- The obsolete kill-popups action has been removed as the
PCRS-based popup filters can do the same and are less
unreliable.
+- The inspect-jpegs action has been removed.
*** Version 3.0.8 ***
*
* Revisions :
* $Log: actionlist.h,v $
+ * Revision 1.31 2008/03/27 18:27:20 fabiankeil
+ * Remove kill-popups action.
+ *
* Revision 1.30 2008/03/04 18:30:34 fabiankeil
* Remove the treat-forbidden-connects-like-blocks action. We now
* use the "blocked" page for forbidden CONNECT requests by default.
DEFINE_CGI_PARAM_CUSTOM ("hide-referrer", ACTION_HIDE_REFERER, ACTION_STRING_REFERER, "http://www.privoxy.org/")
DEFINE_ACTION_STRING ("hide-user-agent", ACTION_HIDE_USER_AGENT, ACTION_STRING_USER_AGENT)
DEFINE_CGI_PARAM_NO_RADIO("hide-user-agent", ACTION_HIDE_USER_AGENT, ACTION_STRING_USER_AGENT, "Privoxy " VERSION)
-DEFINE_ACTION_BOOL ("inspect-jpegs", ACTION_JPEG_INSPECT)
DEFINE_ACTION_STRING ("limit-connect", ACTION_LIMIT_CONNECT, ACTION_STRING_LIMIT_CONNECT)
DEFINE_CGI_PARAM_NO_RADIO("limit-connect", ACTION_LIMIT_CONNECT, ACTION_STRING_LIMIT_CONNECT, "443")
DEFINE_ACTION_STRING ("overwrite-last-modified", ACTION_OVERWRITE_LAST_MODIFIED, ACTION_STRING_LAST_MODIFIED)
-const char actions_rcs[] = "$Id: actions.c,v 1.45 2008/03/24 11:21:02 fabiankeil Exp $";
+const char actions_rcs[] = "$Id: actions.c,v 1.46 2008/03/27 18:27:20 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/actions.c,v $
*
* Revisions :
* $Log: actions.c,v $
+ * Revision 1.46 2008/03/27 18:27:20 fabiankeil
+ * Remove kill-popups action.
+ *
* Revision 1.45 2008/03/24 11:21:02 fabiankeil
* Share the action settings for multiple patterns in the same
* section so we waste less memory for gigantic block lists
*********************************************************************/
static int action_used_to_be_valid(const char *action)
{
- return (0 == strcmpic(action, "treat-forbidden-connects-like-blocks")
- || 0 == strcmpic(action, "kill-popups"));
+ return ((0 == strcmpic(action, "treat-forbidden-connects-like-blocks"))
+ || (0 == strcmpic(action, "kill-popups"))
+ || (0 == strcmpic(action, "inspect-jpegs")));
}
/*********************************************************************
-const char deanimate_rcs[] = "$Id: deanimate.c,v 1.16 2007/07/14 08:01:58 fabiankeil Exp $";
+const char deanimate_rcs[] = "$Id: deanimate.c,v 1.17 2007/08/05 13:42:22 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/deanimate.c,v $
* Purpose : Declares functions to manipulate binary images on the
* fly. High-level functions include:
* - Deanimation of GIF images
- * - Fixup of malformed comment block in JPEG headers
*
* Functions declared include: gif_deanimate, buf_free,
- * buf_copy, buf_getbyte, gif_skip_data_block,
- * gif_extract_image and jpeg_inspect
+ * buf_copy, buf_getbyte, gif_skip_data_block
+ * and gif_extract_image
*
* Copyright : Written by and Copyright (C) 2001 - 2004, 2006 by the
* SourceForge Privoxy team. http://www.privoxy.org/
*
* Revisions :
* $Log: deanimate.c,v $
+ * Revision 1.17 2007/08/05 13:42:22 fabiankeil
+ * #1763173 from Stefan Huehner: declare some more functions static.
+ *
* Revision 1.16 2007/07/14 08:01:58 fabiankeil
* s@failiure@failure@
*
}
-/*********************************************************************
- *
- * Function : jpeg_inspect
- *
- * Description : Checks a jpeg image for an invalid length in a
- * comment block (0xFFFE0000 or 0xFFFE0001) and
- * changes it to 0xFFFE0002. Defensive strategy
- * against the exploit:
- * Microsoft Security Bulletin MS04-028
- * Buffer Overrun in JPEG Processing (GDI+) Could
- * Allow Code Execution (833987)
- *
- * Parameters :
- * 1 : src = Pointer to the image binbuffer
- *
- * Returns : 0 on success, or 1 on failure
- *
- *********************************************************************/
-int jpeg_inspect(struct binbuffer *src, struct binbuffer *dst)
-{
- long i;
- /*
- * We process the image using a simple finite state machine,
- * searching for byte patterns.
