From yar@ddt.demos.su  Fri Mar 16 03:50:07 2001
Return-Path: <yar@ddt.demos.su>
Received: from ddt.demos.su (ddt.demos.su [194.87.13.37])
	by hub.freebsd.org (Postfix) with ESMTP id 8128D37B718
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 16 Mar 2001 03:50:06 -0800 (PST)
	(envelope-from yar@ddt.demos.su)
Received: (from yar@localhost)
	by ddt.demos.su (8.11.1/8.11.1/D) id f2GBo3U61443;
	Fri, 16 Mar 2001 14:50:03 +0300 (MSK)
	(envelope-from yar)
Message-Id: <200103161150.f2GBo3U61443@ddt.demos.su>
Date: Fri, 16 Mar 2001 14:50:03 +0300 (MSK)
From: yar@comp.chem.msu.su
Reply-To: yar@comp.chem.msu.su
To: FreeBSD-gnats-submit@freebsd.org
Cc: mitsuru@riken.go.jp
Subject: www/tinyproxy has a bug that has to be fixed in the port
X-Send-Pr-Version: 3.2

>Number:         25852
>Category:       ports
>Synopsis:       www/tinyproxy has a bug that has to be fixed in the port
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Mar 16 04:00:02 PST 2001
>Closed-Date:    Sat Mar 31 05:29:05 PST 2001
>Last-Modified:  Sat Mar 31 05:30:24 PST 2001
>Originator:     Yar Tikhiy <yar@comp.chem.msu.su>
>Release:        FreeBSD 4.1.1-STABLE i386
>Organization:
Moscow State University
>Environment:

	FreeBSD ddt.demos.su 4.1.1-STABLE FreeBSD 4.1.1-STABLE #0: Wed Oct 18 14:43:46 MSD 2000     root@:/mnt/src/sys/compile/DDT1  i386

>Description:

	The ``tinyproxy'' program (corresponding port: www/tinyproxy),
	as of version 1.3.3a, has a bug in its code that has to do
	with dereferencing an uninitialized (and NULL) pointer.
	The program is being developed without a stable branch, so
	the bug was fixed in development versions only. Hence it seems
	reasonable to include a fix for the bug in the port of the
	stable version of tinyproxy.

>How-To-Repeat:

	Run tinyproxy with the ``-n'' option (limit access to
	the proxy to a particular IP network) and see it crash on
	the very first connection from an unauthorized address.

>Fix:

Add the following fix to the corresponding port:

--- src/reqs.c.orig	Sat Apr  1 02:55:22 2000
+++ src/reqs.c	Mon Mar 12 17:48:08 2001
@@ -841,7 +841,7 @@
 
 	/* Check to see if there are new connections pending */
 	if (FD_ISSET(setup_fd, &readfds) && (fd = listen_sock()) >= 0) {
-		new_conn(fd);	/* make a connection from the FD */
+		connptr = new_conn(fd);	/* make a connection from the FD */
 
 		if (validuser(fd)) {
 			if (config.cutoffload && (load > config.cutoffload)) {
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: yar 
State-Changed-When: Sat Mar 31 05:29:05 PST 2001 
State-Changed-Why:  
A new version of tinyproxy is out. The bug has been fixed in it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=25852 
>Unformatted:
