Changeset 5502

Timestamp:

Jul 13, 2017, 9:41:54 AM (4 years ago)

Author:

Juanma

Message:

Initial release

Location:

squid-ssl/trunk/fuentes

Files:

• .pc (added)
• .pc/.dpkg-source-unapply (added)
• .pc/.quilt_patches (added)
• .pc/.quilt_series (added)
• .pc/.version (added)
• .pc/01-cf.data.debian.patch (added)
• .pc/01-cf.data.debian.patch/src (added)
• .pc/01-cf.data.debian.patch/src/cf.data.pre (added)
• .pc/02-makefile-defaults.patch (added)
• .pc/02-makefile-defaults.patch/src (added)
• .pc/02-makefile-defaults.patch/src/Makefile.am (added)
• .pc/02-makefile-defaults.patch/src/Makefile.in (added)
• .pc/90-cf.data.ubuntu.patch (added)
• .pc/90-cf.data.ubuntu.patch/src (added)
• .pc/90-cf.data.ubuntu.patch/src/cf.data.pre (added)
• .pc/99-ubuntu-ssl-cert-snakeoil.patch (added)
• .pc/99-ubuntu-ssl-cert-snakeoil.patch/src (added)
• .pc/99-ubuntu-ssl-cert-snakeoil.patch/src/cf.data.pre (added)
• .pc/CVE-2016-10002.patch (added)
• .pc/CVE-2016-10002.patch/src (added)
• .pc/CVE-2016-10002.patch/src/LogTags.h (added)
• .pc/CVE-2016-10002.patch/src/client_side.cc (added)
• .pc/CVE-2016-10002.patch/src/client_side_reply.cc (added)
• .pc/CVE-2016-10002.patch/src/client_side_reply.h (added)
• .pc/CVE-2016-10003.patch (added)
• .pc/CVE-2016-10003.patch/src (added)
• .pc/CVE-2016-10003.patch/src/client_side_reply.cc (added)
• .pc/CVE-2016-3947.patch (added)
• .pc/CVE-2016-3947.patch/src (added)
• .pc/CVE-2016-3947.patch/src/icmp (added)
• .pc/CVE-2016-3947.patch/src/icmp/Icmp6.cc (added)
• .pc/CVE-2016-4051.patch (added)
• .pc/CVE-2016-4051.patch/src (added)
• .pc/CVE-2016-4051.patch/src/tests (added)
• .pc/CVE-2016-4051.patch/src/tests/stub_cbdata.cc (added)
• .pc/CVE-2016-4051.patch/src/tests/stub_mem.cc (added)
• .pc/CVE-2016-4051.patch/tools (added)
• .pc/CVE-2016-4051.patch/tools/Makefile.am (added)
• .pc/CVE-2016-4051.patch/tools/cachemgr.cc (added)
• .pc/CVE-2016-4052.patch (added)
• .pc/CVE-2016-4052.patch/src (added)
• .pc/CVE-2016-4052.patch/src/esi (added)
• .pc/CVE-2016-4052.patch/src/esi/Esi.cc (added)
• .pc/CVE-2016-4553.patch (added)
• .pc/CVE-2016-4553.patch/src (added)
• .pc/CVE-2016-4553.patch/src/client_side.cc (added)
• .pc/CVE-2016-4554.patch (added)
• .pc/CVE-2016-4554.patch/src (added)
• .pc/CVE-2016-4554.patch/src/mime_header.cc (added)
• .pc/CVE-2016-4555.patch (added)
• .pc/CVE-2016-4555.patch/src (added)
• .pc/CVE-2016-4555.patch/src/client_side_request.cc (added)
• .pc/CVE-2016-4555.patch/src/esi (added)
• .pc/CVE-2016-4555.patch/src/esi/Context.h (added)
• .pc/CVE-2016-4555.patch/src/esi/Esi.cc (added)
• .pc/applied-patches (added)
• src/LogTags.h (modified) (2 diffs)
• src/Makefile.am (modified) (1 diff)
• src/Makefile.in (modified) (1 diff)
• src/cf.data.pre (modified) (7 diffs)
• src/client_side.cc (modified) (2 diffs)
• src/client_side_reply.h (modified) (1 diff)
• src/client_side_request.cc (modified) (1 diff)
• src/esi/Context.h (modified) (2 diffs)
• src/esi/Esi.cc (modified) (9 diffs)
• src/icmp/Icmp6.cc (modified) (3 diffs)
• src/mime_header.cc (modified) (1 diff)
• src/tests/stub_cbdata.cc (modified) (1 diff)
• src/tests/stub_mem.cc (modified) (1 diff)
• tools/Makefile.am (modified) (3 diffs)
• tools/cachemgr.cc (modified) (8 diffs)

squid-ssl/trunk/fuentes/src/LogTags.h

@@ -28 +28 @@
     LOG_TCP_CLIENT_REFRESH_MISS,
     LOG_TCP_IMS_HIT,
+    LOG_TCP_INM_HIT,
     LOG_TCP_SWAPFAIL_MISS,
     LOG_TCP_NEGATIVE_HIT,
@@ -54 +55 @@
         (code == LOG_TCP_HIT) ||
         (code == LOG_TCP_IMS_HIT) ||
+        (code == LOG_TCP_INM_HIT) ||
         (code == LOG_TCP_REFRESH_FAIL_OLD) ||
         (code == LOG_TCP_REFRESH_UNMODIFIED) ||

squid-ssl/trunk/fuentes/src/Makefile.am

@@ -910 +910 @@
 DEFAULT_CONFIG_DIR      = $(sysconfdir)
 DEFAULT_CONFIG_FILE     = $(DEFAULT_CONFIG_DIR)/squid.conf
-DEFAULT_MIME_TABLE      = $(DEFAULT_CONFIG_DIR)/mime.conf
+DEFAULT_MIME_TABLE      = $(datadir)/mime.conf
 DEFAULT_SSL_CRTD        = $(libexecdir)/`echo ssl_crtd  | sed '$(transform);s/$$/$(EXEEXT)/'`
 DEFAULT_LOG_PREFIX      = $(DEFAULT_LOG_DIR)

squid-ssl/trunk/fuentes/src/Makefile.in

@@ -3258 +3258 @@
 DEFAULT_CONFIG_DIR = $(sysconfdir)
 DEFAULT_CONFIG_FILE = $(DEFAULT_CONFIG_DIR)/squid.conf
-DEFAULT_MIME_TABLE = $(DEFAULT_CONFIG_DIR)/mime.conf
+DEFAULT_MIME_TABLE = $(datadir)/mime.conf
 DEFAULT_SSL_CRTD = $(libexecdir)/`echo ssl_crtd  | sed '$(transform);s/$$/$(EXEEXT)/'`
 DEFAULT_LOG_PREFIX = $(DEFAULT_LOG_DIR)

squid-ssl/trunk/fuentes/src/cf.data.pre

@@ -1207 +1207 @@
 # Adapt to list your (internal) IP networks from where browsing
 # should be allowed
-acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
-acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
-acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
-acl localnet src fc00::/7       # RFC 4193 local private network range
-acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
+#acl localnet src 10.0.0.0/8    # RFC1918 possible internal network
+#acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
+#acl localnet src 192.168.0.0/16        # RFC1918 possible internal network
+#acl localnet src fc00::/7       # RFC 4193 local private network range
+#acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
 
 acl SSL_ports port 443
@@ -1460 +1460 @@
 # Adapt localnet in the ACL section to list your (internal) IP networks
 # from where browsing should be allowed
-http_access allow localnet
+#http_access allow localnet
 http_access allow localhost
 
@@ -3211 +3211 @@
                         reference a combined file containing both the
                         certificate and the key.
+
+        Notes:
+        
+        On Debian/Ubuntu systems a default snakeoil certificate is
+    available in /etc/ssl and users can set:
+
+                cert=/etc/ssl/certs/ssl-cert-snakeoil.pem
+
+        and
+
+                key=/etc/ssl/private/ssl-cert-snakeoil.key
+
+        for testing.
         
         sslversion=1|2|3|4|5|6
@@ -4534 +4547 @@
 NAME: logfile_rotate
 TYPE: int
-DEFAULT: 10
+DEFAULT: 0
 LOC: Config.Log.rotateNumber
 DOC_START
@@ -4553 +4566 @@
         Note, from Squid-3.1 this option is only a default for cache.log,
         that log can be rotated separately by using debug_options.
+
+        Note2, for Debian/Linux the default of logfile_rotate is
+        zero, since it includes external logfile-rotation methods.
 DOC_END
 