- */
- enum { J_INIT, /* The initial state */
- J_FF, /* Found byte 0xFF */
- J_FE, /* Found bytes 0xFF 0xFE */
- J_00, /* Found bytes 0xFF 0xFE 0x00 */
- J_DA /*
- * Found bytes 0xFF 0xDA; short-circuit to done-ness
- * since this signals the beginning end of headers.
- */
- };
- short state = J_INIT;
- unsigned char c;
-
- if (NULL == src || NULL == dst)
- {
- return 1;
- }
-
- if (buf_copy(src, dst, src->size))
- {
- return 1;
- }
-
- /* Need to search the jpg for patterns:
- * 0xFF 0xFE 0x00 0x00
- * or
- * 0xFF 0xFE 0x00 0x01
- * from beginning until:
- * 0xFF 0xDA
- * (or the end of the buffer)
- * If found, change the pattern to 0xFF 0xFE 0x00 0x02
- */
-
- for (i = 0; i < dst->size; i++)
- {
- c = dst->buffer[i];
- switch (state)
- {
- case J_INIT:
- if (c == 0xFF)
- state = J_FF;
- break;
- case J_FF:
- if (c == 0xDA)
- state = J_DA; /* End of headers - we're done with this image. */
- else if (c == 0xFE)
- state = J_FE;
- else
- state = J_INIT;
- break;
- case J_FE:
- if (c == 0x00)
- state = J_00;
- else
- state = J_INIT;
- break;
- case J_00:
- if ((c == 0x00) || (c == 0x01))
- {
- dst->buffer[i] = 2; /* Reset comment block size to 2. */
- log_error(LOG_LEVEL_INFO, "JPEG comment exploit removed.");
- /* TODO:
- * I'm unsure if we can have more than one comment block. Just in case,
- * we'll scan the rest of the header for more by going back to J_INIT
- * state. If there is no possibility of >1 comment block, we could
- * short-circuit to done-ness here.
- */
- state = J_INIT;
- }
- else
- state = J_INIT;
- break;
- default:
- break;
- }
- if (state == J_DA)
- break;
- }
-
- return 0;
-}
-
-
/*
Local Variables:
tab-width: 3
#ifndef DEANIMATE_H_INCLUDED
#define DEANIMATE_H_INCLUDED
-#define DEANIMATE_H_VERSION "$Id: deanimate.h,v 1.10 2006/07/18 14:48:45 david__schmidt Exp $"
+#define DEANIMATE_H_VERSION "$Id: deanimate.h,v 1.11 2007/01/12 15:41:00 fabiankeil Exp $"
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/deanimate.h,v $
* Purpose : Declares functions to manipulate binary images on the
* fly. High-level functions include:
* - Deanimation of GIF images
- * - Fixup of malformed comment block in JPEG headers
*
- * Functions declared include: gif_deanimate, buf_free,
- * jpeg_inspect
+ * Functions declared include: gif_deanimate and buf_free.
*
*
* Copyright : Written by and Copyright (C) 2001 - 2004 by the the
*
* Revisions :
* $Log: deanimate.h,v $
+ * Revision 1.11 2007/01/12 15:41:00 fabiankeil
+ * Remove some white space at EOL.
+ *
* Revision 1.10 2006/07/18 14:48:45 david__schmidt
* Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
* with what was really the latest development (the v_3_0_branch branch)
* Function prototypes
*/
extern int gif_deanimate(struct binbuffer *src, struct binbuffer *dst, int get_first_image);
-extern int jpeg_inspect(struct binbuffer *src, struct binbuffer *dst);
extern void buf_free(struct binbuffer *buf);
/*
#
# File : $Source: /cvsroot/ijbswa/current/default.action.master,v $
#
-# $Id: default.action.master,v 1.119 2008/03/26 17:42:24 fabiankeil Exp $
+# $Id: default.action.master,v 1.120 2008/03/27 18:27:36 fabiankeil Exp $
#
# Requires : This version requires Privoxy v3.0.9 or later due to
# syntax changes.
# in which case a "blocked" image can be sent rather than a HTML page.
# See +set-image-blocker{} for the control over what is actually sent.
#
-# +inspect-jpegs
-# Scan jpeg headers for malformed comment blocks and correct them.
-#
# +limit-connect{portlist}
# The CONNECT methods exists in HTTP to allow access to secure websites
# (https:// URLs) through proxies. It works very simply: The proxy
This file belongs into
ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
- $Id: user-manual.sgml,v 2.66 2008/03/06 16:33:47 fabiankeil Exp $
+ $Id: user-manual.sgml,v 2.67 2008/03/27 18:31:21 fabiankeil Exp $
Copyright (C) 2001-2008 Privoxy Developers http://www.privoxy.org/
See LICENSE.
</subscript>
</pubdate>
-<pubdate>$Id: user-manual.sgml,v 2.66 2008/03/06 16:33:47 fabiankeil Exp $</pubdate>
+<pubdate>$Id: user-manual.sgml,v 2.67 2008/03/27 18:31:21 fabiankeil Exp $</pubdate>
<!--
</sect3>
-<!-- ~~~~~ New section ~~~~~ -->
-<sect3 renderas="sect4" id="inspect-jpegs">
-<title>inspect-jpegs</title>
-<variablelist>
- <varlistentry>
- <term>Typical use:</term>
- <listitem>
- <para>Try to protect against a MS buffer over-run in JPEG processing</para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>Effect:</term>
- <listitem>
- <para>
- Protect against a known exploit
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>Type:</term>
- <!-- Boolean, Parameterized, Multi-value -->
- <listitem>
- <para>Boolean.</para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>Parameter:</term>
- <listitem>
- <para>
- N/A
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>Notes:</term>
- <listitem>
- <para>
- See Microsoft Security Bulletin MS04-028. JPEG images are one of the most
- common image types found across the Internet. The exploit as described can
- allow execution of code on the target system, giving an attacker access
- to the system in question by merely planting an altered JPEG image, which
- would have no obvious indications of what lurks inside. This action
- tries to prevent this exploit if delivered through unencrypted HTTP.
- </para>
- <para>
- Note that the exploit mentioned is several years old
- and it's unlikely that your client is still vulnerable
- against it. This action may be removed in one of the
- next releases.
- </para>
-
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>Example usage:</term>
- <listitem>
- <para><screen>+inspect-jpegs</screen></para>
- </listitem>
- </varlistentry>
-</variablelist>
-</sect3>
-
-
<!-- ~~~~~ New section ~~~~~ -->
<sect3 renderas="sect4" id="limit-connect">
<title>limit-connect</title>
-hide-if-modified-since
+hide-referrer {forge}
-hide-user-agent
- -inspect-jpegs
-limit-connect
-overwrite-last-modified
-prevent-compression
+hide-from-header{block}
+hide-referer{forge}
-hide-user-agent
- -inspect-jpegs
-overwrite-last-modified
+prevent-compression
-redirect
USA
$Log: user-manual.sgml,v $
+ Revision 2.67 2008/03/27 18:31:21 fabiankeil
+ Remove kill-popups action.
+
Revision 2.66 2008/03/06 16:33:47 fabiankeil
If limit-connect isn't used, don't limit CONNECT requests to port 443.
-const char filters_rcs[] = "$Id: filters.c,v 1.103 2008/03/06 16:33:45 fabiankeil Exp $";
+const char filters_rcs[] = "$Id: filters.c,v 1.104 2008/03/27 18:27:24 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/filters.c,v $
* `filter_popups', `forward_url', 'redirect_url',
* `ij_untrusted_url', `intercept_url', `pcrs_filter_respose',
* `ijb_send_banner', `trust_url', `gif_deanimate_response',
- * `jpeg_inspect_response', `execute_single_pcrs_command',
- * `rewrite_url', `get_last_url'
+ * `execute_single_pcrs_command', `rewrite_url',
+ * `get_last_url'
*
* Copyright : Written by and Copyright (C) 2001, 2004-2008 the SourceForge
* Privoxy team. http://www.privoxy.org/
*
* Revisions :
* $Log: filters.c,v $
+ * Revision 1.104 2008/03/27 18:27:24 fabiankeil
+ * Remove kill-popups action.
+ *
* Revision 1.103 2008/03/06 16:33:45 fabiankeil
* If limit-connect isn't used, don't limit CONNECT requests to port 443.
*
}
-/*********************************************************************
- *
- * Function : jpeg_inspect_response
- *
- * Description :
- *
- * Parameters :
- * 1 : csp = Current client state (buffers, headers, etc...)
- *
- * Returns : a pointer to the (newly allocated) modified buffer
- * or NULL in case something went wrong.
- *
- *********************************************************************/
-static char *jpeg_inspect_response(struct client_state *csp)
-{
- struct binbuffer *in = NULL;
- struct binbuffer *out = NULL;
- char *p = NULL;
- size_t size;
-
- size = (size_t)(csp->iob->eod - csp->iob->cur);
-
- if (NULL == (in = (struct binbuffer *)zalloc(sizeof *in )))
- {
- log_error(LOG_LEVEL_DEANIMATE, "failed! (jpeg no mem 1)");
- return NULL;
- }
-
- if (NULL == (out = (struct binbuffer *)zalloc(sizeof *out)))
- {
- log_error(LOG_LEVEL_DEANIMATE, "failed! (jpeg no mem 2)");
- return NULL;
- }
-
- in->buffer = csp->iob->cur;
- in->size = size;
-
- /*
- * Calling jpeg_inspect has the side-effect of creating and
- * modifying the image buffer of "out" directly.
- */
- if (jpeg_inspect(in, out))
- {
- log_error(LOG_LEVEL_DEANIMATE, "failed! (jpeg parsing)");
- freez(in);
- buf_free(out);
- return(NULL);
-
- }
- else
- {
- csp->content_length = out->offset;
- csp->flags |= CSP_FLAG_MODIFIED;
- p = out->buffer;
- freez(in);
- freez(out);
- return(p);
- }
-
-}
-
-
/*********************************************************************
*
* Function : get_filter_function
{
filter_function = gif_deanimate_response;
}
- else if ((csp->content_type & CT_JPEG) &&
- (csp->action->flags & ACTION_JPEG_INSPECT))
- {
- filter_function = jpeg_inspect_response;
- }
return filter_function;
}
{
return (((csp->rlist != NULL) &&
(!list_is_empty(csp->action->multi[ACTION_MULTI_FILTER]))) ||
- (csp->action->flags & (ACTION_DEANIMATE|ACTION_JPEG_INSPECT)));
+ (csp->action->flags & ACTION_DEANIMATE));
}
/*
-const char parsers_rcs[] = "$Id: parsers.c,v 1.120 2008/01/04 17:43:45 fabiankeil Exp $";
+const char parsers_rcs[] = "$Id: parsers.c,v 1.121 2008/01/05 21:37:03 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/parsers.c,v $
*
* Revisions :
* $Log: parsers.c,v $
+ * Revision 1.121 2008/01/05 21:37:03 fabiankeil
+ * Let client_range() also handle Request-Range headers
+ * which apparently are still supported by many servers.
+ *
* Revision 1.120 2008/01/04 17:43:45 fabiankeil
* Improve the warning messages that get logged if the action files
* "enable" filters but no filters of that type have been loaded.
{
csp->content_type |= CT_GIF;
}
- else if (strstr(*header, "image/jpeg"))
- {
- csp->content_type |= CT_JPEG;
- }
}
/*
#ifndef PROJECT_H_INCLUDED
#define PROJECT_H_INCLUDED
/** Version string. */
-#define PROJECT_H_VERSION "$Id: project.h,v 1.107 2008/03/26 18:07:08 fabiankeil Exp $"
+#define PROJECT_H_VERSION "$Id: project.h,v 1.108 2008/03/27 18:27:36 fabiankeil Exp $"
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/project.h,v $
*
* Revisions :
* $Log: project.h,v $
+ * Revision 1.108 2008/03/27 18:27:36 fabiankeil
+ * Remove kill-popups action.
+ *
* Revision 1.107 2008/03/26 18:07:08 fabiankeil
* Add hostname directive. Closes PR#1918189.
