From 8bbc2ef15138d2493cce5a39a4ba281e07a7c42a Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Tue, 29 Sep 2015 14:55:42 -0400
Subject: Add safety belts to squid3 chown function to stop it from breaking
 the entire filesystem.

---
 config/squid3/34/squid.inc | 7 ++++---
 config/squid3/34/squid.xml | 2 +-
 2 files changed, 5 insertions(+), 4 deletions(-)

(limited to 'config/squid3')

diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index e906a1bb..a7cb0490 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -84,7 +84,8 @@ function squid_get_real_interface_address($iface) {
 }
 
 function squid_chown_recursive($dir, $user, $group) {
-	if ($dir == '/usr/local') {
+	if (empty($dir) || ($dir == '/') || ($dir == '/usr/local') || !is_dir($dir)) {
+		log_error(gettext("Squid attempted to chown an invalid directory: {$dir}"));
 		return;
 	}
 
@@ -92,8 +93,8 @@ function squid_chown_recursive($dir, $user, $group) {
 	chgrp($dir, $group);
 	$handle = opendir($dir) ;
 	while (($item = readdir($handle)) !== false) {
-		if (($item != ".") && ($item != "..")) {
-			$path = "$dir/$item";
+		if (!empty($item) && ($item != ".") && ($item != "..")) {
+			$path = "{$dir}/{$item}";
 			// Recurse unless it's the cache dir, that is slow and rarely necessary.
 			if (is_dir($path) && (basename($dir) != "cache")) {
 				squid_chown_recursive($path, $user, $group);
diff --git a/config/squid3/34/squid.xml b/config/squid3/34/squid.xml
index ded59d42..ec9855e8 100644
--- a/config/squid3/34/squid.xml
+++ b/config/squid3/34/squid.xml
@@ -42,7 +42,7 @@
 	]]>
 	</copyright>
 	<name>squid</name>
-	<version>0.3.5</version>
+	<version>0.3.5.1</version>
 	<title>Proxy Server: General Settings</title>
 	<include_file>/usr/local/pkg/squid.inc</include_file>
 	<menu>
-- 
cgit v1.2.3