@@ -5431 +5447 @@
 refresh_pattern ^gopher:        1440    0%      1440
 refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
+refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
+# example lin deb packages
+#refresh_pattern (\.deb|\.udeb)$   129600 100% 129600
 refresh_pattern .               0       20%     4320
 NOCOMMENT_END
@@ -8897 +8916 @@
         WARNING:
           This option will restrict the situations under which IPv6
-          connectivity is used (and tested). Hiding network problems
-          which would otherwise be detected and warned about.
+          connectivity is used (and tested), potentially hiding network
+          problems which would otherwise be detected and warned about.
 DOC_END
 

squid-ssl/trunk/fuentes/src/client_side.cc

@@ -416 +416 @@
         break;
 
+    case LOG_TCP_INM_HIT:
     case LOG_TCP_IMS_HIT:
         statCounter.client_http.nearMissSvcTime.count(svc_time);
@@ -2661 +2662 @@
             return;
         }
+
+        // when absolute-URI is provided Host header should be ignored. However
+        // some code still uses Host directly so normalize it.
+        // For now preserve the case where Host is completely absent. That matters.
+        if (request->header.has(HDR_HOST)) {
+            const char *host = request->header.getStr(HDR_HOST);
+            SBuf authority(request->GetHost());
+            if (request->port != urlDefaultPort(request->url.getScheme()))
+                authority.appendf(":%d", request->port);
+            debugs(33, 5, "URL domain " << authority << " overrides header Host: " << host);
+            // URL authority overrides Host header
+            request->header.delById(HDR_HOST);
+            request->header.putStr(HDR_HOST, authority.c_str());
+        }
     }
 

squid-ssl/trunk/fuentes/src/client_side_reply.h

@@ -115 +115 @@
     int checkTransferDone();
     void processOnlyIfCachedMiss();
-    void processConditional(StoreIOBuffer &result);
+    bool processConditional(StoreIOBuffer &result);
     void cacheHit(StoreIOBuffer result);
     void handleIMSReply(StoreIOBuffer result);

squid-ssl/trunk/fuentes/src/client_side_request.cc

@@ -142 +142 @@
     al = new AccessLogEntry;
     al->cache.start_time = current_time;
-    al->tcpClient = clientConnection = aConn->clientConnection;
-    al->cache.port = aConn->port;
-    al->cache.caddr = aConn->log_addr;
+    if (aConn) {
+        al->tcpClient = clientConnection = aConn->clientConnection;
+        al->cache.port = aConn->port;
+        al->cache.caddr = aConn->log_addr;
 
 #if USE_OPENSSL
-    if (aConn->clientConnection != NULL && aConn->clientConnection->isOpen()) {
-        if (SSL *ssl = fd_table[aConn->clientConnection->fd].ssl)
-            al->cache.sslClientCert.reset(SSL_get_peer_certificate(ssl));
-    }
-#endif
+        if (aConn->clientConnection != NULL && aConn->clientConnection->isOpen()) {
+            if (SSL *ssl = fd_table[aConn->clientConnection->fd].ssl)
+                al->cache.sslClientCert.reset(SSL_get_peer_certificate(ssl));
+        }
+#endif
+    }
     dlinkAdd(this, &active, &ClientActiveRequests);
 #if USE_ADAPTATION

squid-ssl/trunk/fuentes/src/esi/Context.h

@@ -14 +14 @@
 #include "esi/Element.h"
 #include "esi/Parser.h"
+#include "HttpReply.h"
 #include "http/StatusCode.h"
 
@@ -92 +93 @@
     Http::StatusCode errorstatus; /* if we error, what code to return */
     char *errormessage; /* error to pass to error page */
-    HttpReply *rep; /* buffered until we pass data downstream */
+    HttpReply::Pointer rep; /* buffered until we pass data downstream */
     ESISegment::Pointer buffered; /* unprocessed data - for whatever reason */
     ESISegment::Pointer incoming;

squid-ssl/trunk/fuentes/src/esi/Esi.cc

@@ -574 +574 @@
 #endif
 
-    if (!(rep || (outbound.getRaw() &&
+    if (!(rep != NULL || (outbound.getRaw() &&
                   outbound->len && (outbound_offset <= outbound->len)))) {
         debugs(86, 5, "ESIContext::send: Nothing to send.");
@@ -619 +619 @@
     debugs(86, 5, "ESIContext::send: this=" << this << " Client no longer wants data ");
     /* Deal with re-entrancy */
-    HttpReply *temprep = rep;
+    HttpReply::Pointer temprep = rep;
     rep = NULL; /* freed downstream */
 
-    if (temprep && varState)
-        varState->buildVary (temprep);
+    if (temprep != NULL && varState)
+        varState->buildVary(temprep.getRaw());
 
     {
@@ -630 +630 @@
         tempBuffer.offset = pos - len;
         tempBuffer.data = next->readBuffer.data;
-        clientStreamCallback (thisNode, http, temprep, tempBuffer);
+        clientStreamCallback (thisNode, http, temprep.getRaw(), tempBuffer);
     }
 
@@ -967 +967 @@
     int specifiedattcount = attrCount * 2;
     char *position;
-    assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */
+    Must(ellen < sizeof(localbuf)); /* prevent unexpected overruns. */
 
     debugs(86, 5, "ESIContext::Start: element '" << el << "' with " << specifiedattcount << " tags");
@@ -981 +981 @@
         localbuf[0] = '<';
         localbuf[1] = '\0';
-        assert (xstrncpy (&localbuf[1], el, sizeof(localbuf) - 2));
+        xstrncpy(&localbuf[1], el, sizeof(localbuf) - 2);
         position = localbuf + strlen (localbuf);
 
         for (i = 0; i < specifiedattcount && attr[i]; i += 2) {
+            Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1);
             *position = ' ';
             ++position;
             /* TODO: handle thisNode gracefully */
-            assert (xstrncpy (position, attr[i], sizeof(localbuf) + (position - localbuf)));
+            xstrncpy(position, attr[i], sizeof(localbuf) - (position - localbuf));
             position += strlen (position);
+            Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 2);
             *position = '=';
             ++position;
@@ -998 +1000 @@
             while ((ch = *chPtr++) != '\0') {
                 if (ch == '\"') {
-                    assert( xstrncpy(position, "&quot;", sizeof(localbuf) + (position-localbuf)) );
+                    Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 6);
+                    xstrncpy(position, "&quot;", sizeof(localbuf) - (position-localbuf));
                     position += 6;
                 } else {
+                    Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1);
                     *position = ch;
                     ++position;
                 }
             }
-            position += strlen (position);
+            Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1);
             *position = '\"';
             ++position;
         }
 
+        Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 2);
         *position = '>';
         ++position;
@@ -1095 +1100 @@
 
     case ESIElement::ESI_ELEMENT_NONE:
-        assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */
+        Must(ellen < sizeof(localbuf) - 3); /* prevent unexpected overruns. */
         /* Add elements we aren't interested in */
         localbuf[0] = '<';
         localbuf[1] = '/';
-        assert (xstrncpy (&localbuf[2], el, sizeof(localbuf) - 3));
+        xstrncpy(&localbuf[2], el, sizeof(localbuf) - 3);
         position = localbuf + strlen (localbuf);
         *position = '>';
@@ -1255 +1260 @@
     }
 
-    if (rep && !parserState.inited())
+    if (rep != NULL && !parserState.inited())
         parserState.init(this);
 
@@ -1394 +1399 @@
     debugs(86, 5, HERE << "Freeing for this=" << this);
 
-    HTTPMSGUNLOCK(rep);
+    rep = NULL; // refcounted
 
     finishChildren ();

squid-ssl/trunk/fuentes/src/icmp/Icmp6.cc

@@ -257 +257 @@
 
         ip = (struct ip6_hdr *) pkt;
-        pkt += sizeof(ip6_hdr);
+        NP: echo size needs to +sizeof(ip6_hdr);
 
     debugs(42, DBG_CRITICAL, HERE << "ip6_nxt=" << ip->ip6_nxt <<
@@ -268 +268 @@
 
     icmp6header = (struct icmp6_hdr *) pkt;
-    pkt += sizeof(icmp6_hdr);
 
     if (icmp6header->icmp6_type != ICMP6_ECHO_REPLY) {
@@ -293 +292 @@
     }
 
-    echo = (icmpEchoData *) pkt;
+    echo = (icmpEchoData *) (pkt + sizeof(icmp6_hdr));
 
     preply.opcode = echo->opcode;

squid-ssl/trunk/fuentes/src/mime_header.cc

@@ -37 +37 @@
     debugs(25, 5, "mime_get_header: looking for '" << name << "'");
 
-    for (p = mime; *p; p += strcspn(p, "\n\r")) {
-        if (strcmp(p, "\r\n\r\n") == 0 || strcmp(p, "\n\n") == 0)
+    for (p = mime; *p; p += strcspn(p, "\n")) {
+        if (strcmp(p, "\n\r\n") == 0 || strcmp(p, "\n\n") == 0)
             return NULL;
 
-        while (xisspace(*p))
+        if (*p == '\n')
             ++p;
 

squid-ssl/trunk/fuentes/src/tests/stub_cbdata.cc

@@ -14 +14 @@
 
 void cbdataRegisterWithCacheManager(void) STUB
-
+void *cbdataInternalAlloc(cbdata_type type, const char *, int sz) {
+    return xcalloc(1, sz);
+}
+void *cbdataInternalFree(void *p, const char *, int) {
+    xfree(p);
+    return NULL;
+}
 #if USE_CBDATA_DEBUG
 void *cbdataInternalAllocDbg(cbdata_type type, const char *, int) STUB_RETVAL(NULL)

squid-ssl/trunk/fuentes/src/tests/stub_mem.cc

@@ -15 +15 @@
 #define STUB_API "stub_mem.cc"
 #include "Mem.h"
-#include "STUB.h"
+#include "tests/STUB.h"
 
 void

squid-ssl/trunk/fuentes/tools/Makefile.am

@@ -35 +35 @@
         cp $(top_srcdir)/src/tests/stub_debug.cc .
 
+MemBuf.cc: $(top_srcdir)/src/MemBuf.cc
+        cp $(top_srcdir)/src/MemBuf.cc $@
+
 time.cc: $(top_srcdir)/src/time.cc
         cp $(top_srcdir)/src/time.cc .
+
+stub_cbdata.cc: $(top_srcdir)/src/tests/stub_cbdata.cc
+        cp $(top_srcdir)/src/tests/stub_cbdata.cc $@
+
+stub_mem.cc: $(top_srcdir)/src/tests/stub_mem.cc
+        cp $(top_srcdir)/src/tests/stub_mem.cc $@
 
 # stock tools for unit tests - library independent versions of dlink_list
@@ -43 +52 @@
 # Neither of these should be disted from here.
 TESTSOURCES= test_tools.cc
-CLEANFILES += test_tools.cc stub_debug.cc time.cc
+CLEANFILES += test_tools.cc MemBuf.cc stub_debug.cc time.cc stub_cbdata.cc stub_mem.cc
 
 ## ##### helper-mux #####
@@ -61 +70 @@
 
 cachemgr__CGIEXT__SOURCES = cachemgr.cc \
+        MemBuf.cc \
+        stub_cbdata.cc \
         stub_debug.cc \
+        stub_mem.cc \
         test_tools.cc \
         time.cc

squid-ssl/trunk/fuentes/tools/cachemgr.cc

@@ -12 +12 @@
 #include "html_quote.h"
 #include "ip/Address.h"
+#include "MemBuf.h"
 #include "rfc1123.h"
 #include "rfc1738.h"
@@ -424 +425 @@
 }
 
-static const char *
-munge_menu_line(const char *buf, cachemgr_request * req)
+static void
+munge_menu_line(MemBuf &out, const char *buf, cachemgr_request * req)
 {
     char *x;
@@ -433 +434 @@
     char *a_url;
     char *buf_copy;
-    static char html[2 * 1024];
-
-    if (strlen(buf) < 1)
-        return buf;
-
-    if (*buf != ' ')
-        return buf;
-
-    buf_copy = x = xstrdup(buf);
+
+    const char bufLen = strlen(buf);
+    if (bufLen < 1 || *buf != ' ') {
+        out.append(buf, bufLen);
+        return;
+    }
+
+    buf_copy = x = xstrndup(buf, bufLen);
 
     a = xstrtok(&x, '\t');
@@ -453 +453 @@
     /* no reason to give a url for a disabled action */
     if (!strcmp(p, "disabled"))
-        snprintf(html, sizeof(html), "<LI type=\"circle\">%s (disabled)<A HREF=\"%s\">.</A>\n", d, a_url);
+        out.Printf("<LI type=\"circle\">%s (disabled)<A HREF=\"%s\">.</A>\n", d, a_url);
     else
         /* disable a hidden action (requires a password, but password is not in squid.conf) */
         if (!strcmp(p, "hidden"))
-            snprintf(html, sizeof(html), "<LI type=\"circle\">%s (hidden)<A HREF=\"%s\">.</A>\n", d, a_url);
+            out.Printf("<LI type=\"circle\">%s (hidden)<A HREF=\"%s\">.</A>\n", d, a_url);
         else
             /* disable link if authentication is required and we have no password */
             if (!strcmp(p, "protected") && !req->passwd)
-                snprintf(html, sizeof(html), "<LI type=\"circle\">%s (requires <a href=\"%s\">authentication</a>)<A HREF=\"%s\">.</A>\n",
-                         d, menu_url(req, "authenticate"), a_url);
+                out.Printf("<LI type=\"circle\">%s (requires <a href=\"%s\">authentication</a>)<A HREF=\"%s\">.</A>\n",
+                            d, menu_url(req, "authenticate"), a_url);
             else
                 /* highlight protected but probably available entries */
                 if (!strcmp(p, "protected"))
-                    snprintf(html, sizeof(html), "<LI type=\"square\"><A HREF=\"%s\"><font color=\"#FF0000\">%s</font></A>\n",
-                             a_url, d);
+                    out.Printf("<LI type=\"square\"><A HREF=\"%s\"><font color=\"#FF0000\">%s</font></A>\n",
+                                a_url, d);
 
     /* public entry or unknown type of protection */
                 else
-                    snprintf(html, sizeof(html), "<LI type=\"disk\"><A HREF=\"%s\">%s</A>\n", a_url, d);
+                    out.Printf("<LI type=\"disk\"><A HREF=\"%s\">%s</A>\n", a_url, d);
 
     xfree(a_url);
 
     xfree(buf_copy);
-
-    return html;
-}
-
-static const char *
-munge_other_line(const char *buf, cachemgr_request * req)
+}
+
+static void
+munge_other_line(MemBuf &out, const char *buf, cachemgr_request *)
 {
     static const char *ttags[] = {"td", "th"};
 
-    static char html[4096];
     static int table_line_num = 0;
     static int next_is_header = 0;
@@ -492 +489 @@
     char *buf_copy;
     char *x, *p;
-    int l = 0;
     /* does it look like a table? */
 
     if (!strchr(buf, '\t') || *buf == '\t') {
         /* nope, just text */
-        snprintf(html, sizeof(html), "%s%s",
-                 table_line_num ? "</table>\n<pre>" : "", html_quote(buf));
+        if (table_line_num)
+            out.append("</table>\n<pre>", 14);
+        out.Printf("%s", html_quote(buf));
         table_line_num = 0;
-        return html;
+        return;
     }
 
     /* start html table */
     if (!table_line_num) {
-        l += snprintf(html + l, sizeof(html) - l, "</pre><table cellpadding=\"2\" cellspacing=\"1\">\n");
+        out.append("</pre><table cellpadding=\"2\" cellspacing=\"1\">\n", 46);
         next_is_header = 0;
     }
@@ -515 +512 @@
 
     /* record starts */
-    l += snprintf(html + l, sizeof(html) - l, "<tr>");
+    out.append("<tr>", 4);
 
     /* substitute '\t' */
@@ -532 +529 @@
         }
 
-        l += snprintf(html + l, sizeof(html) - l, "<%s colspan=\"%d\" align=\"%s\">%s</%s>",
-                      ttag, column_span,
-                      is_header ? "center" : is_number(cell) ? "right" : "left",
-                      html_quote(cell), ttag);
+        out.Printf("<%s colspan=\"%d\" align=\"%s\">%s</%s>",
+                    ttag, column_span,
+                    is_header ? "center" : is_number(cell) ? "right" : "left",
+                    html_quote(cell), ttag);
     }
 
     xfree(buf_copy);
     /* record ends */
-    snprintf(html + l, sizeof(html) - l, "</tr>\n");
+    out.append("</tr>\n", 6);
     next_is_header = is_header && strstr(buf, "\t\t");
     ++table_line_num;
-    return html;
 }
 
@@ -700 +696 @@
 
         case isBody:
+        {
             /* interpret [and reformat] cache response */
-
+            MemBuf out;
+            out.init();
             if (parse_menu)
-                fputs(munge_menu_line(buf, req), stdout);
+                munge_menu_line(out, buf, req);
             else
-                fputs(munge_other_line(buf, req), stdout);
-
-            break;
+                munge_other_line(out, buf, req);
+
+            fputs(out.buf, stdout);
+        }
+        break;
 
         case isForward: