Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
cvs
03cvs-client-exploit-fix.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 03cvs-client-exploit-fix.diff of Package cvs
Index: src/client.c ================================================================================ --- src/client.c +++ src/client.c @@ -767,6 +767,19 @@ assert (pathname); + /* For security reasons, if PATHNAME is absolute or attemps to ascend + * outside of the current sanbbox, we abort. The server should not send us + * anything but relative paths which remain inside the sandbox here. + * Anything less means a trojan CVS server could create and edit arbitrary + * files on the client. + */ + if (isabsolute (pathname) || pathname_levels (pathname) > 0) + { + error (0, 0, + "Server attempted to update a file via an invalid pathname:"); + error (1, 0, "`%s'.", pathname); + } + reposname = NULL; read_line (&reposname); assert (reposname != NULL);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor