Security fix for CVE-2009-2855

ok brad (MAINTAINER)

www/squid/Makefile

@@ -1,10 +1,11 @@
-# $OpenBSD: Makefile,v 1.98 2009/02/08 15:04:33 sthen Exp $
+# $OpenBSD: Makefile,v 1.99 2009/08/30 21:52:44 jasper Exp $
 
 COMMENT=	WWW and FTP proxy cache and accelerator
 
 DISTNAME=	squid-2.7.STABLE6
+PKGNAME=	${DISTNAME}p0
 CATEGORIES=	www
-MASTER_SITES=	${HOMEPAGE}Versions/v2/2.7/
+MASTER_SITES=	${HOMEPAGE}/Versions/v2/2.7/
 DIST_SUBDIR=	squid
 
 HOMEPAGE=	http://www.squid-cache.org/

www/squid/patches/patch-src_HttpHeaderTools_c

@@ -0,0 +1,39 @@
+$OpenBSD: patch-src_HttpHeaderTools_c,v 1.1 2009/08/30 21:52:44 jasper Exp $
+
+Security fix for CVE-2009-2855.
+Patch from upstream repository:
+http://www.squid-cache.org/Versions/v2/HEAD/changesets/12541.patch
+
+--- src/HttpHeaderTools.c.orig	Sun Aug 30 20:43:57 2009
++++ src/HttpHeaderTools.c	Sun Aug 30 20:44:54 2009
+@@ -239,6 +239,10 @@ int
+ strListGetItem(const String * str, char del, const char **item, int *ilen, const char **pos)
+ {
+     size_t len;
++    /* ',' is always enabled as field delimiter as this is required for
++     * processing merged header values properly, even if Cookie normally
++     * uses ';' as delimiter.
++     */
+     static char delim[3][8] =
+     {
+ 	"\"?,",
+@@ -261,16 +265,15 @@ strListGetItem(const String * str, char del, const cha
+     /* find next delimiter */
+     do {
+ 	*pos += strcspn(*pos, delim[quoted]);
+-	if (**pos == del)
+-	    break;
+ 	if (**pos == '"') {
+ 	    quoted = !quoted;
+ 	    *pos += 1;
+-	}
+-	if (quoted && **pos == '\\') {
++	} else if (quoted && **pos == '\\') {
+ 	    *pos += 1;
+ 	    if (**pos)
+ 		*pos += 1;
++	} else {
++	    break;		/* Delimiter found, marking the end of this value */
+ 	}
+     } while (**pos);
+     len = *pos - *item;		/* *pos points to del or '\0' */