aboutsummaryrefslogtreecommitdiff
path: root/audio/icecast
diff options
context:
space:
mode:
authorMichael Nottebrock <lofi@FreeBSD.org>2004-10-13 23:32:53 +0000
committerMichael Nottebrock <lofi@FreeBSD.org>2004-10-13 23:32:53 +0000
commit8ce861a35fecd86689f47727945d3014e1474030 (patch)
treeaf8d10c4b1f640e282338fb0563e12b1abe5db35 /audio/icecast
parentd2e2005631a04e4f2781093dbffb8930720d14ae (diff)
downloadports-8ce861a35fecd86689f47727945d3014e1474030.tar.gz
ports-8ce861a35fecd86689f47727945d3014e1474030.zip
Fix cross-site scripting vulnerability
(http://www.debian.org/security/2004/dsa-541). Patches obtained from: Debian
Notes
Notes: svn path=/head/; revision=119334
Diffstat (limited to 'audio/icecast')
-rw-r--r--audio/icecast/Makefile2
-rw-r--r--audio/icecast/files/patch-src::avl_functions.c11
-rw-r--r--audio/icecast/files/patch-src::client.c11
-rw-r--r--audio/icecast/files/patch-src::commands.c25
-rw-r--r--audio/icecast/files/patch-src::http.c81
-rw-r--r--audio/icecast/files/patch-src::http.h10
-rw-r--r--audio/icecast/files/patch-src::ice_string.c11
-rw-r--r--audio/icecast/files/patch-src::main.c11
-rw-r--r--audio/icecast/files/patch-src::static.c12
9 files changed, 173 insertions, 1 deletions
diff --git a/audio/icecast/Makefile b/audio/icecast/Makefile
index 2c3eb6f67da2..99f4b9860060 100644
--- a/audio/icecast/Makefile
+++ b/audio/icecast/Makefile
@@ -7,7 +7,7 @@
PORTNAME= icecast
PORTVERSION= 1.3.12
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= audio net
MASTER_SITES= http://www.icecast.org/files/
diff --git a/audio/icecast/files/patch-src::avl_functions.c b/audio/icecast/files/patch-src::avl_functions.c
new file mode 100644
index 000000000000..be7f00fd6051
--- /dev/null
+++ b/audio/icecast/files/patch-src::avl_functions.c
@@ -0,0 +1,11 @@
+--- src/avl_functions.c
++++ src/avl_functions.c
+@@ -307,7 +307,7 @@
+ }
+
+ snprintf(s1, BUFSIZE, "%s:%d", dir1->host, dir1->port);
+- snprintf(s2, "%s:%d", dir2->host, dir2->port);
++ snprintf(s2, BUFSIZE, "%s:%d", dir2->host, dir2->port);
+
+ return compare_strings (s1, s2, param);
+ }
diff --git a/audio/icecast/files/patch-src::client.c b/audio/icecast/files/patch-src::client.c
new file mode 100644
index 000000000000..b38be8cbd1f5
--- /dev/null
+++ b/audio/icecast/files/patch-src::client.c
@@ -0,0 +1,11 @@
+--- src/client.c
++++ src/client.c
+@@ -90,8 +90,6 @@
+
+ extern server_info_t info;
+
+-static void client_send_fake_file (connection_t *con);
+-
+ /* Brand new client. Check what he wants, and either add him to
+ the correct tree of clients (inside a source), or kill him off */
+ void client_login(connection_t *con, char *expr)
diff --git a/audio/icecast/files/patch-src::commands.c b/audio/icecast/files/patch-src::commands.c
new file mode 100644
index 000000000000..5f9ab4bfb4bd
--- /dev/null
+++ b/audio/icecast/files/patch-src::commands.c
@@ -0,0 +1,25 @@
+--- src/commands.c
++++ src/commands.c
+@@ -84,8 +84,8 @@
+ #include "interpreter.h"
+
+ #include <time.h>
++#include <errno.h>
+
+-extern int errno;
+ extern int running;
+ extern server_info_t info;
+ extern mutex_t library_mutex;
+@@ -2884,8 +2884,11 @@
+ time_t before = 0;
+
+ if (!arg || !arg[0])
++ {
+ admin_write_line (req, ADMIN_SHOW_PING_INVALID_SYNTAX, PING_SYNTAX);
+-
++ return 0;
++ }
++
+ host[0] = '\0';
+
+ if (splitc (host, arg, ':') != NULL)
diff --git a/audio/icecast/files/patch-src::http.c b/audio/icecast/files/patch-src::http.c
new file mode 100644
index 000000000000..b2b23087e5c9
--- /dev/null
+++ b/audio/icecast/files/patch-src::http.c
@@ -0,0 +1,81 @@
+--- src/http.c
++++ src/http.c
+@@ -327,7 +327,60 @@
+ }
+
+ char *
+-url_encode (const char *str, char **result_p)
++html_escape (const char *str)
++{
++ const char *p;
++ char *q;
++ char *result;
++ int toescape= 0;
++
++ if (!str) {
++ xa_debug (1, "WARNING: html_escape() called with NULL string");
++ return NULL;
++ }
++
++ for (p = str; *p; p++) {
++ if ((unsigned char) (*p) == '&') toescape+=4;
++ if ((unsigned char) (*p) == '"') toescape+=5;
