubis-3.6.2/src/log.c Wed Dec 4 22:42:26 2002
127	+++ anubis-3.6.2-fix/src/log.c Wed Feb 25 20:32:30 2004
128	@@ -70,7 +70,7 @@
129	if (options.slogfile)
130	filelog(options.slogfile, txt);
131	else
132	- syslog(LOG_INFO \| LOG_MAIL, txt);
133	+ syslog(LOG_INFO \| LOG_MAIL, "%s", txt);
134
135	if (options.ulogfile && options.uloglevel >= ALL)
136	filelog(options.ulogfile, txt);
137	diff -urN anubis-3.6.2/src/ssl.c anubis-3.6.2-fix/src/ssl.c
138	--- anubis-3.6.2/src/ssl.c Wed Dec 4 22:40:45 2002
139	+++ anubis-3.6.2-fix/src/ssl.c Wed Feb 25 20:33:28 2004
140	@@ -64,7 +64,7 @@
141	if (options.termlevel != SILENT) {
142	#ifdef HAVE_SYSLOG
143	if ((topt & T_DAEMON) && !(topt & T_FOREGROUND))
144	- syslog(LOG_ERR \| LOG_MAIL, string_error);
145	+ syslog(LOG_ERR \| LOG_MAIL, "%s", string_error);
146	else
147	#endif /* HAVE_SYSLOG */
148	mprintf(">>%s", string_error);