diff options
| author | jim-p <jimp@pfsense.org> | 2015-09-29 14:55:42 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2015-09-29 14:55:42 -0400 |
| commit | 8bbc2ef15138d2493cce5a39a4ba281e07a7c42a (patch) | |
| tree | 2ef590cba45bc2462851028b79c823bc97ab5322 | |
| parent | 87a47d47d716dc713f1e99e6e6812db91b1a182e (diff) | |
| download | pfsense-packages-8bbc2ef15138d2493cce5a39a4ba281e07a7c42a.tar.gz pfsense-packages-8bbc2ef15138d2493cce5a39a4ba281e07a7c42a.tar.bz2 pfsense-packages-8bbc2ef15138d2493cce5a39a4ba281e07a7c42a.zip | |
Add safety belts to squid3 chown function to stop it from breaking the entire filesystem.
| -rwxr-xr-x | config/squid3/34/squid.inc | 7 | ||||
| -rw-r--r-- | config/squid3/34/squid.xml | 2 | ||||
| -rw-r--r-- | pkg_config.10.xml | 2 |
3 files changed, 6 insertions, 5 deletions
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc index e906a1bb..a7cb0490 100755 --- a/config/squid3/34/squid.inc +++ b/config/squid3/34/squid.inc @@ -84,7 +84,8 @@ function squid_get_real_interface_address($iface) { } function squid_chown_recursive($dir, $user, $group) { - if ($dir == '/usr/local') { + if (empty($dir) || ($dir == '/') || ($dir == '/usr/local') || !is_dir($dir)) { + log_error(gettext("Squid attempted to chown an invalid directory: {$dir}")); return; } @@ -92,8 +93,8 @@ function squid_chown_recursive($dir, $user, $group) { chgrp($dir, $group); $handle = opendir($dir) ; while (($item = readdir($handle)) !== false) { - if (($item != ".") && ($item != "..")) { - $path = "$dir/$item"; + if (!empty($item) && ($item != ".") && ($item != "..")) { + $path = "{$dir}/{$item}"; // Recurse unless it's the cache dir, that is slow and rarely necessary. if (is_dir($path) && (basename($dir) != "cache")) { squid_chown_recursive($path, $user, $group); diff --git a/config/squid3/34/squid.xml b/config/squid3/34/squid.xml index ded59d42..ec9855e8 100644 --- a/config/squid3/34/squid.xml +++ b/config/squid3/34/squid.xml @@ -42,7 +42,7 @@ ]]> </copyright> <name>squid</name> - <version>0.3.5</version> + <version>0.3.5.1</version> <title>Proxy Server: General Settings</title> <include_file>/usr/local/pkg/squid.inc</include_file> <menu> diff --git a/pkg_config.10.xml b/pkg_config.10.xml index 500cfebc..1e0fcd2d 100644 --- a/pkg_config.10.xml +++ b/pkg_config.10.xml @@ -1052,7 +1052,7 @@ <pkginfolink>https://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Network</category> - <version>0.3.5</version> + <version>0.3.5.1</version> <status>beta</status> <required_version>2.2</required_version> <maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> |