diff options
Diffstat (limited to 'meta/recipes-devtools/git/git-2.5.0/0012-CVE-2015-7545-5.patch')
-rw-r--r-- | meta/recipes-devtools/git/git-2.5.0/0012-CVE-2015-7545-5.patch | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/meta/recipes-devtools/git/git-2.5.0/0012-CVE-2015-7545-5.patch b/meta/recipes-devtools/git/git-2.5.0/0012-CVE-2015-7545-5.patch new file mode 100644 index 0000000000..76d66bad9d --- /dev/null +++ b/meta/recipes-devtools/git/git-2.5.0/0012-CVE-2015-7545-5.patch | |||
@@ -0,0 +1,69 @@ | |||
1 | From b258116462399b318c86165c61a5c7123043cfd4 Mon Sep 17 00:00:00 2001 | ||
2 | From: Blake Burkhart <bburky@bburky.com> | ||
3 | Date: Tue, 22 Sep 2015 18:06:20 -0400 | ||
4 | Subject: [PATCH] http: limit redirection depth | ||
5 | |||
6 | By default, libcurl will follow circular http redirects | ||
7 | forever. Let's put a cap on this so that somebody who can | ||
8 | trigger an automated fetch of an arbitrary repository (e.g., | ||
9 | for CI) cannot convince git to loop infinitely. | ||
10 | |||
11 | The value chosen is 20, which is the same default that | ||
12 | Firefox uses. | ||
13 | |||
14 | Signed-off-by: Jeff King <peff@peff.net> | ||
15 | Signed-off-by: Junio C Hamano <gitster@pobox.com> | ||
16 | |||
17 | Upstream-Status: Backport | ||
18 | |||
19 | http://archive.ubuntu.com/ubuntu/pool/main/g/git/git_2.5.0-1ubuntu0.1.debian.tar.xz | ||
20 | |||
21 | CVE: CVE-2015-7545 #5 | ||
22 | Singed-off-by: Armin Kuster <akuster@mvista.com> | ||
23 | |||
24 | --- | ||
25 | http.c | 1 + | ||
26 | t/lib-httpd/apache.conf | 3 +++ | ||
27 | t/t5812-proto-disable-http.sh | 4 ++++ | ||
28 | 3 files changed, 8 insertions(+) | ||
29 | |||
30 | Index: git-2.5.0/http.c | ||
31 | =================================================================== | ||
32 | --- git-2.5.0.orig/http.c 2015-12-11 12:48:02.900163824 -0500 | ||
33 | +++ git-2.5.0/http.c 2015-12-11 12:48:02.896163796 -0500 | ||
34 | @@ -396,6 +396,7 @@ | ||
35 | } | ||
36 | |||
37 | curl_easy_setopt(result, CURLOPT_FOLLOWLOCATION, 1); | ||
38 | + curl_easy_setopt(result, CURLOPT_MAXREDIRS, 20); | ||
39 | #if LIBCURL_VERSION_NUM >= 0x071301 | ||
40 | curl_easy_setopt(result, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL); | ||
41 | #elif LIBCURL_VERSION_NUM >= 0x071101 | ||
42 | Index: git-2.5.0/t/lib-httpd/apache.conf | ||
43 | =================================================================== | ||
44 | --- git-2.5.0.orig/t/lib-httpd/apache.conf 2015-12-11 12:48:02.900163824 -0500 | ||
45 | +++ git-2.5.0/t/lib-httpd/apache.conf 2015-12-11 12:48:02.896163796 -0500 | ||
46 | @@ -121,6 +121,9 @@ | ||
47 | RewriteRule ^/smart-redir-limited/(.*)/info/refs$ /smart/$1/info/refs [R=301] | ||
48 | RewriteRule ^/ftp-redir/(.*)$ ftp://localhost:1000/$1 [R=302] | ||
49 | |||
50 | +RewriteRule ^/loop-redir/x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-(.*) /$1 [R=302] | ||
51 | +RewriteRule ^/loop-redir/(.*)$ /loop-redir/x-$1 [R=302] | ||
52 | + | ||
53 | <IfDefine SSL> | ||
54 | LoadModule ssl_module modules/mod_ssl.so | ||
55 | |||
56 | Index: git-2.5.0/t/t5812-proto-disable-http.sh | ||
57 | =================================================================== | ||
58 | --- git-2.5.0.orig/t/t5812-proto-disable-http.sh 2015-12-11 12:48:02.900163824 -0500 | ||
59 | +++ git-2.5.0/t/t5812-proto-disable-http.sh 2015-12-11 12:48:02.896163796 -0500 | ||
60 | @@ -25,5 +25,9 @@ | ||
61 | } | ||
62 | ' | ||
63 | |||
64 | +test_expect_success 'curl limits redirects' ' | ||
65 | + test_must_fail git clone "$HTTPD_URL/loop-redir/smart/repo.git" | ||
66 | +' | ||
67 | + | ||
68 | stop_httpd | ||
69 | test_done | ||