Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
subversion.5701
CVE-2018-11782.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2018-11782.patch of Package subversion.5701
Index: subversion/libsvn_ra_svn/client.c =================================================================== --- subversion/libsvn_ra_svn/client.c.orig +++ subversion/libsvn_ra_svn/client.c @@ -2709,6 +2709,7 @@ ra_svn_get_deleted_rev(svn_ra_session_t { svn_ra_svn__session_baton_t *sess_baton = session->priv; svn_ra_svn_conn_t *conn = sess_baton->conn; + svn_error_t *err; /* Transmit the parameters. */ SVN_ERR(svn_ra_svn__write_cmd_get_deleted_rev(conn, pool, path, @@ -2718,7 +2719,19 @@ ra_svn_get_deleted_rev(svn_ra_session_t SVN_ERR(handle_unsupported_cmd(handle_auth_request(sess_baton, pool), N_("'get-deleted-rev' not implemented"))); - return svn_ra_svn__read_cmd_response(conn, pool, "r", revision_deleted); + err = svn_ra_svn__read_cmd_response(conn, pool, "r", revision_deleted); + /* The protocol does not allow for a reply of SVN_INVALID_REVNUM directly. + Instead, a new enough server returns SVN_ERR_ENTRY_MISSING_REVISION to + indicate the answer to the query is SVN_INVALID_REVNUM. (An older server + closes the connection and returns SVN_ERR_RA_SVN_CONNECTION_CLOSED.) */ + if (err && err->apr_err == SVN_ERR_ENTRY_MISSING_REVISION) + { + *revision_deleted = SVN_INVALID_REVNUM; + svn_error_clear(err); + } + else + SVN_ERR(err); + return SVN_NO_ERROR; } static svn_error_t * Index: subversion/svnserve/serve.c =================================================================== --- subversion/svnserve/serve.c.orig +++ subversion/svnserve/serve.c @@ -3094,8 +3094,20 @@ get_deleted_rev(svn_ra_svn_conn_t *conn, svn_relpath_canonicalize(path, pool), pool); SVN_ERR(log_command(b, conn, pool, "get-deleted-rev")); SVN_ERR(trivial_auth_request(conn, pool, b)); - SVN_ERR(svn_repos_deleted_rev(b->fs, full_path, peg_revision, end_revision, - &revision_deleted, pool)); + SVN_CMD_ERR(svn_repos_deleted_rev(b->fs, full_path, peg_revision, end_revision, + &revision_deleted, pool)); + /* The protocol does not allow for a reply of SVN_INVALID_REVNUM directly. + Instead, return SVN_ERR_ENTRY_MISSING_REVISION. A new enough client + knows that this means the answer to the query is SVN_INVALID_REVNUM. + (An older client reports this as an error.) */ + if (revision_deleted == SVN_INVALID_REVNUM) + SVN_CMD_ERR(svn_error_createf(SVN_ERR_ENTRY_MISSING_REVISION, NULL, + "svn protocol command 'get-deleted-rev': " + "path '%s' was not deleted in r%ld-%ld; " + "NOTE: newer clients handle this case " + "and do not report it as an error", + full_path, peg_revision, end_revision)); + SVN_ERR(svn_ra_svn__write_cmd_response(conn, pool, "r", revision_deleted)); return SVN_NO_ERROR; } @@ -3521,7 +3533,7 @@ fetch_base_func(const char **filename, svn_error_t *serve(svn_ra_svn_conn_t *conn, serve_params_t *params, apr_pool_t *pool) { - svn_error_t *err, *io_err; + svn_error_t *err; apr_uint64_t ver; const char *uuid, *client_url, *ra_client_string, *client_string; apr_array_header_t *caplist, *cap_words; @@ -3645,12 +3657,12 @@ svn_error_t *serve(svn_ra_svn_conn_t *co } if (err) { - log_error(err, b.log_file, svn_ra_svn_conn_remote_host(conn), - b.user, NULL, pool); - io_err = svn_ra_svn__write_cmd_failure(conn, pool, err); - svn_error_clear(err); - SVN_ERR(io_err); - return svn_ra_svn__flush(conn, pool); + /* Report these errors to the client before closing the connection. */ + err = svn_error_compose_create(err, + svn_ra_svn__write_cmd_failure(conn, pool, err)); + err = svn_error_compose_create(err, + svn_ra_svn__flush(conn, pool)); + return err; } /* Log the open. */ Index: subversion/tests/libsvn_ra/ra-test.c =================================================================== --- subversion/tests/libsvn_ra/ra-test.c.orig +++ subversion/tests/libsvn_ra/ra-test.c @@ -43,6 +43,41 @@ /** Helper routines. **/ +/* Commit two revisions: add 'B', then delete 'A' */ +static svn_error_t * +commit_two_changes(svn_ra_session_t *session, + apr_pool_t *pool) +{ + apr_hash_t *revprop_table = apr_hash_make(pool); + const svn_delta_editor_t *editor; + void *edit_baton; + void *root_baton, *dir_baton; + + /* mkdir B */ + SVN_ERR(svn_ra_get_commit_editor3(session, &editor, &edit_baton, + revprop_table, + NULL, NULL, NULL, TRUE, pool)); + SVN_ERR(editor->open_root(edit_baton, SVN_INVALID_REVNUM, + pool, &root_baton)); + SVN_ERR(editor->add_directory("B", root_baton, NULL, SVN_INVALID_REVNUM, + pool, &dir_baton)); + SVN_ERR(editor->close_directory(dir_baton, pool)); + SVN_ERR(editor->close_directory(root_baton, pool)); + SVN_ERR(editor->close_edit(edit_baton, pool)); + + /* delete A */ + SVN_ERR(svn_ra_get_commit_editor3(session, &editor, &edit_baton, + revprop_table, + NULL, NULL, NULL, TRUE, pool)); + SVN_ERR(editor->open_root(edit_baton, SVN_INVALID_REVNUM, + pool, &root_baton)); + SVN_ERR(editor->delete_entry("A", SVN_INVALID_REVNUM, root_baton, pool)); + SVN_ERR(editor->close_directory(root_baton, pool)); + SVN_ERR(editor->close_edit(edit_baton, pool)); + + return SVN_NO_ERROR; +} + static svn_error_t * make_and_open_local_repos(svn_ra_session_t **session, const char *repos_name,
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor