Work around a buffer overflow that caused Privoxy to

segfault if too many trusted referrers were used. Good
enough for now, but should be replaced with a real
solution after the next release.

diff --git a/loaders.c b/loaders.c
index d679070..2346335 100644 (file)
--- a/loaders.c
+++ b/loaders.c
@@ -1,7 +1,7 @@
-const char loaders_rcs[] = "$Id: loaders.c,v 1.50.2.8 2006/01/30 15:16:25 david__schmidt Exp $";
+const char loaders_rcs[] = "$Id: loaders.c,v 1.52 2006/07/18 14:48:46 david__schmidt Exp $";
 /*********************************************************************
  *
- * File        :  $Source: /cvsroot/ijbswa/current/Attic/loaders.c,v $
+ * File        :  $Source: /cvsroot/ijbswa/current/loaders.c,v $
  *
  * Purpose     :  Functions to load and unload the various
  *                configuration files.  Also contains code to manage
@@ -35,6 +35,10 @@ const char loaders_rcs[] = "$Id: loaders.c,v 1.50.2.8 2006/01/30 15:16:25 david_
  *
  * Revisions   :
  *    $Log: loaders.c,v $
+ *    Revision 1.52  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
  *    Revision 1.50.2.8  2006/01/30 15:16:25  david__schmidt
  *    Remove a little residual debugging info
  *
@@ -1096,6 +1100,7 @@ int load_trustfile(struct client_state *csp)
    int reject, trusted;
    struct file_list *fs;
    unsigned long linenum = 0;
+   int trusted_referrers = 0;
 
    if (!check_file_changed(current_trustfile, csp->config->trustfile, &fs))
    {
@@ -1177,8 +1182,24 @@ int load_trustfile(struct client_state *csp)
        */
       if (trusted)
       {
-         *tl++ = b->url;
-         /* FIXME BUFFER OVERFLOW if >=64 entries */
+         if(++trusted_referrers < MAX_TRUSTED_REFERRERS)
+         {
+            *tl++ = b->url;
+         }
+         else
+         {
+           /*
+            * FIXME: csp->config->trust_list is only needed 
+            * to print the trusted referrers in Privoxy's blocking
+            * message. Not printing all of them is certainly better
+            * than writing them into memory that doesn't belong to us,
+            * but when Privoxy 3.0.4 is out, we should look for a real
+            * solution. 
+            */
+            log_error(LOG_LEVEL_ERROR,
+              "Too many trusted referrers, %s will not show up in the blocking message.",
+              *b->url);
+         }
       }
    }
 

diff --git a/project.h b/project.h
index fe3cfee..576e508 100644 (file)
--- a/project.h
+++ b/project.h
@@ -1,7 +1,7 @@
 #ifndef PROJECT_H_INCLUDED
 #define PROJECT_H_INCLUDED
 /** Version string. */
-#define PROJECT_H_VERSION "$Id: project.h,v 1.76 2006/08/14 08:25:19 fabiankeil Exp $"
+#define PROJECT_H_VERSION "$Id: project.h,v 1.77 2006/08/21 12:50:51 david__schmidt Exp $"
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/project.h,v $
@@ -37,6 +37,9 @@
  *
  * Revisions   :
  *    $Log: project.h,v $
+ *    Revision 1.77  2006/08/21 12:50:51  david__schmidt
+ *    Formatting cleanup
+ *
  *    Revision 1.76  2006/08/14 08:25:19  fabiankeil
  *    Split filter-headers{} into filter-client-headers{}
  *    and filter-server-headers{}.
@@ -1276,6 +1279,12 @@ struct block_spec
    struct block_spec *next;  /**< Next entry in linked list    */
 };
 
+/**
+ * Arbitrary limit for the number of trusted referrers
+ * Privoxy can print in its blocking message.
+ */
+#define MAX_TRUSTED_REFERRERS 64
+
 #endif /* def FEATURE_TRUST */
 
 
@@ -1457,7 +1466,7 @@ struct configuration_spec
    struct list trust_info[1];
 
    /** FIXME: DOCME: Document this. */
-   struct url_spec *trust_list[64];
+   struct url_spec *trust_list[MAX_TRUSTED_REFERRERS];
 
 #endif /* def FEATURE_TRUST */