ports/55944: www/squid NCSA basic auth problem - PATCH included
Mário Freitas
sub_0 at netcabo.pt
Mon Aug 25 02:40:13 UTC 2003
>Number: 55944
>Category: ports
>Synopsis: www/squid NCSA basic auth problem - PATCH included
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Aug 24 19:40:12 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Mário Freitas
>Release: FreeBSD 5.1-CURRENT i386
>Organization:
>Environment:
System: FreeBSD suzy.unbreakable.homeunix.org 5.1-CURRENT FreeBSD 5.1-CURRENT #0: Thu Aug 21 16:04:33 WEST 2003 root at suzy.unbreakable.homeunix.org:/usr/obj/usr/src/sys/SUZY i386
>Description:
I've already mailed Adrian at freebsd.org a long time ago, but I got no
response so I decided to send-pr.
There's a little problem with NCSA authentication which is included in
www/squid: ncsa_auth.c uses stat() and it erroneously assumes the file
is readable, but when it is not, the authentication program dies with
a segmentation fault after using fgets on a NULL file.
>How-To-Repeat:
Just build the www/squid port and run ncsa_auth <some file which is
not readable>. After this type enter.
>Fix:
--- patch-ncsa.c begins here ---
--- helpers/basic_auth/NCSA/ncsa_auth.c.orig Mon Aug 12 02:13:39 2002
+++ helpers/basic_auth/NCSA/ncsa_auth.c Mon Aug 25 02:29:50 2003
@@ -79,7 +79,10 @@
fprintf(stderr, "ncsa_auth: cannot create hash table\n");
exit(1);
}
- f = fopen(passwdfile, "r");
+ if ((f = fopen(passwdfile, "r")) == NULL) {
+ fprintf(stderr, "ncsa_auth: cannot open password file\n");
+ exit(1);
+ }
while (fgets(buf, 8192, f) != NULL) {
if ((buf[0] == '#') || (buf[0] == ' ') || (buf[0] == '\t') ||
(buf[0] == '\n'))
--- patch-ncsa.c ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list