diff options
| author | Anton Luka Šijanec <anton@sijanec.eu> | 2021-10-05 16:10:31 +0200 |
|---|---|---|
| committer | Anton Luka Šijanec <anton@sijanec.eu> | 2021-10-05 16:10:31 +0200 |
| commit | 4225b3ffd98f365dd8e73dd7f9e8b6a0054b5e2a (patch) | |
| tree | 688c7ba72f3921576aaadc4abc2278b5a1d1b0aa | |
| parent | 0.0.15-1 (diff) | |
| download | sear.c-4225b3ffd98f365dd8e73dd7f9e8b6a0054b5e2a.tar sear.c-4225b3ffd98f365dd8e73dd7f9e8b6a0054b5e2a.tar.gz sear.c-4225b3ffd98f365dd8e73dd7f9e8b6a0054b5e2a.tar.bz2 sear.c-4225b3ffd98f365dd8e73dd7f9e8b6a0054b5e2a.tar.lz sear.c-4225b3ffd98f365dd8e73dd7f9e8b6a0054b5e2a.tar.xz sear.c-4225b3ffd98f365dd8e73dd7f9e8b6a0054b5e2a.tar.zst sear.c-4225b3ffd98f365dd8e73dd7f9e8b6a0054b5e2a.zip | |
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | Makefile | 4 | ||||
| -rw-r--r-- | debian/changelog | 13 | ||||
| -rw-r--r-- | src/httpd.c | 15 | ||||
| -rw-r--r-- | src/i18n.h | 7 |
5 files changed, 28 insertions, 12 deletions
@@ -1,3 +1,4 @@ sear.c tmp/ valgrind-out.txt +core @@ -1,5 +1,5 @@ DESTDIR=/ - +CC = cc .NOTPARALLEL: default: mkdir tmp -p @@ -9,7 +9,7 @@ default: echo ', 0' >> tmp/hp.xxd xxd -i < src/osdd.xml > tmp/osdd.xxd echo ', 0' >> tmp/osdd.xxd - gcc -Wall -Wextra -pedantic -Wno-unused-parameter -g -Isrc -Itmp -pthread src/main.c $$(xml2-config --libs --cflags) -lmicrohttpd -lm -osear.c + $(CC) -Wall -Wextra -pedantic -Wno-unused-parameter -g -Isrc -Itmp -pthread src/main.c $$(xml2-config --libs --cflags) -lmicrohttpd -lm -osear.c install: mkdir -p $(DESTDIR)/usr/bin/ diff --git a/debian/changelog b/debian/changelog index 39ba5db..5dcb664 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,19 @@ +sear.c (0.0.16-1) stable; urgency=low + + * fixed a DoS and possibly RCE security vulnerability that was introduced in + 0.0.12 because of not accounting for length of add_form and not accounting + for the added parameter in hp printf format string + * added notice when SC_LOGMEM is disabled for accessing logs and enabling + heap logging + * all users of versions 0.0.12, 0.0.13, 0.0.14 and 0.0.15 must upgrade asap + + -- Anton Luka Šijanec <anton@sijanec.eu> Tue, 05 Oct 2021 16:00:00 +0200 + sear.c (0.0.15-1) stable; urgency=low * fixed osdd inclusion mechanism for firefox browsers, link needed title - -- Anton Luka Šijanec <anton@sijanec.eu> Tue, 21 Sep 2021 14:00:00 +0200 + -- Anton Luka Šijanec <anton@sijanec.eu> Tue, 21 Sep 2021 14:00:00 +0200 sear.c (0.0.14-3) stable; urgency=low diff --git a/src/httpd.c b/src/httpd.c index dfa06db..514f57a 100644 --- a/src/httpd.c +++ b/src/httpd.c @@ -152,16 +152,19 @@ enum MHD_Result sc_httpd (void * cls, sprintf(response, sc_osdd, host); content_type = "application/opensearchdescription+xml"; break; -#ifdef SC_LOGMEM case 'l': /* logs.html */ { +#ifdef SC_LOGMEM char * logshtml = sc_logshtml(c); - response = malloc(strlen((char *) sc_hp)+strlen(SC_I18N_LOGS)+strlen(logshtml ? logshtml : SC_I18N_LOGS_ERROR)); - sprintf(response, (char *) sc_hp, "", "", SC_I18N_LOGS, logshtml ? logshtml : SC_I18N_LOGS_ERROR); + response = malloc(strlen((char *) sc_hp)+strlen(SC_I18N_LOGS)+strlen(logshtml ? logshtml : SC_I18N_LOGS_ERROR)+strlen(add_form)); + sprintf(response, (char *) sc_hp, "", "", add_form, SC_I18N_LOGS, logshtml ? logshtml : SC_I18N_LOGS_ERROR); free(logshtml); +#else + response = malloc(strlen((char *) sc_hp)+strlen(SC_I18N_LOGS_NOT_ENABLED)+strlen(SC_I18N_HP_ERROR_HEADING)+strlen(SC_I18N_LOGS)+strlen(add_form)); + sprintf(response, (char *) sc_hp, SC_I18N_HP_ERROR_HEADING, "", add_form, SC_I18N_LOGS, SC_I18N_LOGS_NOT_ENABLED); +#endif } break; -#endif } if (!response) { response = malloc(strlen((char *) sc_hp)+strlen(SC_I18N_HP_HEADING)+strlen(SC_I18N_HP_BODY)+strlen(add_form)); @@ -187,8 +190,8 @@ retry: sc_query_google(query, c, NULL, opt); if (already_retried++) { char * safequery = htmlspecialchars(query); - response = malloc(strlen((char*) sc_hp)+strlen(safequery)*2+strlen(SC_I18N_HP_ERROR_HEADING)+strlen(SC_I18N_HP_ERROR_BODY)); - sprintf(response, (char *) sc_hp, safequery, safequery, SC_I18N_HP_ERROR_HEADING, SC_I18N_HP_ERROR_BODY); + response = malloc(strlen((char*) sc_hp)+strlen(safequery)*2+strlen(SC_I18N_HP_ERROR_HEADING)+strlen(SC_I18N_HP_ERROR_BODY)+strlen(add_form)); + sprintf(response, (char *) sc_hp, safequery, safequery, add_form, SC_I18N_HP_ERROR_HEADING, SC_I18N_HP_ERROR_BODY); free(safequery); } else goto retry; } @@ -3,7 +3,7 @@ #define SC_I18N_NO_DESCRIPTION "ni opisa" #define SC_I18N_HP_HEADING "dobrodošli na prvo stran <code>sear.c</code>" #define SC_I18N_HP_BODY "<code>sear.c</code> je program za anonimizacijo in predpomnenje rezultatov spletnih iskalnikov. " \ - "Za uporabo nekaj vnesite v iskalno vrstico zgoraj in pritisnite gumb za iskanje." + "Za uporabo nekaj vnesite v iskalno vrstico zgoraj in pritisnite gumb za iskanje." #define SC_I18N_NUMBER_OF_RESULTS "število zadetkov" #define SC_I18N_QUERY_TIME "čas poizvedbe" #define SC_I18N_DATETIME_FORMAT "%c" @@ -12,7 +12,8 @@ #define SC_I18N_FAILED "ni uspelo" #define SC_I18N_HP_ERROR_HEADING "napaka!" #define SC_I18N_HP_ERROR_BODY "Pridobivanje rezultatov ni uspelo. Mogoče ni rezultatov. " \ - "Preberite <a href=/logs.html>dnevniške zapise</a>." + "Preberite sistemske dnevnike." #define SC_I18N_LOGS "dnevniški zapisi" -#define SC_I18N_LOGS_ERROR "napaka pri branju dnevniških datotek" +#define SC_I18N_LOGS_ERROR "napaka pri branju dnevnikov" +#define SC_I18N_LOGS_NOT_ENABLED "Zbiranje dnevniških zapisov v delovni pomnilnik ni omogočeno. <code>sear.c</code> prevedite z <code>make -e CC=\"cc -DSC_LOGMEM\"</code>; z nastavitvijo zastavice <code>SC_LOGMEM</code> omogočite pregled dnevniških zapisov znotraj aplikacije. Vselej pa se vsi dnevniški zapisi pišejo tudi na standardni izhod, kar se v primeru uporabe <code>sear.c</code> kot <code>systemd</code> storitve shranjuje v sistemske dnevnike." #define SC_I18N_GIT_URL "//git.sijanec.eu/sijanec/sear.c" |