summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4505.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4505.patch')
-rw-r--r--meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4505.patch130
1 files changed, 0 insertions, 130 deletions
diff --git a/meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4505.patch b/meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4505.patch
deleted file mode 100644
index a54d6944ed..0000000000
--- a/meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4505.patch
+++ /dev/null
@@ -1,130 +0,0 @@
1Upstream-Status: Backport
2
3Index: tools/server-side/mod_dontdothat/mod_dontdothat.c
4===================================================================
5--- a/tools/server-side/mod_dontdothat/mod_dontdothat.c (revision 1239695)
6+++ b/tools/server-side/mod_dontdothat/mod_dontdothat.c (revision 1542078)
7@@ -30,12 +30,15 @@
8 #include <util_filter.h>
9 #include <ap_config.h>
10 #include <apr_strings.h>
11+#include <apr_uri.h>
12
13 #include <expat.h>
14
15 #include "mod_dav_svn.h"
16 #include "svn_string.h"
17 #include "svn_config.h"
18+#include "svn_path.h"
19+#include "private/svn_fspath.h"
20
21 module AP_MODULE_DECLARE_DATA dontdothat_module;
22
23@@ -161,26 +164,71 @@
24 }
25 }
26
27+/* duplicate of dav_svn__log_err() from mod_dav_svn/util.c */
28+static void
29+log_dav_err(request_rec *r,
30+ dav_error *err,
31+ int level)
32+{
33+ dav_error *errscan;
34+
35+ /* Log the errors */
36+ /* ### should have a directive to log the first or all */
37+ for (errscan = err; errscan != NULL; errscan = errscan->prev) {
38+ apr_status_t status;
39+
40+ if (errscan->desc == NULL)
41+ continue;
42+
43+#if AP_MODULE_MAGIC_AT_LEAST(20091119,0)
44+ status = errscan->aprerr;
45+#else
46+ status = errscan->save_errno;
47+#endif
48+
49+ ap_log_rerror(APLOG_MARK, level, status, r,
50+ "%s [%d, #%d]",
51+ errscan->desc, errscan->status, errscan->error_id);
52+ }
53+}
54+
55 static svn_boolean_t
56 is_this_legal(dontdothat_filter_ctx *ctx, const char *uri)
57 {
58 const char *relative_path;
59 const char *cleaned_uri;
60 const char *repos_name;
61+ const char *uri_path;
62 int trailing_slash;
63 dav_error *derr;
64
65- /* Ok, so we need to skip past the scheme, host, etc. */
66- uri = ap_strstr_c(uri, "://");
67- if (uri)
68- uri = ap_strchr_c(uri + 3, '/');
69+ /* uri can be an absolute uri or just a path, we only want the path to match
70+ * against */
71+ if (uri && svn_path_is_url(uri))
72+ {
73+ apr_uri_t parsed_uri;
74+ apr_status_t rv = apr_uri_parse(ctx->r->pool, uri, &parsed_uri);
75+ if (APR_SUCCESS != rv)
76+ {
77+ /* Error parsing the URI, log and reject request. */
78+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, ctx->r,
79+ "mod_dontdothat: blocked request after failing "
80+ "to parse uri: '%s'", uri);
81+ return FALSE;
82+ }
83+ uri_path = parsed_uri.path;
84+ }
85+ else
86+ {
87+ uri_path = uri;
88+ }
89
90- if (uri)
91+ if (uri_path)
92 {
93 const char *repos_path;
94
95 derr = dav_svn_split_uri(ctx->r,
96- uri,
97+ uri_path,
98 ctx->cfg->base_path,
99 &cleaned_uri,
100 &trailing_slash,
101@@ -194,7 +242,7 @@
102 if (! repos_path)
103 repos_path = "";
104
105- repos_path = apr_psprintf(ctx->r->pool, "/%s", repos_path);
106+ repos_path = svn_fspath__canonicalize(repos_path, ctx->r->pool);
107
108 /* First check the special cases that are always legal... */
109 for (idx = 0; idx < ctx->allow_recursive_ops->nelts; ++idx)
110@@ -228,7 +276,20 @@
111 }
112 }
113 }
114+ else
115+ {
116+ log_dav_err(ctx->r, derr, APLOG_ERR);
117+ return FALSE;
118+ }
119+
120 }
121+ else
122+ {
123+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, ctx->r,
124+ "mod_dontdothat: empty uri passed to is_this_legal(), "
125+ "module bug?");
126+ return FALSE;
127+ }
128
129 return TRUE;
130 }