1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2025-01-22 07:27:59 +01:00
slackware-current/patches/source/htdig/htdig-3.2.0b6.diff
Patrick J Volkerding a44e6a9f0b Thu Jul 25 02:39:18 UTC 2024
patches/packages/curl-8.9.0-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
patches/packages/htdig-3.2.0b6-x86_64-10_slack15.0.txz:  Rebuilt.
  Patch XSS vulnerability. Thanks to jayjwa.
  Get this out of cgi-bin. Thanks to LuckyCyborg.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2007-6110
  (* Security fix *)
patches/packages/libxml2-2.11.9-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  Fix XXE protection in downstream code.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-40896
  (* Security fix *)
2024-07-26 13:30:58 +02:00

333 lines
9.6 KiB
Diff

--- ./db/os_rw.c.orig 2004-01-12 06:48:24.000000000 -0600
+++ ./db/os_rw.c 2007-04-07 17:29:44.000000000 -0500
@@ -5,6 +5,14 @@
* Sleepycat Software. All rights reserved.
*/
+
+#define _XOPEN_SOURCE 500
+#include <sys/types.h>
+#include <unistd.h>
+#ifndef u_long
+typedef __u_long u_long;
+#endif
+
#include "db_config.h"
#ifndef lint
--- ./db/hash.c.orig 2004-06-11 11:44:35.000000000 -0500
+++ ./db/hash.c 2007-04-07 17:29:44.000000000 -0500
@@ -250,6 +250,11 @@
hashp->h_hash = hcp->hdr->dbmeta.version < 5
? CDB___ham_func4 : CDB___ham_func5;
+ /* Make sure we always have a valid hashp->h_hash function. */
+ if (hashp->h_hash == NULL)
+ hashp->h_hash = hcp->hdr->dbmeta.version < 5
+ ? CDB___ham_func4 : CDB___ham_func5;
+
err2: /* Release the meta data page */
if ((t_ret = CDB___ham_release_meta(dbc)) != 0 && ret == 0)
ret = t_ret;
--- ./htdig/Server.cc.orig 2004-05-28 08:15:16.000000000 -0500
+++ ./htdig/Server.cc 2007-04-07 17:29:44.000000000 -0500
@@ -341,6 +341,8 @@
{
String fullpatt = "^[^:]*://[^/]*(";
fullpatt << pattern << ')';
+ if (pattern.length() == 0)
+ fullpatt = "";
_disallow.set(fullpatt, config->Boolean("case_sensitive"));
}
}
--- ./htfuzzy/Regexp.cc.orig 2004-05-28 08:15:20.000000000 -0500
+++ ./htfuzzy/Regexp.cc 2007-04-07 17:29:45.000000000 -0500
@@ -73,16 +73,16 @@
int wordCount = 0;
int maximumWords = config.Value("regex_max_words", 25);
- wordList->Start_Get();
- while (wordCount < maximumWords && (key = (String *) wordList->Get_Next()))
- {
- if (regexMatch.match(*key, 0, 0) != 0)
- {
- words.Add(new String(*key));
- wordCount++;
- }
- }
if (wordList) {
+ wordList->Start_Get();
+ while (wordCount < maximumWords && (key = (String *) wordList->Get_Next()))
+ {
+ if (regexMatch.match(*key, 0, 0) != 0)
+ {
+ words.Add(new String(*key));
+ wordCount++;
+ }
+ }
wordList->Destroy();
delete wordList;
}
--- ./htfuzzy/Substring.cc.orig 2004-05-28 08:15:20.000000000 -0500
+++ ./htfuzzy/Substring.cc 2007-04-07 17:29:45.000000000 -0500
@@ -73,16 +73,16 @@
int wordCount = 0;
int maximumWords = config.Value("substring_max_words", 25);
- wordList->Start_Get();
- while (wordCount < maximumWords && (key = (String *) wordList->Get_Next()))
- {
- if (match.FindFirst((char*)*key) >= 0)
- {
- words.Add(new String(*key));
- wordCount++;
- }
- }
if (wordList) {
+ wordList->Start_Get();
+ while (wordCount < maximumWords && (key = (String *) wordList->Get_Next()))
+ {
+ if (match.FindFirst((char*)*key) >= 0)
+ {
+ words.Add(new String(*key));
+ wordCount++;
+ }
+ }
wordList->Destroy();
delete wordList;
}
--- ./htfuzzy/htfuzzy.cc.orig 2004-05-28 08:15:20.000000000 -0500
+++ ./htfuzzy/htfuzzy.cc 2007-04-07 17:29:45.000000000 -0500
@@ -153,8 +153,9 @@
String word, fuzzyKey;
int count = 0;
- words->Start_Get();
- while ((key = (String *) words->Get_Next()))
+ if (words)
+ words->Start_Get();
+ while (words && (key = (String *) words->Get_Next()))
{
word = *key;
wordAlgorithms.Start_Get();
@@ -185,8 +186,11 @@
fuzzy->writeDB();
}
worddb.Close();
- words->Destroy();
- delete words;
+ if (words)
+ {
+ words->Destroy();
+ delete words;
+ }
if (fuzzy)
delete fuzzy;
}
--- ./htfuzzy/Prefix.cc.orig 2004-05-28 08:15:20.000000000 -0500
+++ ./htfuzzy/Prefix.cc 2007-04-07 17:29:45.000000000 -0500
@@ -99,9 +99,10 @@
WordReference *word_ref;
String last_word;
- wordList->Start_Get();
- while (wordCount < maximumWords && (word_ref = (WordReference *) wordList->Get_Next() ))
- {
+ if (wordList) {
+ wordList->Start_Get();
+ while (wordCount < maximumWords && (word_ref = (WordReference *) wordList->Get_Next() ))
+ {
s = word_ref->Key().GetWord();
// If we're somehow past the original word, we're done
@@ -115,8 +116,7 @@
last_word = s;
words.Add(new String(s));
wordCount++;
- }
- if (wordList) {
+ }
wordList->Destroy();
delete wordList;
}
--- ./htfuzzy/Fuzzy.cc.orig 2004-05-28 08:15:20.000000000 -0500
+++ ./htfuzzy/Fuzzy.cc 2007-04-07 17:29:45.000000000 -0500
@@ -61,7 +61,11 @@
delete index;
index = 0;
}
- delete dict;
+ if (dict)
+ {
+ delete dict;
+ dict = 0;
+ }
}
@@ -154,8 +158,9 @@
int count = 0;
- dict->Start_Get();
- while ((fuzzyKey = dict->Get_Next()))
+ if (dict)
+ dict->Start_Get();
+ while (dict && (fuzzyKey = dict->Get_Next()))
{
s = (String *) dict->Find(fuzzyKey);
index->Put(fuzzyKey, *s);
--- ./htsearch/Display.cc.orig 2004-05-28 08:15:24.000000000 -0500
+++ ./htsearch/Display.cc 2007-04-07 17:29:44.000000000 -0500
@@ -54,6 +54,7 @@
#include <math.h>
#include <float.h>
+#include <values.h>
#if !defined(DBL_MAX)
# if defined (MAXDOUBLE)
--- ./htsearch/htsearch.cc.orig 2004-05-28 08:15:24.000000000 -0500
+++ ./htsearch/htsearch.cc 2007-04-07 17:29:44.000000000 -0500
@@ -211,8 +211,7 @@
}
if (access((char*)configFile, R_OK) < 0)
{
- reportError(form("Unable to read configuration file '%s'",
- configFile.get()));
+ reportError("Unable to read configuration file");
}
config->Read(configFile);
--- ./htsearch/qtest.cc.orig 2004-05-28 08:15:25.000000000 -0500
+++ ./htsearch/qtest.cc 2007-04-07 17:29:44.000000000 -0500
@@ -132,8 +132,7 @@
if (access((char*)configFile, R_OK) < 0)
{
- reportError(form("Unable to find configuration file '%s'",
- configFile.get()));
+ reportError("Unable to find configuration file");
}
config->Read(configFile);
--- ./htsearch/Collection.h.orig 2004-05-28 08:15:24.000000000 -0500
+++ ./htsearch/Collection.h 2007-04-07 17:29:45.000000000 -0500
@@ -36,9 +36,9 @@
const char *docExcerpt);
~Collection();
- void Collection::Open();
+ void Open();
- void Collection::Close();
+ void Close();
char *getWordFile() { return wordFile.get(); }
DocumentRef *getDocumentRef(int id);
--- ./htword/WordDBPage.cc.orig 2004-05-28 08:15:26.000000000 -0500
+++ ./htword/WordDBPage.cc 2007-04-07 17:29:44.000000000 -0500
@@ -82,7 +82,7 @@
if(debuglevel>2)printf("TOTAL SIZE: %6d %8f\n",size,size/8.0);
// argh! compare failed somthing went wrong
// display the compress/decompress sequence and fail
- if(cmp || size>8*1024*1000000000)
+ if(cmp || size>8*1024)
{
if(size>8*1024)
{
--- ./installdir/rundig.orig 2007-04-07 17:29:45.000000000 -0500
+++ ./installdir/rundig 2007-04-07 17:29:45.000000000 -0500
@@ -14,6 +14,7 @@
# To help debug problems, try running rundig -vvv
# This will add lots of debugging output to all of the programs
+incremental=0
stats= opts= alt=
while [ "$#" -gt 0 ]
do
@@ -24,6 +25,7 @@
conffile="$1"
opts="$opts -c $conffile"
;;
+ +i) incremental=1;;
*) opts="$opts $1" ;; # e.g. -v
esac
shift
@@ -53,7 +55,13 @@
TMPDIR=$DBDIR
export TMPDIR
-$BINDIR/htdig -i $opts $stats $alt
+if [ $incremental -ne 0 ]
+then
+ $BINDIR/htdig $opts $stats $alt
+else
+ $BINDIR/htdig -i $opts $stats $alt
+fi
+
$BINDIR/htpurge $opts $alt
case "$alt" in
-a)
--- ./installdir/htdig.conf.orig 2004-02-08 04:19:33.000000000 -0600
+++ ./installdir/htdig.conf 2007-04-07 17:29:44.000000000 -0500
@@ -18,6 +18,18 @@
database_dir: @DATABASE_DIR@
#
+# Define common_dir, which is used in several of the examples.
+#
+common_dir: /var/www/html/htdig
+
+#
+# Disable the translation of the ISO Latin 1 SGML entities from the
+# documents into upper end 8-bit characters in the database,
+# and then back to the Latin 1 SGML entities in htsearch results.
+#
+translate_latin1: false
+
+#
# This specifies the URL where the robot (htdig) will start. You can specify
# multiple URLs here. Just separate them by some whitespace.
# The example here will cause the ht://Dig homepage and related pages to be
@@ -25,7 +37,7 @@
# You could also index all the URLs in a file like so:
# start_url: `${common_dir}/start.url`
#
-start_url: http://www.htdig.org/
+start_url: http://localhost
#
# This attribute limits the scope of the indexing process. The default is to
@@ -76,7 +88,7 @@
# The string htdig will send in every request to identify the robot. Change
# this to your email address.
#
-maintainer: unconfigured@htdig.searchengine.maintainer
+maintainer: root@localhost
#
# The excerpts that are displayed in long results rely on stored information
--- ./installdir/rundig.1.in.orig 2004-03-12 02:11:06.000000000 -0600
+++ ./installdir/rundig.1.in 2007-04-07 17:29:46.000000000 -0500
@@ -23,6 +23,9 @@
.TP
.B \-c configfile
Use alternate config file.
+.TP
+.B \+i
+Use incremental digging instead non-incremental
.SH "SEE ALSO"
Please refer to the HTML pages (in the htdig-doc package)
.B /usr/share/doc/htdig-doc/html/index.html
--- ./configure.orig 2004-06-14 03:25:31.000000000 -0500
+++ ./configure 2007-04-07 17:29:44.000000000 -0500
@@ -28034,7 +28034,7 @@
APACHE_REQUEST=`echo 1.3.1 | sed -e 's/\.//g'`
APACHE_REQUEST_MAJOR=`expr $APACHE_REQUEST : '\(..\)'`
APACHE_REQUEST_MINOR=`expr $APACHE_REQUEST : '..\(.*\)'`
- if test "$APACHE_MAJOR" -lt "$APACHE_REQUEST_MAJOR" -o "$APACHE_MINOR" -lt "$APACHE_REQUEST_MINOR" ; then
+ if test "$APACHE_MAJOR" -eq "APACHE_REQUEST_MAJOR" -a "$APACHE_MINOR" -lt "$APACHE_REQUEST_MINOR" -o "$APACHE_MAJOR" -lt "$APACHE_REQUEST_MAJOR" ; then
echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
{ { echo "$as_me:$LINENO: error: apache version is $APACHE_READABLE_VERSION" >&5