*
#define CT_TEXT 0x0001U /**< Suitable for pcrs filtering. */
#define CT_GIF 0x0002U /**< Suitable for GIF filtering. */
#define CT_TABOO 0x0004U /**< DO NOT filter, irrespective of other flags. */
-#define CT_JPEG 0x0008U /**< Suitable for JPEG filtering. */
/* Although these are not, strictly speaking, content types
* (they are content encodings), it is simple to handle them
#define ACTION_VANILLA_WAFER 0x00008000UL
/** Action bitmap: Limit CONNECT requests to safe ports. */
#define ACTION_LIMIT_CONNECT 0x00010000UL
-/** Action bitmap: Inspect if it's a JPEG. */
-#define ACTION_JPEG_INSPECT 0x00020000UL
+/** Action bitmap: Redirect request. */
+#define ACTION_REDIRECT 0x00020000UL
/** Action bitmap: Crunch or modify "if-modified-since" header. */
#define ACTION_HIDE_IF_MODIFIED_SINCE 0x00040000UL
/** Action bitmap: Overwrite Content-Type header. */
#define ACTION_HIDE_ACCEPT_LANGUAGE 0x04000000UL
/** Action bitmap: Block as empty document */
#define ACTION_HANDLE_AS_EMPTY_DOCUMENT 0x08000000UL
-/** Action bitmap: Redirect request. */
-#define ACTION_REDIRECT 0x10000000UL
/** Action string index: How to deanimate GIFs */
#############################################################################
-# $Id: regression-tests.action,v 1.60 2008/03/27 07:46:54 fk Exp $
+# $Id: regression-tests.action,v 1.62 2008/03/28 08:42:51 fk Exp $
#############################################################################
#
# This is a configuration file for Privoxy-Regression-Test.
{\
+deanimate-gifs{last} \
-filter \
- -inspect-jpegs \
}
TAG:^deanimate-gifs\{last\}$
{\
-deanimate-gifs \
+filter{banners-by-size} \
- -inspect-jpegs \
-}
-TAG:^filter\{banners-by-size\}$
-
-# Set Header = Range: bytes=1234-5678
-# Expect Header = REMOVAL
-# Set Header = If-Range: bytes=1234-5678
-# Expect Header = REMOVAL
-# Set Header = Request-Range: bytes=1234-5678
-# Expect Header = REMOVAL
-{\
- -deanimate-gifs \
- -filter \
- +inspect-jpegs \
}
TAG:^filter\{banners-by-size\}$
{\
-deanimate-gifs \
-filter \
- -inspect-jpegs \
- -kill-popups \
}
TAG:^no-content-filter$
#
# Revisions :
# $Log: edit-actions-for-url,v $
+# Revision 1.52 2008/03/15 14:52:36 fabiankeil
+# Add CGI editor support for the "disable all filters of this type"
+# directives "-client-header-filter", "-server-header-filter",
+# "-client-header-tagger" and "-server-header-tagger".
+#
# Revision 1.51 2008/03/07 16:46:49 fabiankeil
# Reword limit-connect{} entry.
#
<input type="text" name="hide_user_agent_mode" size="40"
value="@hide-user-agent-param@"></td>
</tr>
- <tr class="bg1" align="left" valign="top">
- <td class="en1" align="center" valign="middle"><input type="radio"
- name="inspect_jpegs" value="Y" @inspect-jpegs-y@
- ></td>
- <td class="dis1" align="center" valign="middle"><input type="radio"
- name="inspect_jpegs" value="N" @inspect-jpegs-n@
- ></td>
- <td class="noc1" align="center" valign="middle"><input type="radio"
- name="inspect_jpegs" value="X" @inspect-jpegs-x@
- ></td>
- <td class="action"><a href="@user-manual@@actions-help-prefix@INSPECT-JPEGS">inspect-jpegs</a></td>
- <td>Checks jpeg images for malicious content.</td>
- </tr>
- <tr class="bg1" align="left" valign="top">
- <td class="en1" align="center" valign="middle"><input type="radio"
- name="kill_popups" value="Y" @kill-popups-y@
- ></td>
- <td class="dis1" align="center" valign="middle"><input type="radio"
- name="kill_popups" value="N" @kill-popups-n@
- ></td>
- <td class="noc1" align="center" valign="middle"><input type="radio"
- name="kill_popups" value="X" @kill-popups-x@
- ></td>
- <td class="action"><a href="@user-manual@@actions-help-prefix@KILL-POPUPS">kill-popups</a></td>
- <td>Filter the website through a built-in filter to disable many JavaScript
- pop-up windows. Not recommended.</td>
- </tr>
<tr class="bg1" align="left" valign="top">
<td class="en1" align="center" valign="middle"><input type="radio"
name="limit_connect" id="limit_connect_y" value="Y" @limit-connect-y@
projects / privoxy.git / commitdiff