++ if ((unsigned char) (*p) == '<') toescape+=3;
++ if ((unsigned char) (*p) == '>') toescape+=3;
++ }
++
++ result = (char *) nmalloc (p - str + toescape + 1);
++
++ for (q = result, p = str; *p; p++) {
++ unsigned char a = *p;
++ if (a == '&') {
++ *q++ = '&';
++ *q++ = 'a';
++ *q++ = 'm';
++ *q++ = 'p';
++ *q++ = ';';
++ } else if (a == '"') {
++ *q++ = '&';
++ *q++ = 'q';
++ *q++ = 'u';
++ *q++ = 'o';
++ *q++ = 't';
++ *q++ = ';';
++ } else if (a == '<') {
++ *q++ = '&';
++ *q++ = 'l';
++ *q++ = 't';
++ *q++ = ';';
++ } else if (a == '>') {
++ *q++ = '&';
++ *q++ = 'g';
++ *q++ = 't';
++ *q++ = ';';
++ } else *q++ = *p;
++ }
++ *q++ = 0;
++ return result;
++}
++
++char *
++url_encode (const char *str, char** result_p)
+ {
+ const char *p;
+ char *q;
+@@ -345,7 +398,6 @@
+ unacceptable++;
+
+ result = (char *) nmalloc (p - str + unacceptable + unacceptable + 1);
+-
+ *result_p = result;
+
+ for (q = result, p = str; *p; p++)
+@@ -1336,7 +1388,7 @@
+ add_varpair2 (variables, nstrdup (ident), ice_itoa (i));
+ add_varpair2 (variables, ice_cat (ident, ".id"), ice_itoa (travclients->id));
+ add_varpair2 (variables, ice_cat (ident, ".host"), nstrdup (con_host (travclients)));
+- add_varpair2 (variables, ice_cat (ident, ".user_agent"), nstrdup (get_user_agent (travclients)));
++ add_varpair2 (variables, ice_cat (ident, ".user_agent"), nstrdup (html_escape(get_user_agent (travclients))));
+ add_varpair2 (variables, ice_cat (ident, ".writebytes"), ice_utoa (travclients->food.client->write_bytes));
+ add_varpair2 (variables, ice_cat (ident, ".connecttime"), nstrdup (nice_time (get_time() - travclients->connect_time, buf)));
+ endptr = parse_template_file (clicon, NULL, runptr, fd, variables);
diff --git a/audio/icecast/files/patch-src::http.h b/audio/icecast/files/patch-src::http.h
new file mode 100644
index 000000000000..9e0ba9ec6026
--- /dev/null
+++ b/audio/icecast/files/patch-src::http.h
@@ -0,0 +1,10 @@
+--- src/http.h
++++ src/http.h
+@@ -44,6 +44,7 @@
+ int print_http_variable (vartree_t *request_vars, const char *name, connection_t *clicon, int fd);
+ char *url_encode(const char *string, char **result_p);
+ char *url_decode (const char *string);
++char *html_escape(const char *string);
+ const char *parse_template_file (connection_t *clicon, connection_t *sourcecon, const char *ptr, int fd, vartree_t *variables);
+ int write_template_parsed_html_page (connection_t *clicon, connection_t *sourcecon, const char *template_file, int fd, vartree_t *variables);
+ const char *http_loop_sources (char *ident, connection_t *clicon, const char *ptr, int fd, vartree_t *variables);
diff --git a/audio/icecast/files/patch-src::ice_string.c b/audio/icecast/files/patch-src::ice_string.c
new file mode 100644
index 000000000000..8daba719660a
--- /dev/null
+++ b/audio/icecast/files/patch-src::ice_string.c
@@ -0,0 +1,11 @@
+--- src/ice_string.c
++++ src/ice_string.c
+@@ -334,8 +334,6 @@
+
+ char *safe_strcat(char *dest, const char *src, unsigned int maxsize)
+ {
+- int size = 0;
+-
+ if (!dest || !src) return dest;
+
+ if (ice_strlen(dest) + ice_strlen(src) + 1 >= maxsize) {
diff --git a/audio/icecast/files/patch-src::main.c b/audio/icecast/files/patch-src::main.c
new file mode 100644
index 000000000000..f42a0be38022
--- /dev/null
+++ b/audio/icecast/files/patch-src::main.c
@@ -0,0 +1,11 @@
+--- src/main.c
++++ src/main.c
+@@ -544,7 +544,7 @@
+ directory_server_t *ds;
+ int i;
+ avl_traverser trav = {0};
+- static main_shutting_down = 0;
++ static int main_shutting_down = 0;
+
+ thread_library_lock ();
+ if (!main_shutting_down)
diff --git a/audio/icecast/files/patch-src::static.c b/audio/icecast/files/patch-src::static.c
new file mode 100644
index 000000000000..264fa6403a78
--- /dev/null
+++ b/audio/icecast/files/patch-src::static.c
@@ -0,0 +1,12 @@
+--- src/static.c
++++ src/static.c
+@@ -232,9 +232,7 @@
+ void
+ send_file_to_socket (connection_t *con, char *filename)
+ {
+- struct stat buf;
+ int mp3file;
+- char *suffix;
+ long length;
+ char buff[BUFSIZE];
+