diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..7491249 --- /dev/null +++ b/.gitignore @@ -0,0 +1,74 @@ +*~ +*.a +aclocal +aclocal.m4 +autoconf.h +autom4te* +autom4te.cache +cfgaux +config.* +config.guess +config.h +config.log +config.status +config.sub +configure +.deps +.dirstamp +ID +install-sh +*.la +.libs +libtool +*.lo +*.swp +ltmain.sh +Makefile +merge.log +missing +*.o +scripts/RunAccel +scripts/RunCache +src/cf.data +src/cf_gen_defines.h +src/cf_parser.h +src/repl_modules.cc +src/squid.conf.default +stamp-h1 +tags +doc/cachemgr.cgi.8 +doc/squid.8 +helpers/digest_auth/password/digest_pw_auth +helpers/external_acl/ip_user/ip_user_check +helpers/external_acl/unix_group/squid_unix_group +src/DiskIO/DiskDaemon/diskd +src/cf_gen +*.lo +src/DiskIO/DiskDaemon/diskd +src/cf_gen +*.la +src/squid +src/ufsdump +tools/cachemgr.cgi +tools/squidclient +errors/translate-warn +helpers/basic_auth/DB/squid_db_auth +helpers/basic_auth/DB/squid_db_auth.8 +helpers/basic_auth/LDAP/squid_ldap_auth +helpers/basic_auth/MSNT/msnt_auth +helpers/basic_auth/NCSA/ncsa_auth +helpers/basic_auth/PAM/pam_auth +helpers/basic_auth/SMB/smb_auth +helpers/basic_auth/YP/yp_auth +helpers/basic_auth/getpwnam/getpwname_auth +helpers/basic_auth/squid_radius_auth/squid_radius_auth +helpers/negotiate_auth/squid_kerb_auth/ska_config.h +src/DiskIO/DiskIOModules_gen.cc +src/cf_gen_defines.cci +src/cf_parser.cci +src/globals.cc +src/squid.conf.documented +src/string_arrays.c +tools/stub_debug.cc +tools/time.cc + diff --git a/src/HttpHeaderTools.cc b/src/HttpHeaderTools.cc index 09e7b90..2f0819d 100644 --- a/src/HttpHeaderTools.cc +++ b/src/HttpHeaderTools.cc @@ -301,23 +301,33 @@ getStringPrefix(const char *str, const char *end) int httpHeaderParseInt(const char *start, int *value) { - assert(value); - *value = atoi(start); + char *endptr; - if (!*value && !xisdigit(*start)) { + assert(value); + errno = 0; + long res = strtol(start, &endptr, 10); + if (errno || (endptr == start)) { debugs(66, 2, "failed to parse an int header field near '" << start << "'"); return 0; } + if ((res < INT_MIN) || (res > INT_MAX)) { + debugs(66, 2, "integer overflow while parsing '" << start << "'"); + return 0; + } + *value = res; + return 1; } int httpHeaderParseOffset(const char *start, int64_t * value) { + char *endptr; + errno = 0; - int64_t res = strtoll(start, NULL, 10); - if (!res && EINVAL == errno) /* maybe not portable? */ + int64_t res = strtoll(start, &endptr, 10); + if (errno || (endptr == start)) return 0; *value = res; return 1; diff --git a/src/SwapDir.cc b/src/SwapDir.cc index 581e4ba..0f80cfa 100644 --- a/src/SwapDir.cc +++ b/src/SwapDir.cc @@ -239,13 +239,21 @@ SwapDir::optionReadOnlyDump(StoreEntry * e) const bool SwapDir::optionMaxSizeParse(char const *option, const char *value, int isaReconfig) { + char *endptr; + if (strcmp(option, "max-size") != 0) return false; if (!value) self_destruct(); - int64_t size = strtoll(value, NULL, 10); + errno = 0; + int64_t size = strtoll(value, &endptr, 10); + if (errno || (value == endptr)) { + debugs(3, 1, "Invalid max-size for cache dir '" << path << "' ignored"); + return false; + } + if (isaReconfig && max_objsize != size) debugs(3, 1, "Cache dir '" << path << "' max object size now " << size); diff --git a/src/comm.cc b/src/comm.cc index b5e927f..8a573a3 100644 --- a/src/comm.cc +++ b/src/comm.cc @@ -2206,11 +2206,15 @@ int comm_listen(int sock) { int x; + int defer = 30; if ((x = listen(sock, Squid_MaxFD >> 2)) < 0) { debugs(50, 0, "comm_listen: listen(" << (Squid_MaxFD >> 2) << ", " << sock << "): " << xstrerror()); return x; } +#ifdef TCP_DEFER_ACCEPT + setsockopt(sock, SOL_TCP, TCP_DEFER_ACCEPT, &defer, sizeof(defer)); +#endif if (Config.accept_filter && strcmp(Config.accept_filter, "none") != 0) { #ifdef SO_ACCEPTFILTER diff --git a/src/ftp.cc b/src/ftp.cc index 60848b2..ad8b32a 100644 --- a/src/ftp.cc +++ b/src/ftp.cc @@ -2420,10 +2420,13 @@ ftpReadSize(FtpStateData * ftpState) debugs(9, 3, HERE); if (code == 213) { + char *endptr; + ftpState->unhack(); - ftpState->theSize = strtoll(ftpState->ctrl.last_reply, NULL, 10); + errno = 0; + ftpState->theSize = strtoll(ftpState->ctrl.last_reply, &endptr, 10); - if (ftpState->theSize == 0) { + if (ftpState->theSize < 0 || errno || (ftpState->ctrl.last_reply == endptr)) { debugs(9, 2, "SIZE reported " << ftpState->ctrl.last_reply << " on " << ftpState->title_url); diff --git a/src/wccp2.cc b/src/wccp2.cc index 0f79cf3..5f45f56 100644 --- a/src/wccp2.cc +++ b/src/wccp2.cc @@ -2254,7 +2254,7 @@ static void parse_wccp2_service_ports(char *options, int portlist[]) { int i = 0; - int p; + long p; char *tmp, *tmp2, *port, *end; if (!options) { @@ -2295,7 +2295,7 @@ parse_wccp2_service_info(void *v) int protocol = -1; /* IPPROTO_TCP | IPPROTO_UDP */ struct wccp2_service_list_t *srv; - int priority = -1; + long priority = -1; if (wccp2_connected == 1) { debugs(80, 1, "WCCPv2: Somehow reparsing the configuration without having shut down WCCP! Try reloading squid again.");