head	1.9;
access;
symbols
	old_RELEASE_4_10_0:1.8
	old_RELEASE_5_2_1:1.8
	old_RELEASE_5_2_0:1.8
	old_RELEASE_4_9_0:1.8
	old_RELEASE_5_1_0:1.8
	old_RELEASE_4_8_0:1.8
	old_RELEASE_5_0_0:1.8
	old_RELEASE_4_7_0:1.8
	old_RELEASE_4_6_2:1.7
	old_RELEASE_4_6_1:1.7
	old_RELEASE_4_6_0:1.7
	old_RELEASE_5_0_DP1:1.6
	old_RELEASE_4_5_0:1.6
	old_RELEASE_4_4_0:1.6;
locks; strict;
comment	@# @;


1.9
date	2004.05.21.09.12.33;	author ache;	state dead;
branches;
next	1.8;

1.8
date	2002.07.02.04.44.35;	author ache;	state Exp;
branches;
next	1.7;

1.7
date	2002.05.15.08.52.48;	author ache;	state Exp;
branches;
next	1.6;

1.6
date	2001.05.18.12.44.57;	author ache;	state Exp;
branches;
next	1.5;

1.5
date	2001.04.23.09.55.03;	author ache;	state Exp;
branches;
next	1.4;

1.4
date	2001.04.20.08.48.51;	author ache;	state Exp;
branches;
next	1.3;

1.3
date	2001.03.13.15.49.35;	author ache;	state dead;
branches;
next	1.2;

1.2
date	2001.02.20.17.55.27;	author ache;	state Exp;
branches;
next	1.1;

1.1
date	2001.01.29.10.45.06;	author ache;	state Exp;
branches;
next	;


desc
@@


1.9
log
@Upgrade to 3.1.21

PR:             66353
@
text
@--- src/search.c.orig	Tue Jun 26 12:55:17 2001
+++ src/search.c	Wed May 15 11:29:07 2002
@@@@ -1246,7 +1246,7 @@@@
 int i;
 time_t tclock;
 	tclock=time(0);
-	srand((unsigned)tclock);
+	srand((unsigned)(tclock^(getpid()<<16)));
 	for(i=0;i<MAXRANDOM;i++)
 		Randoms[i]=0;
 }
@


1.8
log
@Upgrade to 3.1.20
@
text
@@


1.7
log
@Fix query buffer overflow
@
text
@a11 11
@@@@ -1404,6 +1404,10 @@@@
 		if(!UDM_STRNCMP(token,"q=")){
 			char str[UDMSTRSIZ]="";
 			query_words=strdup(UdmUnescapeCGIQuery(str,token+2));
+			if (strlen(query_words) > 512) {
+				printf("<html><body>Query string too long!</body></html>\n");
+				return(0);
+			}
 			query_url_escaped=strdup(UdmEscapeURL(str,query_words));
 			query_form_escaped=UdmHtmlSpecialChars(query_words);
 		}else
@


1.6
log
@Upgrade to 3.1.13
@
text
@d1 3
a3 3
--- src/search.c.bak	Tue May 15 13:08:14 2001
+++ src/search.c	Fri May 18 16:22:44 2001
@@@@ -1239,7 +1239,7 @@@@
d12 11
@


1.5
log
@rand-related fixes
@
text
@d1 3
a3 12
--- src/search.c.orig	Wed Feb 28 15:28:10 2001
+++ src/search.c	Mon Apr 23 06:46:50 2001
@@@@ -431,7 +431,7 @@@@
 					s=str+1;
 					while((*s)&&(isdigit(*s)))s++;
 					j=atoi(UdmTrim(s,"= \t\r\n"));
-					if((i>0)&&(i<MAXRANDOM)){
+					if((i>=0)&&(i<MAXRANDOM)){
 						frand=rand();
 						frand=frand/RAND_MAX*j;
 						Randoms[i]=frand;
@@@@ -1225,7 +1225,7 @@@@
a11 23
@@@@ -1269,7 +1269,8 @@@@
 		strcpy(template,env);
 
 	if((env=getenv("QUERY_STRING"))){
-		strcpy(query_string,env);
+		strncpy(query_string,env,UDMSTRSIZ-1);
+		query_string[UDMSTRSIZ-1] = '\0';
 		if((env=getenv("REDIRECT_STATUS"))){
 
 			/* Check Apache internal redirect  */
@@@@ -1316,8 +1317,10 @@@@
 		/* or under server which do not   */
 		/* pass an empty QUERY_STRING var */
 
-		if(argv[1])
-			sprintf(query_string,"q=%s",argv[1]);
+		if(argv[1]) {
+			strcpy(query_string, "q=");
+			strncat(query_string, argv[1], UDMSTRSIZ-1-2);
+		}
 		if(!template[0])
 			sprintf(template,"%s/%s", UDM_CONF_DIR,"search.htm");
 	}
@


1.4
log
@Fix remote buffer overflow in search.cgi arguments
@
text
@d1 20
a20 2
--- src/search.c.old	Wed Feb 28 15:28:10 2001
+++ src/search.c	Thu Apr 19 18:02:10 2001
@


1.3
log
@Upgrade to 3.1.12
@
text
@d1 4
a4 10
--- etc/search.htm-dist.bak	Fri Feb 16 12:49:16 2001
+++ etc/search.htm-dist	Tue Feb 20 20:00:27 2001
@@@@ -126,7 +126,7 @@@@
 <SELECT NAME="wm">
 <OPTION VALUE="wrd" SELECTED="$wm">Whole word
 <OPTION VALUE="beg" SELECTED="$wm">Beginning
-<OPTION VALUE="beg" SELECTED="$wm">Ending
+<OPTION VALUE="end" SELECTED="$wm">Ending
 <OPTION VALUE="sub" SELECTED="$wm">Substring
 </SELECT>
d6 20
@


1.2
log
@Upgrade to 3.1.11
@
text
@@


1.1
log
@Re-import under different name to minimize confusion and left "mnoGoSearch"
name for udmsearch.
@
text
@d1 10
a10 3
--- run-splitter.in.bak	Wed Jan 10 15:25:43 2001
+++ run-splitter.in	Sun Jan 28 12:06:37 2001
@@@@ -2,7 +2,7 @@@@
a11 7
 PREFIX=@@prefix@@
 
-VAR=$PREFIX/var
+VAR=/var/mnogosearch
 SBIN=$PREFIX/sbin
 PID=$VAR/cachelogd.pid
 SPLITTER=$SBIN/splitter
@

