Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:bmwiedemann:reproducible:distribution:ring1
cvs
03cvs-client-exploit-fix.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 03cvs-client-exploit-fix.diff of Package cvs
Index: cvs-1.12.13/src/client.c =================================================================== --- cvs-1.12.13.orig/src/client.c +++ cvs-1.12.13/src/client.c @@ -750,6 +750,19 @@ call_in_directory (const char *pathname, assert (pathname); + /* For security reasons, if PATHNAME is absolute or attemps to ascend + * outside of the current sanbbox, we abort. The server should not send us + * anything but relative paths which remain inside the sandbox here. + * Anything less means a trojan CVS server could create and edit arbitrary + * files on the client. + */ + if (ISABSOLUTE (pathname) || pathname_levels (pathname) > 0) + { + error (0, 0, + "Server attempted to update a file via an invalid pathname:"); + error (1, 0, "`%s'.", pathname); + } + reposname = NULL; read_line (&reposname); assert (reposname);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor