Compare commits
4 Commits
c8-stream-
...
a8-stream-
Author | SHA1 | Date | |
---|---|---|---|
|
d2ec548d86 | ||
|
4533dd2e0d | ||
7fdc3a9fc2 | |||
a19c7db24c |
46
SOURCES/Bug-5318-fetch-pdreceivedData-data.patch
Normal file
46
SOURCES/Bug-5318-fetch-pdreceivedData-data.patch
Normal file
@ -0,0 +1,46 @@
|
||||
From b6c01a2031944125b8cc6974f598c2cd66f0cee4 Mon Sep 17 00:00:00 2001
|
||||
From: Alex Rousskov <rousskov@measurement-factory.com>
|
||||
Date: Mon, 20 Nov 2023 23:05:00 +0000
|
||||
Subject: [PATCH] Bug 5318: peer_digest.cc:399: "fetch->pd &&
|
||||
receivedData.data" (#1584)
|
||||
|
||||
Recent commit 122a6e3 removed HTTP response headers from store_client
|
||||
responses. That removal created the possibility of an empty
|
||||
StoreIOBuffer at the beginning of the feeding sequence. Pending Bug 5317
|
||||
fix will make such buffers even more frequent. Existing store_client
|
||||
recipients have varying requirements with regard to empty response
|
||||
buffers, as documented in store_client::finishCallback(). We missed this
|
||||
requirement conflict in Cache Digest code. This fix adjusts Cache
|
||||
Digests code to be compatible with empty StoreIOBuffer representation in
|
||||
current store_client code.
|
||||
---
|
||||
src/peer_digest.cc | 6 +++---
|
||||
1 file changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/peer_digest.cc b/src/peer_digest.cc
|
||||
index e29614afd2c..7d290cc9013 100644
|
||||
--- a/src/peer_digest.cc
|
||||
+++ b/src/peer_digest.cc
|
||||
@@ -349,11 +349,11 @@ peerDigestHandleReply(void *data, StoreIOBuffer receivedData)
|
||||
return;
|
||||
}
|
||||
|
||||
- assert(fetch->pd && receivedData.data);
|
||||
+ assert(fetch->pd);
|
||||
/* The existing code assumes that the received pointer is
|
||||
* where we asked the data to be put
|
||||
*/
|
||||
- assert(fetch->buf + fetch->bufofs == receivedData.data);
|
||||
+ assert(!receivedData.data || fetch->buf + fetch->bufofs == receivedData.data);
|
||||
|
||||
/* Update the buffer size */
|
||||
fetch->bufofs += receivedData.length;
|
||||
@@ -635,7 +635,7 @@ peerDigestFetchedEnough(DigestFetchState * fetch, char *buf, ssize_t size, const
|
||||
}
|
||||
|
||||
/* continue checking (maybe-successful eof case) */
|
||||
- if (!reason && !size) {
|
||||
+ if (!reason && !size && fetch->state != DIGEST_READ_REPLY) {
|
||||
if (!pd->cd)
|
||||
reason = "null digest?!";
|
||||
else if (fetch->mask_offset != pd->cd->mask_size)
|
@ -2,7 +2,7 @@
|
||||
|
||||
Name: squid
|
||||
Version: 4.15
|
||||
Release: 7%{?dist}.5
|
||||
Release: 7%{?dist}.5.alma.1
|
||||
Summary: The Squid proxy caching server
|
||||
Epoch: 7
|
||||
# See CREDITS for breakdown of non GPLv2+ code
|
||||
@ -66,6 +66,8 @@ Patch1008: squid-4.15-CVE-2023-46724.patch
|
||||
Patch1009: squid-4.15-CVE-2023-46728.patch
|
||||
Patch1010: squid-4.15-CVE-2023-49285.patch
|
||||
Patch1011: squid-4.15-CVE-2023-49286.patch
|
||||
# https://github.com/squid-cache/squid/commit/b6c01a2031944125b8cc6974f598c2cd66f0cee4
|
||||
Patch1012: Bug-5318-fetch-pdreceivedData-data.patch
|
||||
|
||||
|
||||
Requires: bash >= 2.0
|
||||
@ -150,6 +152,7 @@ lookup program (dnsserver), a program for retrieving FTP data
|
||||
%patch1009 -p1
|
||||
%patch1010 -p1
|
||||
%patch1011 -p1
|
||||
%patch1012 -p1
|
||||
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1679526
|
||||
# Patch in the vendor documentation and used different location for documentation
|
||||
@ -366,6 +369,10 @@ fi
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Mar 06 2024 Eduard Abdullin <eabdullin@almalinux.org> - 7:4.15-7.5.alma.1
|
||||
- Fix Bug 5318: peer_digest.cc:399: "fetch->pd &&
|
||||
receivedData.data" (#1584)
|
||||
|
||||
* Wed Jan 03 2024 Tianyue Lan <tianyue.lan@oracle.com> - 7:4.15-7.5
|
||||
- Fix squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)
|
||||
- Fix squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)
|
||||
|
Loading…
Reference in New Issue
Block a user