diff options
Diffstat (limited to 'meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4505.patch')
-rw-r--r-- | meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4505.patch | 130 |
1 files changed, 0 insertions, 130 deletions
diff --git a/meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4505.patch b/meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4505.patch deleted file mode 100644 index a54d6944ed..0000000000 --- a/meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4505.patch +++ /dev/null | |||
@@ -1,130 +0,0 @@ | |||
1 | Upstream-Status: Backport | ||
2 | |||
3 | Index: tools/server-side/mod_dontdothat/mod_dontdothat.c | ||
4 | =================================================================== | ||
5 | --- a/tools/server-side/mod_dontdothat/mod_dontdothat.c (revision 1239695) | ||
6 | +++ b/tools/server-side/mod_dontdothat/mod_dontdothat.c (revision 1542078) | ||
7 | @@ -30,12 +30,15 @@ | ||
8 | #include <util_filter.h> | ||
9 | #include <ap_config.h> | ||
10 | #include <apr_strings.h> | ||
11 | +#include <apr_uri.h> | ||
12 | |||
13 | #include <expat.h> | ||
14 | |||
15 | #include "mod_dav_svn.h" | ||
16 | #include "svn_string.h" | ||
17 | #include "svn_config.h" | ||
18 | +#include "svn_path.h" | ||
19 | +#include "private/svn_fspath.h" | ||
20 | |||
21 | module AP_MODULE_DECLARE_DATA dontdothat_module; | ||
22 | |||
23 | @@ -161,26 +164,71 @@ | ||
24 | } | ||
25 | } | ||
26 | |||
27 | +/* duplicate of dav_svn__log_err() from mod_dav_svn/util.c */ | ||
28 | +static void | ||
29 | +log_dav_err(request_rec *r, | ||
30 | + dav_error *err, | ||
31 | + int level) | ||
32 | +{ | ||
33 | + dav_error *errscan; | ||
34 | + | ||
35 | + /* Log the errors */ | ||
36 | + /* ### should have a directive to log the first or all */ | ||
37 | + for (errscan = err; errscan != NULL; errscan = errscan->prev) { | ||
38 | + apr_status_t status; | ||
39 | + | ||
40 | + if (errscan->desc == NULL) | ||
41 | + continue; | ||
42 | + | ||
43 | +#if AP_MODULE_MAGIC_AT_LEAST(20091119,0) | ||
44 | + status = errscan->aprerr; | ||
45 | +#else | ||
46 | + status = errscan->save_errno; | ||
47 | +#endif | ||
48 | + | ||
49 | + ap_log_rerror(APLOG_MARK, level, status, r, | ||
50 | + "%s [%d, #%d]", | ||
51 | + errscan->desc, errscan->status, errscan->error_id); | ||
52 | + } | ||
53 | +} | ||
54 | + | ||
55 | static svn_boolean_t | ||
56 | is_this_legal(dontdothat_filter_ctx *ctx, const char *uri) | ||
57 | { | ||
58 | const char *relative_path; | ||
59 | const char *cleaned_uri; | ||
60 | const char *repos_name; | ||
61 | + const char *uri_path; | ||
62 | int trailing_slash; | ||
63 | dav_error *derr; | ||
64 | |||
65 | - /* Ok, so we need to skip past the scheme, host, etc. */ | ||
66 | - uri = ap_strstr_c(uri, "://"); | ||
67 | - if (uri) | ||
68 | - uri = ap_strchr_c(uri + 3, '/'); | ||
69 | + /* uri can be an absolute uri or just a path, we only want the path to match | ||
70 | + * against */ | ||
71 | + if (uri && svn_path_is_url(uri)) | ||
72 | + { | ||
73 | + apr_uri_t parsed_uri; | ||
74 | + apr_status_t rv = apr_uri_parse(ctx->r->pool, uri, &parsed_uri); | ||
75 | + if (APR_SUCCESS != rv) | ||
76 | + { | ||
77 | + /* Error parsing the URI, log and reject request. */ | ||
78 | + ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, ctx->r, | ||
79 | + "mod_dontdothat: blocked request after failing " | ||
80 | + "to parse uri: '%s'", uri); | ||
81 | + return FALSE; | ||
82 | + } | ||
83 | + uri_path = parsed_uri.path; | ||
84 | + } | ||
85 | + else | ||
86 | + { | ||
87 | + uri_path = uri; | ||
88 | + } | ||
89 | |||
90 | - if (uri) | ||
91 | + if (uri_path) | ||
92 | { | ||
93 | const char *repos_path; | ||
94 | |||
95 | derr = dav_svn_split_uri(ctx->r, | ||
96 | - uri, | ||
97 | + uri_path, | ||
98 | ctx->cfg->base_path, | ||
99 | &cleaned_uri, | ||
100 | &trailing_slash, | ||
101 | @@ -194,7 +242,7 @@ | ||
102 | if (! repos_path) | ||
103 | repos_path = ""; | ||
104 | |||
105 | - repos_path = apr_psprintf(ctx->r->pool, "/%s", repos_path); | ||
106 | + repos_path = svn_fspath__canonicalize(repos_path, ctx->r->pool); | ||
107 | |||
108 | /* First check the special cases that are always legal... */ | ||
109 | for (idx = 0; idx < ctx->allow_recursive_ops->nelts; ++idx) | ||
110 | @@ -228,7 +276,20 @@ | ||
111 | } | ||
112 | } | ||
113 | } | ||
114 | + else | ||
115 | + { | ||
116 | + log_dav_err(ctx->r, derr, APLOG_ERR); | ||
117 | + return FALSE; | ||
118 | + } | ||
119 | + | ||
120 | } | ||
121 | + else | ||
122 | + { | ||
123 | + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, ctx->r, | ||
124 | + "mod_dontdothat: empty uri passed to is_this_legal(), " | ||
125 | + "module bug?"); | ||
126 | + return FALSE; | ||
127 | + } | ||
128 | |||
129 | return TRUE; | ||
130 | } | ||