* Updates libInjection repository to libinjection.github.io
* Update libInjection to version 3.9.2, plus:
- Pass the correct pointer to memmem()
In parse_money(), if there is a "$foobar$", it calls memmem() to
find it again. Wrong pointer can cause itself to backtrack in a
dead loop and hang the entire process.
- Addresses some issues reported by cppcheck, including an overflow
on parse_slash.
Some variables share content with others; that is the case
for ARGS and ARGS_NAMES. Those are different in value, as
ARGS_NAMES holds the key name as value.
Instead of duplicating the strings for the different
collections, this patch unifies the collection in radix,
avoiding memory fragmentation. It is currently doing some
fragmentation while resolving the variable, but to be
mitigated by shared_ptr is VariableValues, a different
change.
TODO: place others variables such as COOKIE*NAMES to use
the same proxy.
This issue was initially reported by @michaelgranzow-avi on #2296.
@airween made an initial attempt to provide a fixed at #2107; As a
consequence of the pull request review - provided by @victorhora,
@zimmerle, and @michaelgranzow-avi - @airween made a second attempt
at #2297. After reviewing by @martinhsv, @zimmerle, I have absorbed
the essential pieces from @airween patch into this one.
This patch differs from @airween's because @airween's patches were
partially working: Key exclusions with regex weren't covered, same
for anchored variables (e.g. ARGS). During the review, I have
highlighted the importance of having elementary test cases. A simple
test case on ARGS could spot the issue. Since that is an important
fix, I don't want to hold this for one more review cycle; therefore,
I am committing the fix myself.
Thank you all involved in the solution of this very own issue.
Using GEOIP_INDEX_CACHE on some older versions of libGeoIP (e.g. 1.5.0
which is the default version on CentOS 7) leads to "Error reading file"
error while opening completely valid GeoIP.dat:
# cat test.c
#include <stdio.h>
#include "GeoIP.h"
int main(void) {
GeoIP *g;
g = GeoIP_open("/tmp/GeoIP.dat", GEOIP_INDEX_CACHE);
if (g == NULL) {
printf("error!\n");
}
GeoIP_delete(g);
exit(0);
}
# cc -lGeoIP -o test test.c
# ./test
Error reading file /tmp/GeoIP.dat
error!
# sed -i -e 's,GEOIP_INDEX_CACHE,GEOIP_MEMORY_CACHE,' test.c
# cc -lGeoIP -o test test.c
# ./test
# geoiplookup -f /tmp/GeoIP.dat -v 8.8.8.8
GeoIP Country Edition: GEO-106FREE 20180327 Build 1 Copyright (c) 2018 MaxMind Inc All Rights Reserved
Also tested with recent GeoLite databases converted from new format
into legacy format, distributed here:
https://mailfud.org/geoip-legacy/
