From 36f5fa200c2685ff053539184c83f1d909f0da05 Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Fri, 28 Mar 2008 15:13:45 +0000 Subject: [PATCH] Remove inspect-jpegs action. --- ChangeLog | 1 + actionlist.h | 4 +- actions.c | 10 ++- deanimate.c | 117 ++------------------------------- deanimate.h | 10 +-- default.action.master | 5 +- doc/source/user-manual.sgml | 77 ++-------------------- filters.c | 78 ++-------------------- parsers.c | 10 +-- project.h | 12 ++-- regression-tests.action | 19 +----- templates/edit-actions-for-url | 32 ++------- 12 files changed, 52 insertions(+), 323 deletions(-) diff --git a/ChangeLog b/ChangeLog index 568640df..3ece1bc5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -40,6 +40,7 @@ ChangeLog for Privoxy - The obsolete kill-popups action has been removed as the PCRS-based popup filters can do the same and are less unreliable. +- The inspect-jpegs action has been removed. *** Version 3.0.8 *** diff --git a/actionlist.h b/actionlist.h index 69188e37..5bbdc92b 100644 --- a/actionlist.h +++ b/actionlist.h @@ -39,6 +39,9 @@ * * Revisions : * $Log: actionlist.h,v $ + * Revision 1.31 2008/03/27 18:27:20 fabiankeil + * Remove kill-popups action. + * * Revision 1.30 2008/03/04 18:30:34 fabiankeil * Remove the treat-forbidden-connects-like-blocks action. We now * use the "blocked" page for forbidden CONNECT requests by default. @@ -225,7 +228,6 @@ DEFINE_CGI_PARAM_RADIO ("hide-referrer", ACTION_HIDE_REFERER, DEFINE_CGI_PARAM_CUSTOM ("hide-referrer", ACTION_HIDE_REFERER, ACTION_STRING_REFERER, "http://www.privoxy.org/") DEFINE_ACTION_STRING ("hide-user-agent", ACTION_HIDE_USER_AGENT, ACTION_STRING_USER_AGENT) DEFINE_CGI_PARAM_NO_RADIO("hide-user-agent", ACTION_HIDE_USER_AGENT, ACTION_STRING_USER_AGENT, "Privoxy " VERSION) -DEFINE_ACTION_BOOL ("inspect-jpegs", ACTION_JPEG_INSPECT) DEFINE_ACTION_STRING ("limit-connect", ACTION_LIMIT_CONNECT, ACTION_STRING_LIMIT_CONNECT) DEFINE_CGI_PARAM_NO_RADIO("limit-connect", ACTION_LIMIT_CONNECT, ACTION_STRING_LIMIT_CONNECT, "443") DEFINE_ACTION_STRING ("overwrite-last-modified", ACTION_OVERWRITE_LAST_MODIFIED, ACTION_STRING_LAST_MODIFIED) diff --git a/actions.c b/actions.c index 4257acc1..949059a8 100644 --- a/actions.c +++ b/actions.c @@ -1,4 +1,4 @@ -const char actions_rcs[] = "$Id: actions.c,v 1.45 2008/03/24 11:21:02 fabiankeil Exp $"; +const char actions_rcs[] = "$Id: actions.c,v 1.46 2008/03/27 18:27:20 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/actions.c,v $ @@ -33,6 +33,9 @@ const char actions_rcs[] = "$Id: actions.c,v 1.45 2008/03/24 11:21:02 fabiankeil * * Revisions : * $Log: actions.c,v $ + * Revision 1.46 2008/03/27 18:27:20 fabiankeil + * Remove kill-popups action. + * * Revision 1.45 2008/03/24 11:21:02 fabiankeil * Share the action settings for multiple patterns in the same * section so we waste less memory for gigantic block lists @@ -648,8 +651,9 @@ jb_err get_action_token(char **line, char **name, char **value) *********************************************************************/ static int action_used_to_be_valid(const char *action) { - return (0 == strcmpic(action, "treat-forbidden-connects-like-blocks") - || 0 == strcmpic(action, "kill-popups")); + return ((0 == strcmpic(action, "treat-forbidden-connects-like-blocks")) + || (0 == strcmpic(action, "kill-popups")) + || (0 == strcmpic(action, "inspect-jpegs"))); } /********************************************************************* diff --git a/deanimate.c b/deanimate.c index 4e4aaaca..8d0e6878 100644 --- a/deanimate.c +++ b/deanimate.c @@ -1,4 +1,4 @@ -const char deanimate_rcs[] = "$Id: deanimate.c,v 1.16 2007/07/14 08:01:58 fabiankeil Exp $"; +const char deanimate_rcs[] = "$Id: deanimate.c,v 1.17 2007/08/05 13:42:22 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/deanimate.c,v $ @@ -6,11 +6,10 @@ const char deanimate_rcs[] = "$Id: deanimate.c,v 1.16 2007/07/14 08:01:58 fabian * Purpose : Declares functions to manipulate binary images on the * fly. High-level functions include: * - Deanimation of GIF images - * - Fixup of malformed comment block in JPEG headers * * Functions declared include: gif_deanimate, buf_free, - * buf_copy, buf_getbyte, gif_skip_data_block, - * gif_extract_image and jpeg_inspect + * buf_copy, buf_getbyte, gif_skip_data_block + * and gif_extract_image * * Copyright : Written by and Copyright (C) 2001 - 2004, 2006 by the * SourceForge Privoxy team. http://www.privoxy.org/ @@ -40,6 +39,9 @@ const char deanimate_rcs[] = "$Id: deanimate.c,v 1.16 2007/07/14 08:01:58 fabian * * Revisions : * $Log: deanimate.c,v $ + * Revision 1.17 2007/08/05 13:42:22 fabiankeil + * #1763173 from Stefan Huehner: declare some more functions static. + * * Revision 1.16 2007/07/14 08:01:58 fabiankeil * s@failiure@failure@ * @@ -525,113 +527,6 @@ write: } -/********************************************************************* - * - * Function : jpeg_inspect - * - * Description : Checks a jpeg image for an invalid length in a - * comment block (0xFFFE0000 or 0xFFFE0001) and - * changes it to 0xFFFE0002. Defensive strategy - * against the exploit: - * Microsoft Security Bulletin MS04-028 - * Buffer Overrun in JPEG Processing (GDI+) Could - * Allow Code Execution (833987) - * - * Parameters : - * 1 : src = Pointer to the image binbuffer - * - * Returns : 0 on success, or 1 on failure - * - *********************************************************************/ -int jpeg_inspect(struct binbuffer *src, struct binbuffer *dst) -{ - long i; - /* - * We process the image using a simple finite state machine, - * searching for byte patterns. - */ - enum { J_INIT, /* The initial state */ - J_FF, /* Found byte 0xFF */ - J_FE, /* Found bytes 0xFF 0xFE */ - J_00, /* Found bytes 0xFF 0xFE 0x00 */ - J_DA /* - * Found bytes 0xFF 0xDA; short-circuit to done-ness - * since this signals the beginning end of headers. - */ - }; - short state = J_INIT; - unsigned char c; - - if (NULL == src || NULL == dst) - { - return 1; - } - - if (buf_copy(src, dst, src->size)) - { - return 1; - } - - /* Need to search the jpg for patterns: - * 0xFF 0xFE 0x00 0x00 - * or - * 0xFF 0xFE 0x00 0x01 - * from beginning until: - * 0xFF 0xDA - * (or the end of the buffer) - * If found, change the pattern to 0xFF 0xFE 0x00 0x02 - */ - - for (i = 0; i < dst->size; i++) - { - c = dst->buffer[i]; - switch (state) - { - case J_INIT: - if (c == 0xFF) - state = J_FF; - break; - case J_FF: - if (c == 0xDA) - state = J_DA; /* End of headers - we're done with this image. */ - else if (c == 0xFE) - state = J_FE; - else - state = J_INIT; - break; - case J_FE: - if (c == 0x00) - state = J_00; - else - state = J_INIT; - break; - case J_00: - if ((c == 0x00) || (c == 0x01)) - { - dst->buffer[i] = 2; /* Reset comment block size to 2. */ - log_error(LOG_LEVEL_INFO, "JPEG comment exploit removed."); - /* TODO: - * I'm unsure if we can have more than one comment block. Just in case, - * we'll scan the rest of the header for more by going back to J_INIT - * state. If there is no possibility of >1 comment block, we could - * short-circuit to done-ness here. - */ - state = J_INIT; - } - else - state = J_INIT; - break; - default: - break; - } - if (state == J_DA) - break; - } - - return 0; -} - - /* Local Variables: tab-width: 3 diff --git a/deanimate.h b/deanimate.h index 906dcfc3..81a26fd8 100644 --- a/deanimate.h +++ b/deanimate.h @@ -1,6 +1,6 @@ #ifndef DEANIMATE_H_INCLUDED #define DEANIMATE_H_INCLUDED -#define DEANIMATE_H_VERSION "$Id: deanimate.h,v 1.10 2006/07/18 14:48:45 david__schmidt Exp $" +#define DEANIMATE_H_VERSION "$Id: deanimate.h,v 1.11 2007/01/12 15:41:00 fabiankeil Exp $" /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/deanimate.h,v $ @@ -8,10 +8,8 @@ * Purpose : Declares functions to manipulate binary images on the * fly. High-level functions include: * - Deanimation of GIF images - * - Fixup of malformed comment block in JPEG headers * - * Functions declared include: gif_deanimate, buf_free, - * jpeg_inspect + * Functions declared include: gif_deanimate and buf_free. * * * Copyright : Written by and Copyright (C) 2001 - 2004 by the the @@ -44,6 +42,9 @@ * * Revisions : * $Log: deanimate.h,v $ + * Revision 1.11 2007/01/12 15:41:00 fabiankeil + * Remove some white space at EOL. + * * Revision 1.10 2006/07/18 14:48:45 david__schmidt * Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch) * with what was really the latest development (the v_3_0_branch branch) @@ -101,7 +102,6 @@ struct binbuffer * Function prototypes */ extern int gif_deanimate(struct binbuffer *src, struct binbuffer *dst, int get_first_image); -extern int jpeg_inspect(struct binbuffer *src, struct binbuffer *dst); extern void buf_free(struct binbuffer *buf); /* diff --git a/default.action.master b/default.action.master index c963b1ef..a30e2c20 100644 --- a/default.action.master +++ b/default.action.master @@ -9,7 +9,7 @@ # # File : $Source: /cvsroot/ijbswa/current/default.action.master,v $ # -# $Id: default.action.master,v 1.119 2008/03/26 17:42:24 fabiankeil Exp $ +# $Id: default.action.master,v 1.120 2008/03/27 18:27:36 fabiankeil Exp $ # # Requires : This version requires Privoxy v3.0.9 or later due to # syntax changes. @@ -380,9 +380,6 @@ # in which case a "blocked" image can be sent rather than a HTML page. # See +set-image-blocker{} for the control over what is actually sent. # -# +inspect-jpegs -# Scan jpeg headers for malformed comment blocks and correct them. -# # +limit-connect{portlist} # The CONNECT methods exists in HTTP to allow access to secure websites # (https:// URLs) through proxies. It works very simply: The proxy diff --git a/doc/source/user-manual.sgml b/doc/source/user-manual.sgml index a94d1d29..d2f7a6c7 100644 --- a/doc/source/user-manual.sgml +++ b/doc/source/user-manual.sgml @@ -33,7 +33,7 @@ This file belongs into ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/ - $Id: user-manual.sgml,v 2.66 2008/03/06 16:33:47 fabiankeil Exp $ + $Id: user-manual.sgml,v 2.67 2008/03/27 18:31:21 fabiankeil Exp $ Copyright (C) 2001-2008 Privoxy Developers http://www.privoxy.org/ See LICENSE. @@ -59,7 +59,7 @@ -$Id: user-manual.sgml,v 2.66 2008/03/06 16:33:47 fabiankeil Exp $ +$Id: user-manual.sgml,v 2.67 2008/03/27 18:31:21 fabiankeil Exp $ - -inspect-jpegs - - - Typical use: - - Try to protect against a MS buffer over-run in JPEG processing - - - - - Effect: - - - Protect against a known exploit - - - - - - Type: - - - Boolean. - - - - - Parameter: - - - N/A - - - - - - Notes: - - - See Microsoft Security Bulletin MS04-028. JPEG images are one of the most - common image types found across the Internet. The exploit as described can - allow execution of code on the target system, giving an attacker access - to the system in question by merely planting an altered JPEG image, which - would have no obvious indications of what lurks inside. This action - tries to prevent this exploit if delivered through unencrypted HTTP. - - - Note that the exploit mentioned is several years old - and it's unlikely that your client is still vulnerable - against it. This action may be removed in one of the - next releases. - - - - - - - Example usage: - - +inspect-jpegs - - - - - - limit-connect @@ -8467,7 +8399,6 @@ In file: user.action [ View ] [ Edit ][ View ] [ Edit ][ View ] [ Edit ]iob->eod - csp->iob->cur); - - if (NULL == (in = (struct binbuffer *)zalloc(sizeof *in ))) - { - log_error(LOG_LEVEL_DEANIMATE, "failed! (jpeg no mem 1)"); - return NULL; - } - - if (NULL == (out = (struct binbuffer *)zalloc(sizeof *out))) - { - log_error(LOG_LEVEL_DEANIMATE, "failed! (jpeg no mem 2)"); - return NULL; - } - - in->buffer = csp->iob->cur; - in->size = size; - - /* - * Calling jpeg_inspect has the side-effect of creating and - * modifying the image buffer of "out" directly. - */ - if (jpeg_inspect(in, out)) - { - log_error(LOG_LEVEL_DEANIMATE, "failed! (jpeg parsing)"); - freez(in); - buf_free(out); - return(NULL); - - } - else - { - csp->content_length = out->offset; - csp->flags |= CSP_FLAG_MODIFIED; - p = out->buffer; - freez(in); - freez(out); - return(p); - } - -} - - /********************************************************************* * * Function : get_filter_function @@ -2190,11 +2131,6 @@ filter_function_ptr get_filter_function(struct client_state *csp) { filter_function = gif_deanimate_response; } - else if ((csp->content_type & CT_JPEG) && - (csp->action->flags & ACTION_JPEG_INSPECT)) - { - filter_function = jpeg_inspect_response; - } return filter_function; } @@ -2733,7 +2669,7 @@ inline int content_filters_enabled(const struct client_state *csp) { return (((csp->rlist != NULL) && (!list_is_empty(csp->action->multi[ACTION_MULTI_FILTER]))) || - (csp->action->flags & (ACTION_DEANIMATE|ACTION_JPEG_INSPECT))); + (csp->action->flags & ACTION_DEANIMATE)); } /* diff --git a/parsers.c b/parsers.c index f9ff2b0b..3b08cf91 100644 --- a/parsers.c +++ b/parsers.c @@ -1,4 +1,4 @@ -const char parsers_rcs[] = "$Id: parsers.c,v 1.120 2008/01/04 17:43:45 fabiankeil Exp $"; +const char parsers_rcs[] = "$Id: parsers.c,v 1.121 2008/01/05 21:37:03 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/parsers.c,v $ @@ -44,6 +44,10 @@ const char parsers_rcs[] = "$Id: parsers.c,v 1.120 2008/01/04 17:43:45 fabiankei * * Revisions : * $Log: parsers.c,v $ + * Revision 1.121 2008/01/05 21:37:03 fabiankeil + * Let client_range() also handle Request-Range headers + * which apparently are still supported by many servers. + * * Revision 1.120 2008/01/04 17:43:45 fabiankeil * Improve the warning messages that get logged if the action files * "enable" filters but no filters of that type have been loaded. @@ -2208,10 +2212,6 @@ static jb_err server_content_type(struct client_state *csp, char **header) { csp->content_type |= CT_GIF; } - else if (strstr(*header, "image/jpeg")) - { - csp->content_type |= CT_JPEG; - } } /* diff --git a/project.h b/project.h index 52321e06..592181e5 100644 --- a/project.h +++ b/project.h @@ -1,7 +1,7 @@ #ifndef PROJECT_H_INCLUDED #define PROJECT_H_INCLUDED /** Version string. */ -#define PROJECT_H_VERSION "$Id: project.h,v 1.107 2008/03/26 18:07:08 fabiankeil Exp $" +#define PROJECT_H_VERSION "$Id: project.h,v 1.108 2008/03/27 18:27:36 fabiankeil Exp $" /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/project.h,v $ @@ -37,6 +37,9 @@ * * Revisions : * $Log: project.h,v $ + * Revision 1.108 2008/03/27 18:27:36 fabiankeil + * Remove kill-popups action. + * * Revision 1.107 2008/03/26 18:07:08 fabiankeil * Add hostname directive. Closes PR#1918189. * @@ -990,7 +993,6 @@ struct iob #define CT_TEXT 0x0001U /**< Suitable for pcrs filtering. */ #define CT_GIF 0x0002U /**< Suitable for GIF filtering. */ #define CT_TABOO 0x0004U /**< DO NOT filter, irrespective of other flags. */ -#define CT_JPEG 0x0008U /**< Suitable for JPEG filtering. */ /* Although these are not, strictly speaking, content types * (they are content encodings), it is simple to handle them @@ -1050,8 +1052,8 @@ struct iob #define ACTION_VANILLA_WAFER 0x00008000UL /** Action bitmap: Limit CONNECT requests to safe ports. */ #define ACTION_LIMIT_CONNECT 0x00010000UL -/** Action bitmap: Inspect if it's a JPEG. */ -#define ACTION_JPEG_INSPECT 0x00020000UL +/** Action bitmap: Redirect request. */ +#define ACTION_REDIRECT 0x00020000UL /** Action bitmap: Crunch or modify "if-modified-since" header. */ #define ACTION_HIDE_IF_MODIFIED_SINCE 0x00040000UL /** Action bitmap: Overwrite Content-Type header. */ @@ -1072,8 +1074,6 @@ struct iob #define ACTION_HIDE_ACCEPT_LANGUAGE 0x04000000UL /** Action bitmap: Block as empty document */ #define ACTION_HANDLE_AS_EMPTY_DOCUMENT 0x08000000UL -/** Action bitmap: Redirect request. */ -#define ACTION_REDIRECT 0x10000000UL /** Action string index: How to deanimate GIFs */ diff --git a/regression-tests.action b/regression-tests.action index a17d7d34..ca4830e7 100644 --- a/regression-tests.action +++ b/regression-tests.action @@ -1,5 +1,5 @@ ############################################################################# -# $Id: regression-tests.action,v 1.60 2008/03/27 07:46:54 fk Exp $ +# $Id: regression-tests.action,v 1.62 2008/03/28 08:42:51 fk Exp $ ############################################################################# # # This is a configuration file for Privoxy-Regression-Test. @@ -403,7 +403,6 @@ TAG:^send-vanilla-wafer$ {\ +deanimate-gifs{last} \ -filter \ - -inspect-jpegs \ } TAG:^deanimate-gifs\{last\}$ @@ -416,20 +415,6 @@ TAG:^deanimate-gifs\{last\}$ {\ -deanimate-gifs \ +filter{banners-by-size} \ - -inspect-jpegs \ -} -TAG:^filter\{banners-by-size\}$ - -# Set Header = Range: bytes=1234-5678 -# Expect Header = REMOVAL -# Set Header = If-Range: bytes=1234-5678 -# Expect Header = REMOVAL -# Set Header = Request-Range: bytes=1234-5678 -# Expect Header = REMOVAL -{\ - -deanimate-gifs \ - -filter \ - +inspect-jpegs \ } TAG:^filter\{banners-by-size\}$ @@ -442,8 +427,6 @@ TAG:^filter\{banners-by-size\}$ {\ -deanimate-gifs \ -filter \ - -inspect-jpegs \ - -kill-popups \ } TAG:^no-content-filter$ diff --git a/templates/edit-actions-for-url b/templates/edit-actions-for-url index a3e10970..477efdcf 100644 --- a/templates/edit-actions-for-url +++ b/templates/edit-actions-for-url @@ -32,6 +32,11 @@ # # Revisions : # $Log: edit-actions-for-url,v $ +# Revision 1.52 2008/03/15 14:52:36 fabiankeil +# Add CGI editor support for the "disable all filters of this type" +# directives "-client-header-filter", "-server-header-filter", +# "-client-header-tagger" and "-server-header-tagger". +# # Revision 1.51 2008/03/07 16:46:49 fabiankeil # Reword limit-connect{} entry. # @@ -1132,33 +1137,6 @@ function show_send_wafer_opts(tf) - - - - - inspect-jpegs - Checks jpeg images for malicious content. - - - - - - kill-popups - Filter the website through a built-in filter to disable many JavaScript - pop-up windows. Not recommended. -