release 4.10

the allocatorthread got pointers to RAM which were reallocated
behind the back, and if realloc() couldn't grow in-place, lead
to segfaults in applications that do a lot of DNS-lookups such
as webbrowsers.

closes #66
closes #31

thanks to @ravomavain for tracking down the issue.

Makefile

@@ -16,8 +16,8 @@ sysconfdir=$(prefix)/etc
 SRCS = $(sort $(wildcard src/*.c))
 OBJS = $(SRCS:.c=.o)
 LOBJS = src/nameinfo.o src/version.o \
-        src/core.o src/common.o src/libproxychains.o src/shm.o \
-        src/allocator_thread.o src/ip_type.o src/stringdump.o \
+        src/core.o src/common.o src/libproxychains.o \
+        src/allocator_thread.o src/ip_type.o \
         src/hostsreader.o src/hash.o src/debug.o
 
 GENH = src/version.h
@@ -25,7 +25,7 @@ GENH = src/version.h
 CFLAGS  += -Wall -O0 -g -std=c99 -D_GNU_SOURCE -pipe
 NO_AS_NEEDED = -Wl,--no-as-needed
 LIBDL   = -ldl
-LDFLAGS = -fPIC $(NO_AS_NEEDED)
+LDFLAGS = -shared -fPIC $(NO_AS_NEEDED) $(LIBDL) -lpthread
 INC     = 
 PIC     = -fPIC
 AR      = $(CROSS_COMPILE)ar
@@ -46,7 +46,6 @@ ALL_CONFIGS = src/proxychains.conf
 -include config.mak
 
 CFLAGS+=$(USER_CFLAGS) $(MAC_CFLAGS)
-LDFLAGS+=$(USER_LDFLAGS)
 CFLAGS_MAIN=-DLIB_DIR=\"$(libdir)\" -DSYSCONFDIR=\"$(sysconfdir)\" -DDLL_NAME=\"$(LDSO_PATHNAME)\"
 
 
@@ -82,10 +81,11 @@ src/version.o: src/version.h
 	$(CC) $(CPPFLAGS) $(CFLAGS) $(CFLAGS_MAIN) $(INC) $(PIC) -c -o $@ $<
 
 $(LDSO_PATHNAME): $(LOBJS)
-	$(CC) -shared $(LDFLAGS) $(LD_SET_SONAME)$(LDSO_PATHNAME) -lpthread $(LIBDL) -o $@ $(LOBJS)
+	$(CC) $(LDFLAGS) $(LD_SET_SONAME)$(LDSO_PATHNAME) $(USER_LDFLAGS) \
+		-o $@ $(LOBJS)
 
 $(ALL_TOOLS): $(OBJS)
-	$(CC) $(LDFLAGS) src/main.o src/common.o -o $(PXCHAINS)
+	$(CC) src/main.o src/common.o $(USER_LDFLAGS) -o $(PXCHAINS)
 
 
 .PHONY: all clean install install-config install-libs install-tools

README

@@ -1,4 +1,4 @@
-ProxyChains-NG ver 4.8 README
+ProxyChains-NG ver 4.10 README
 =============================
 
   ProxyChains is a UNIX program, that hooks network-related libc functions
@@ -52,6 +52,16 @@ ProxyChains-NG ver 4.8 README
 
 Changelog:
 ----------
+Version 4.10
+- fix regression in linking order with custom LDFLAGS
+- fix segfault in DNS mapping code in programs with > ~400 different lookups
+
+Version 4.9
+- fix a security issue CVE-2015-3887
+- add sendto hook to handle MSG_FASTOPEN flag
+- replace problematic hostentdb with hostsreader
+- fix compilation on OpenBSD (although doesn't work there)
+
 Version 4.8.1:
 - fix regression in 4.8 install-config Makefile target
 

VERSION

@@ -1 +1 @@
-4.8.1
+4.10

configure

@@ -26,6 +26,9 @@ usage() {
 	echo "--libdir=/path		default: $prefix/lib"
 	echo "--includedir=/path	default: $prefix/include"
 	echo "--sysconfdir=/path	default: $prefix/etc"
+	echo "--ignore-cve		default: no"
+	echo "	if set to yes ignores CVE-2015-3887 and makes it possible"
+	echo "	to preload from current dir (insecure)"
 	ismac && isx86_64 && echo "--fat-binary : build for both i386 and x86_64 architectures on 64-bit Macs"
 	echo "--help : show this text"
 	exit 1
@@ -39,7 +42,7 @@ spliteq() {
 }
 
 fat_binary=
-
+ignore_cve=no
 parsearg() {
 	case "$1" in
 	--prefix=*) prefix=`spliteq $1`;;
@@ -48,6 +51,8 @@ parsearg() {
 	--libdir=*) libdir=`spliteq $1`;;
 	--includedir=*) includedir=`spliteq $1`;;
 	--sysconfdir=*) sysconfdir=`spliteq $1`;;
+	--ignore-cve) ignore_cve=1;;
+	--ignore-cve=*) ignore_cve=`spliteq $1`;;
 	--fat-binary) fat_binary=1;;
 	--help) usage;;
 	esac
@@ -94,6 +99,7 @@ echo bindir=$bindir>>config.mak
 echo libdir=$libdir>>config.mak
 echo includedir=$includedir>>config.mak
 echo sysconfdir=$sysconfdir>>config.mak
+[ "$ignore_cve" = "no" ] && echo CPPFLAGS+= -DSUPER_SECURE>>config.mak
 make_cmd=make
 if ismac ; then
 	echo NO_AS_NEEDED=>>config.mak

src/allocator_thread.c

@@ -10,12 +10,10 @@
 #include <stddef.h>
 #include <errno.h>
 #include "allocator_thread.h"
-#include "shm.h"
 #include "debug.h"
 #include "ip_type.h"
 #include "mutex.h"
 #include "hash.h"
-#include "stringdump.h"
 
 /* stuff for our internal translation table */
 
@@ -30,6 +28,12 @@ typedef struct {
 	string_hash_tuple** list;
 } internal_ip_lookup_table;
 
+static void *dumpstring(char* s, size_t len) {
+	char* p = malloc(len);
+	if(p) memcpy(p, s, len);
+	return p;
+}
+
 pthread_mutex_t internal_ips_lock;
 internal_ip_lookup_table *internal_ips = NULL;
 internal_ip_lookup_table internal_ips_buf;

src/core.c

@@ -37,7 +37,6 @@
 
 #include "core.h"
 #include "common.h"
-#include "shm.h"
 #include "allocator_thread.h"
 
 extern int tcp_read_time_out;

src/libproxychains.c

@@ -95,15 +95,12 @@ static void* load_sym(char* symname, void* proxyfunc) {
 
 #define SETUP_SYM(X) do { true_ ## X = load_sym( # X, X ); } while(0)
 
-#include "shm.h"
 #include "allocator_thread.h"
-#include "stringdump.h"
 
 const char *proxychains_get_version(void);
 
 static void do_init(void) {
 	srand(time(NULL));
-	dumpstring_init(); // global string garbage can
 	core_initialize();
 	at_init();
 

src/main.c

@@ -33,7 +33,9 @@ static const char *dll_name = DLL_NAME;
 
 static char own_dir[256];
 static const char *dll_dirs[] = {
+#ifndef SUPER_SECURE /* CVE-2015-3887 */
 	".",
+#endif
 	own_dir,
 	LIB_DIR,
 	"/lib",
@@ -48,7 +50,11 @@ static void set_own_dir(const char *argv0) {
 	while(l && argv0[l - 1] != '/')
 		l--;
 	if(l == 0)
+#ifdef SUPER_SECURE
+		memcpy(own_dir, "/dev/null/", 11);
+#else
 		memcpy(own_dir, ".", 2);
+#endif
 	else {
 		memcpy(own_dir, argv0, l - 1);
 		own_dir[l] = 0;

src/shm.c

@@ -1,53 +0,0 @@
-#include <assert.h>
-#include <string.h>
-#include <limits.h>
-#include <string.h>
-#include <stdlib.h>
-#ifndef PAGE_SIZE
-#define PAGE_SIZE 4096
-#endif
-#include "shm.h"
-#include "debug.h"
-
-#if 0
-#include <sys/mman.h>
-#include <sys/ipc.h>
-#include <sys/shm.h>
-
-/* allocates shared memory which can be accessed from the parent and its childs */
-void *shm_realloc(void* old, size_t old_size, size_t new_size) {
-	//PFUNC();
-	void *nu = mmap(NULL, new_size, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANON, -1, 0);
-	if(old) {
-		if(!nu) return NULL;
-		assert(new_size >= old_size);
-		memcpy(nu, old, old_size);
-		munmap(old, old_size);
-	}
-	return nu;
-}
-#endif
-
-void stringpool_init(struct stringpool* sp) {
-	PFUNC();
-	memset(sp, 0, sizeof *sp);
-}
-
-char* stringpool_add(struct stringpool *sp, char* s, size_t len) {
-	//PFUNC();
-	if(len > sp->alloced - sp->used) {
-		size_t newsz = sp->used + len;
-		size_t inc = PAGE_SIZE - (newsz % PAGE_SIZE);
-		newsz += (inc == PAGE_SIZE) ? 0 : inc;
-		void* p = realloc(sp->start, newsz);
-		if(p) {
-			sp->start = p;
-			sp->alloced = newsz;
-		} else 
-			return 0;
-	}
-	char* ret = sp->start + sp->used;
-	memcpy(ret, s, len);
-	sp->used += len;
-	return ret;
-}

src/shm.h

@@ -1,17 +0,0 @@
-#ifndef SHM_H
-#define SHM_H
-#include <unistd.h>
-
-struct stringpool {
-	size_t alloced;
-	size_t used;
-	char* start;
-};
-
-void stringpool_init(struct stringpool* sp);
-char* stringpool_add(struct stringpool *sp, char* s, size_t len);
-#if 0
-void *shm_realloc(void* old, size_t old_size, size_t new_size);
-#endif
-//RcB: DEP "shm.c"
-#endif

src/stringdump.c

@@ -1,13 +0,0 @@
-#include "stringdump.h"
-#include "debug.h"
-
-struct stringpool mem;
-
-char *dumpstring(char* s, size_t len) {
-	PFUNC();
-	return stringpool_add(&mem, s, len);
-}
-
-void dumpstring_init(void) {
-	stringpool_init(&mem);
-}

src/stringdump.h

@@ -1,12 +0,0 @@
-#ifndef STRINGDUMP_H
-#define STRINGDUMP_H
-
-#include "shm.h"
-#include <unistd.h>
-
-char *dumpstring(char* s, size_t len);
-void dumpstring_init(void);
-
-//RcB: DEP "stringdump.h"
-
-#endif