release 4.9

fixup for 9ab7dbe
fix for CVE-2015-3887
2026-05-15 10:03:23 +08:00 · 2015-05-28 08:35:57 +02:00 · 2015-05-21 14:04:10 +01:00 · 2015-05-21 13:46:22 +01:00 · 2015-04-08 11:09:48 +01:00
4 changed files with 21 additions and 3 deletions
@@ -1,4 +1,4 @@
-ProxyChains-NG ver 4.8 README
+ProxyChains-NG ver 4.9 README
 =============================
  ProxyChains is a UNIX program, that hooks network-related libc functions
@@ -52,6 +52,12 @@ ProxyChains-NG ver 4.8 README
 Changelog:
 ----------
 Version 4.9
 - fix a security issue CVE-2015-3887
 - add sendto hook to handle MSG_FASTOPEN flag
 - replace problematic hostentdb with hostsreader
 - fix compilation on OpenBSD (although doesn't work there)
 Version 4.8.1:
 - fix regression in 4.8 install-config Makefile target
@@ -1 +1 @@
-4.8.1
+4.9
@@ -26,6 +26,9 @@ usage() {
 	echo "--libdir=/path		default: $prefix/lib"
 	echo "--includedir=/path	default: $prefix/include"
 	echo "--sysconfdir=/path	default: $prefix/etc"
 	echo "--ignore-cve		default: no"
 	echo "	if set to yes ignores CVE-2015-3887 and makes it possible"
 	echo "	to preload from current dir (insecure)"
 	ismac && isx86_64 && echo "--fat-binary : build for both i386 and x86_64 architectures on 64-bit Macs"
 	echo "--help : show this text"
 	exit 1
@@ -39,7 +42,7 @@ spliteq() {
 }
 fat_binary=
-
+ignore_cve=no
 parsearg() {
 	case "$1" in
 	--prefix=*) prefix=`spliteq $1`;;
@@ -48,6 +51,8 @@ parsearg() {
 	--libdir=*) libdir=`spliteq $1`;;
 	--includedir=*) includedir=`spliteq $1`;;
 	--sysconfdir=*) sysconfdir=`spliteq $1`;;
 	--ignore-cve) ignore_cve=1;;
 	--ignore-cve=*) ignore_cve=`spliteq $1`;;
 	--fat-binary) fat_binary=1;;
 	--help) usage;;
 	esac
@@ -94,6 +99,7 @@ echo bindir=$bindir>>config.mak
 echo libdir=$libdir>>config.mak
 echo includedir=$includedir>>config.mak
 echo sysconfdir=$sysconfdir>>config.mak
 [ "$ignore_cve" = "no" ] && echo CPPFLAGS+= -DSUPER_SECURE>>config.mak
 make_cmd=make
 if ismac ; then
 	echo NO_AS_NEEDED=>>config.mak
@@ -33,7 +33,9 @@ static const char *dll_name = DLL_NAME;
 static char own_dir[256];
 static const char *dll_dirs[] = {
 #ifndef SUPER_SECURE /* CVE-2015-3887 */
 	".",
 #endif
 	own_dir,
 	LIB_DIR,
 	"/lib",
@@ -48,7 +50,11 @@ static void set_own_dir(const char *argv0) {
 	while(l && argv0[l - 1] != '/')
 		l--;
 	if(l == 0)
 #ifdef SUPER_SECURE
 		memcpy(own_dir, "/dev/null/", 11);
 #else
 		memcpy(own_dir, ".", 2);
 #endif
 	else {
 		memcpy(own_dir, argv0, l - 1);
 		own_dir[l] = 0;