rpms / subversion

Clone
Source Code
GIT

Blame SOURCES/subversion-1.7.14-CVE-2015-0248.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-ppc64le c8 c8-beta-stream-1.10 c8-beta-stream-1.14 c8-stream-1.1 c8-stream-1.10 c8-stream-1.14 c8s-stream-1.10 c8s-stream-1.14 c9 c9-beta
  1.   b5c9839f9fd1e41306ea08f9e12dfbbb220c9b58
  2.   SOURCES
  3.   subversion-1.7.14-CVE-2015-0248.patch
Blob History Raw
52cd1a 
# ./pullrev.sh 1667246
52cd1a
52cd1a 
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0248
52cd1a
52cd1a 
http://svn.apache.org/viewvc?view=revision&revision=1667246
52cd1a
52cd1a 
--- subversion-1.7.14/subversion/mod_dav_svn/reports/get-location-segments.c
52cd1a 
+++ subversion-1.7.14/subversion/mod_dav_svn/reports/get-location-segments.c
52cd1a 
@@ -181,17 +181,36 @@
52cd1a 
                                   "Not all parameters passed.",
52cd1a 
                                   SVN_DAV_ERROR_NAMESPACE,
52cd1a 
                                   SVN_DAV_ERROR_TAG);
52cd1a 
-  if (SVN_IS_VALID_REVNUM(start_rev)
52cd1a 
-      && SVN_IS_VALID_REVNUM(end_rev)
52cd1a 
-      && (end_rev > start_rev))
52cd1a 
+
52cd1a 
+  /* No START_REV or PEG_REVISION?  We'll use HEAD. */
52cd1a 
+  if (!SVN_IS_VALID_REVNUM(start_rev) || !SVN_IS_VALID_REVNUM(peg_revision))
52cd1a 
+    {
52cd1a 
+      svn_revnum_t youngest;
52cd1a 
+
52cd1a 
+      serr = svn_fs_youngest_rev(&youngest, resource->info->repos->fs,
52cd1a 
+                                 resource->pool);
52cd1a 
+      if (serr != NULL)
52cd1a 
+        return dav_svn__convert_err(serr, HTTP_INTERNAL_SERVER_ERROR,
52cd1a 
+                                    "Could not determine youngest revision",
52cd1a 
+                                    resource->pool);
52cd1a 
+
52cd1a 
+      if (!SVN_IS_VALID_REVNUM(start_rev))
52cd1a 
+        start_rev = youngest;
52cd1a 
+      if (!SVN_IS_VALID_REVNUM(peg_revision))
52cd1a 
+        peg_revision = youngest;
52cd1a 
+    }
52cd1a 
+
52cd1a 
+  /* No END_REV?  We'll use 0. */
52cd1a 
+  if (!SVN_IS_VALID_REVNUM(end_rev))
52cd1a 
+    end_rev = 0;
52cd1a 
+
52cd1a 
+  if (end_rev > start_rev)
52cd1a 
     return dav_svn__new_error_tag(resource->pool, HTTP_BAD_REQUEST, 0,
52cd1a 
                                   "End revision must not be younger than "
52cd1a 
                                   "start revision",
52cd1a 
                                   SVN_DAV_ERROR_NAMESPACE,
52cd1a 
                                   SVN_DAV_ERROR_TAG);
52cd1a 
-  if (SVN_IS_VALID_REVNUM(peg_revision)
52cd1a 
-      && SVN_IS_VALID_REVNUM(start_rev)
52cd1a 
-      && (start_rev > peg_revision))
52cd1a 
+  if (start_rev > peg_revision)
52cd1a 
     return dav_svn__new_error_tag(resource->pool, HTTP_BAD_REQUEST, 0,
52cd1a 
                                   "Start revision must not be younger than "
52cd1a 
                                   "peg revision",
52cd1a 
--- subversion-1.7.14/subversion/svnserve/serve.c
52cd1a 
+++ subversion-1.7.14/subversion/svnserve/serve.c
52cd1a 
@@ -2266,10 +2266,31 @@
52cd1a
52cd1a 
   abs_path = svn_fspath__join(b->fs_path->data, relative_path, pool);
52cd1a
52cd1a 
-  if (SVN_IS_VALID_REVNUM(start_rev)
52cd1a 
-      && SVN_IS_VALID_REVNUM(end_rev)
52cd1a 
-      && (end_rev > start_rev))
52cd1a 
+  SVN_ERR(trivial_auth_request(conn, pool, b));
52cd1a 
+  SVN_ERR(log_command(baton, conn, pool, "%s",
52cd1a 
+                      svn_log__get_location_segments(abs_path, peg_revision,
52cd1a 
+                                                     start_rev, end_rev,
52cd1a 
+                                                     pool)));
52cd1a 
+
52cd1a 
+  /* No START_REV or PEG_REVISION?  We'll use HEAD. */
52cd1a 
+  if (!SVN_IS_VALID_REVNUM(start_rev) || !SVN_IS_VALID_REVNUM(peg_revision))
52cd1a 
     {
52cd1a 
+      svn_revnum_t youngest;
52cd1a 
+
52cd1a 
+      SVN_CMD_ERR(svn_fs_youngest_rev(&youngest, b->fs, pool));
52cd1a 
+
52cd1a 
+      if (!SVN_IS_VALID_REVNUM(start_rev))
52cd1a 
+        start_rev = youngest;
52cd1a 
+      if (!SVN_IS_VALID_REVNUM(peg_revision))
52cd1a 
+        peg_revision = youngest;
52cd1a 
+    }
52cd1a 
+
52cd1a 
+  /* No END_REV?  We'll use 0. */
52cd1a 
+  if (!SVN_IS_VALID_REVNUM(end_rev))
52cd1a 
+    end_rev = 0;
52cd1a 
+
52cd1a 
+  if (end_rev > start_rev)
52cd1a 
+    {
52cd1a 
       err = svn_error_createf(SVN_ERR_INCORRECT_PARAMS, NULL,
52cd1a 
                               "Get-location-segments end revision must not be "
52cd1a 
                               "younger than start revision");
52cd1a 
@@ -2276,9 +2297,7 @@
52cd1a 
       return log_fail_and_flush(err, b, conn, pool);
52cd1a 
     }
52cd1a
52cd1a 
-  if (SVN_IS_VALID_REVNUM(peg_revision)
52cd1a 
-      && SVN_IS_VALID_REVNUM(start_rev)
52cd1a 
-      && (start_rev > peg_revision))
52cd1a 
+  if (start_rev > peg_revision)
52cd1a 
     {
52cd1a 
       err = svn_error_createf(SVN_ERR_INCORRECT_PARAMS, NULL,
52cd1a 
                               "Get-location-segments start revision must not "
52cd1a 
@@ -2286,12 +2305,6 @@
52cd1a 
       return log_fail_and_flush(err, b, conn, pool);
52cd1a 
     }
52cd1a
52cd1a 
-  SVN_ERR(trivial_auth_request(conn, pool, b));
52cd1a 
-  SVN_ERR(log_command(baton, conn, pool, "%s",
52cd1a 
-                      svn_log__get_location_segments(abs_path, peg_revision,
52cd1a 
-                                                     start_rev, end_rev,
52cd1a 
-                                                     pool)));
52cd1a 
-
52cd1a 
   /* All the parameters are fine - let's perform the query against the
52cd1a 
    * repository. */
52cd1a

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation