Commit c9121aba authored by Leonardo Arena's avatar Leonardo Arena

main/aria2: security fix (CVE-2019-3500)

Fixes #9900
parent b5b80b2b
......@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=aria2
pkgver=1.33.1
pkgrel=0
pkgrel=1
pkgdesc="Download utility for HTTP(S), (S)FTP, Bittorrent, and Metalink"
url="https://aria2.github.io/"
arch="all"
......@@ -12,9 +12,15 @@ depends="ca-certificates"
makedepends="gnutls-dev expat-dev sqlite-dev c-ares-dev"
checkdepends="cppunit-dev"
subpackages="$pkgname-doc $pkgname-bash-completion:bashcomp:noarch"
source="https://github.com/aria2/$pkgname/releases/download/release-$pkgver/$pkgname-$pkgver.tar.xz"
source="https://github.com/aria2/$pkgname/releases/download/release-$pkgver/$pkgname-$pkgver.tar.xz
CVE-2019-3500.patch
"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
# 1.33.1-r1:
# - CVE-2019-3500
build() {
cd "$builddir"
./configure \
......@@ -48,4 +54,5 @@ bashcomp() {
"$subpkgdir"/usr/share/bash-completion/completions/_aria2c
}
sha512sums="5379768a0960e46ed616a2540508d0dda4172c8d1a05021e50243241adb64448f5fa01878868ea206ec6b462fea39fa82284bb0f78ceec299eb289f94815b94a aria2-1.33.1.tar.xz"
sha512sums="5379768a0960e46ed616a2540508d0dda4172c8d1a05021e50243241adb64448f5fa01878868ea206ec6b462fea39fa82284bb0f78ceec299eb289f94815b94a aria2-1.33.1.tar.xz
e81d6cf69652b4a2adb67a13434d3e37f1c69ce2a99a8d4b12f3e056c6c530218d6593aaeb1ca8b2691e4f28a0d53b29319d067c4f89eb0e4b2e8368f1c38319 CVE-2019-3500.patch"
From 37368130ca7de5491a75fd18a20c5c5cc641824a Mon Sep 17 00:00:00 2001
From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Sat, 5 Jan 2019 09:32:40 +0900
Subject: [PATCH] Mask headers
---
src/HttpConnection.cc | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/src/HttpConnection.cc b/src/HttpConnection.cc
index 77cb9d27a..be5b97723 100644
--- a/src/HttpConnection.cc
+++ b/src/HttpConnection.cc
@@ -102,11 +102,17 @@ std::string HttpConnection::eraseConfidentialInfo(const std::string& request)
std::string result;
std::string line;
while (getline(istr, line)) {
- if (util::startsWith(line, "Authorization: Basic")) {
- result += "Authorization: Basic ********\n";
+ if (util::istartsWith(line, "Authorization: ")) {
+ result += "Authorization: <snip>\n";
}
- else if (util::startsWith(line, "Proxy-Authorization: Basic")) {
- result += "Proxy-Authorization: Basic ********\n";
+ else if (util::istartsWith(line, "Proxy-Authorization: ")) {
+ result += "Proxy-Authorization: <snip>\n";
+ }
+ else if (util::istartsWith(line, "Cookie: ")) {
+ result += "Cookie: <snip>\n";
+ }
+ else if (util::istartsWith(line, "Set-Cookie: ")) {
+ result += "Set-Cookie: <snip>\n";
}
else {
result += line;
@@ -154,8 +160,8 @@ std::unique_ptr<HttpResponse> HttpConnection::receiveResponse()
const auto& proc = outstandingHttpRequests_.front()->getHttpHeaderProcessor();
if (proc->parse(socketRecvBuffer_->getBuffer(),
socketRecvBuffer_->getBufferLength())) {
- A2_LOG_INFO(
- fmt(MSG_RECEIVE_RESPONSE, cuid_, proc->getHeaderString().c_str()));
+ A2_LOG_INFO(fmt(MSG_RECEIVE_RESPONSE, cuid_,
+ eraseConfidentialInfo(proc->getHeaderString()).c_str()));
auto result = proc->getResult();
if (result->getStatusCode() / 100 == 1) {
socketRecvBuffer_->drain(proc->getLastBytesProcessed());
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment