olsrd: security fixes for olsrd plugins

diff --git a/olsrd/patches/002-hotfix-long-http-headers-txtinfo.patch b/olsrd/patches/002-hotfix-long-http-headers-txtinfo.patch
new file mode 100644 (file)
index 0000000..e04e815
--- /dev/null
+++ b/olsrd/patches/002-hotfix-long-http-headers-txtinfo.patch
@@ -0,0 +1,36 @@
+commit d68c96cf53f188030452aadec466aa6389e81511
+Author: Henning Rogge <hrogge@gmail.com>
+Date:   Tue May 13 21:23:36 2014 +0200
+
+    Hotfix for much too long http headers
+
+diff --git a/lib/txtinfo/src/olsrd_txtinfo.c b/lib/txtinfo/src/olsrd_txtinfo.c
+index b56545d..2bcce41 100644
+--- a/lib/txtinfo/src/olsrd_txtinfo.c
++++ b/lib/txtinfo/src/olsrd_txtinfo.c
+@@ -301,8 +301,15 @@ ipc_action(int fd, void *data __attribute__ ((unused)), unsigned int flags __att
+   FD_ZERO(&rfds);
+   FD_SET((unsigned int)ipc_connection, &rfds);  /* Win32 needs the cast here */
+   if (0 <= select(ipc_connection + 1, &rfds, NULL, NULL, &tv)) {
+-    char requ[128];
+-    ssize_t s = recv(ipc_connection, (void *)&requ, sizeof(requ), 0);   /* Win32 needs the cast here */
++    char requ[1024];
++    ssize_t s = recv(ipc_connection, (void *)&requ, sizeof(requ)-1, 0);   /* Win32 needs the cast here */
++
++    if (s == sizeof(requ)-1) {
++      /* input was much too long, just skip the rest */
++      char dummy[1024];
++
++      while (recv(ipc_connection, (void *)&dummy, sizeof(dummy), 0) == sizeof(dummy), 0);
++    }
+     if (0 < s) {
+       requ[s] = 0;
+       /* To print out neighbours only on the Freifunk Status
+@@ -329,6 +336,7 @@ ipc_action(int fd, void *data __attribute__ ((unused)), unsigned int flags __att
+         if (0 != strstr(requ, "/ver")) send_what |= SIW_VERSION;
+       }
+     }
++
+     if ( send_what == 0 ) send_what = SIW_ALL;
+   }
+ 

diff --git a/olsrd/patches/003-hotfix-long-http-headers-json.patch b/olsrd/patches/003-hotfix-long-http-headers-json.patch
new file mode 100644 (file)
index 0000000..8774856
--- /dev/null
+++ b/olsrd/patches/003-hotfix-long-http-headers-json.patch
@@ -0,0 +1,28 @@
+commit 528176910ee1d00278e4108cc23d9f4f2de8a639
+Author: Alessio Caiazza <nolith@abisso.org>
+Date:   Wed May 14 22:45:33 2014 +0200
+
+    Hotfix for very long http headers also for jsoninfo
+
+diff --git a/lib/jsoninfo/src/olsrd_jsoninfo.c b/lib/jsoninfo/src/olsrd_jsoninfo.c
+index 966292c..817c64a 100644
+--- a/lib/jsoninfo/src/olsrd_jsoninfo.c
++++ b/lib/jsoninfo/src/olsrd_jsoninfo.c
+@@ -508,8 +508,15 @@ ipc_action(int fd, void *data __attribute__ ((unused)), unsigned int flags __att
+   FD_ZERO(&rfds);
+   FD_SET((unsigned int)ipc_connection, &rfds);  /* Win32 needs the cast here */
+   if (0 <= select(ipc_connection + 1, &rfds, NULL, NULL, &tv)) {
+-    char requ[128];
+-    ssize_t s = recv(ipc_connection, (void *)&requ, sizeof(requ), 0);   /* Win32 needs the cast here */
++    char requ[1024];
++    ssize_t s = recv(ipc_connection, (void *)&requ, sizeof(requ)-1, 0);   /* Win32 needs the cast here */
++
++    if (s == sizeof(requ)-1) {
++      /* input was too much long, just skip the rest */
++      char dummy[1024];
++
++      while (recv(ipc_connection, (void *)&dummy, sizeof(dummy), 0) == sizeof(dummy), 0);
++    }
+     if (0 < s) {
+       requ[s] = 0;
+       /* print out the requested tables */