aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3187.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3187.patch')
-rw-r--r--meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3187.patch346
1 files changed, 0 insertions, 346 deletions
diff --git a/meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3187.patch b/meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3187.patch
deleted file mode 100644
index 494e11c6c7..0000000000
--- a/meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3187.patch
+++ /dev/null
@@ -1,346 +0,0 @@
-Fix CVE-2015-3187
-
-Patch is from:
-http://subversion.apache.org/security/CVE-2015-3187-advisory.txt
-
-Upstream-Status: Backport
-
-Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
-
-Index: subversion/libsvn_repos/rev_hunt.c
-===================================================================
---- a/subversion/libsvn_repos/rev_hunt.c (revision 1685077)
-+++ b/subversion/libsvn_repos/rev_hunt.c (working copy)
-@@ -726,23 +726,6 @@ svn_repos_trace_node_locations(svn_fs_t *fs,
- if (! prev_path)
- break;
-
-- if (authz_read_func)
-- {
-- svn_boolean_t readable;
-- svn_fs_root_t *tmp_root;
--
-- SVN_ERR(svn_fs_revision_root(&tmp_root, fs, revision, currpool));
-- SVN_ERR(authz_read_func(&readable, tmp_root, path,
-- authz_read_baton, currpool));
-- if (! readable)
-- {
-- svn_pool_destroy(lastpool);
-- svn_pool_destroy(currpool);
--
-- return SVN_NO_ERROR;
-- }
-- }
--
- /* Assign the current path to all younger revisions until we reach
- the copy target rev. */
- while ((revision_ptr < revision_ptr_end)
-@@ -765,6 +748,20 @@ svn_repos_trace_node_locations(svn_fs_t *fs,
- path = prev_path;
- revision = prev_rev;
-
-+ if (authz_read_func)
-+ {
-+ svn_boolean_t readable;
-+ SVN_ERR(svn_fs_revision_root(&root, fs, revision, currpool));
-+ SVN_ERR(authz_read_func(&readable, root, path,
-+ authz_read_baton, currpool));
-+ if (!readable)
-+ {
-+ svn_pool_destroy(lastpool);
-+ svn_pool_destroy(currpool);
-+ return SVN_NO_ERROR;
-+ }
-+ }
-+
- /* Clear last pool and switch. */
- svn_pool_clear(lastpool);
- tmppool = lastpool;
-Index: subversion/tests/cmdline/authz_tests.py
-===================================================================
---- a/subversion/tests/cmdline/authz_tests.py (revision 1685077)
-+++ b/subversion/tests/cmdline/authz_tests.py (working copy)
-@@ -609,8 +609,10 @@ def authz_log_and_tracing_test(sbox):
-
- ## cat
-
-+ expected_err2 = ".*svn: E195012: Unable to find repository location.*"
-+
- # now see if we can look at the older version of rho
-- svntest.actions.run_and_verify_svn(None, None, expected_err,
-+ svntest.actions.run_and_verify_svn(None, None, expected_err2,
- 'cat', '-r', '2', D_url+'/rho')
-
- if sbox.repo_url.startswith('http'):
-@@ -627,10 +629,11 @@ def authz_log_and_tracing_test(sbox):
- svntest.actions.run_and_verify_svn(None, None, expected_err,
- 'diff', '-r', 'HEAD', G_url+'/rho')
-
-- svntest.actions.run_and_verify_svn(None, None, expected_err,
-+ # diff treats the unreadable path as indicating an add so no error
-+ svntest.actions.run_and_verify_svn(None, None, [],
- 'diff', '-r', '2', D_url+'/rho')
-
-- svntest.actions.run_and_verify_svn(None, None, expected_err,
-+ svntest.actions.run_and_verify_svn(None, None, [],
- 'diff', '-r', '2:4', D_url+'/rho')
-
- # test whether read access is correctly granted and denied
-Index: subversion/tests/libsvn_repos/repos-test.c
-===================================================================
---- a/subversion/tests/libsvn_repos/repos-test.c (revision 1685077)
-+++ b/subversion/tests/libsvn_repos/repos-test.c (working copy)
-@@ -3524,6 +3524,245 @@ test_load_r0_mergeinfo(const svn_test_opts_t *opts
- return SVN_NO_ERROR;
- }
-
-+static svn_error_t *
-+mkdir_delete_copy(svn_repos_t *repos,
-+ const char *src,
-+ const char *dst,
-+ apr_pool_t *pool)
-+{
-+ svn_fs_t *fs = svn_repos_fs(repos);
-+ svn_revnum_t youngest_rev;
-+ svn_fs_txn_t *txn;
-+ svn_fs_root_t *txn_root, *rev_root;
-+
-+ SVN_ERR(svn_fs_youngest_rev(&youngest_rev, fs, pool));
-+
-+ SVN_ERR(svn_fs_begin_txn(&txn, fs, youngest_rev, pool));
-+ SVN_ERR(svn_fs_txn_root(&txn_root, txn, pool));
-+ SVN_ERR(svn_fs_make_dir(txn_root, "A/T", pool));
-+ SVN_ERR(svn_repos_fs_commit_txn(NULL, repos, &youngest_rev, txn, pool));
-+
-+ SVN_ERR(svn_fs_begin_txn(&txn, fs, youngest_rev, pool));
-+ SVN_ERR(svn_fs_txn_root(&txn_root, txn, pool));
-+ SVN_ERR(svn_fs_delete(txn_root, "A/T", pool));
-+ SVN_ERR(svn_repos_fs_commit_txn(NULL, repos, &youngest_rev, txn, pool));
-+
-+ SVN_ERR(svn_fs_begin_txn(&txn, fs, youngest_rev, pool));
-+ SVN_ERR(svn_fs_txn_root(&txn_root, txn, pool));
-+ SVN_ERR(svn_fs_revision_root(&rev_root, fs, youngest_rev - 1, pool));
-+ SVN_ERR(svn_fs_copy(rev_root, src, txn_root, dst, pool));
-+ SVN_ERR(svn_repos_fs_commit_txn(NULL, repos, &youngest_rev, txn, pool));
-+
-+ return SVN_NO_ERROR;
-+}
-+
-+struct authz_read_baton_t {
-+ apr_hash_t *paths;
-+ apr_pool_t *pool;
-+ const char *deny;
-+};
-+
-+static svn_error_t *
-+authz_read_func(svn_boolean_t *allowed,
-+ svn_fs_root_t *root,
-+ const char *path,
-+ void *baton,
-+ apr_pool_t *pool)
-+{
-+ struct authz_read_baton_t *b = baton;
-+
-+ if (b->deny && !strcmp(b->deny, path))
-+ *allowed = FALSE;
-+ else
-+ *allowed = TRUE;
-+
-+ svn_hash_sets(b->paths, apr_pstrdup(b->pool, path), (void*)1);
-+
-+ return SVN_NO_ERROR;
-+}
-+
-+static svn_error_t *
-+verify_locations(apr_hash_t *actual,
-+ apr_hash_t *expected,
-+ apr_hash_t *checked,
-+ apr_pool_t *pool)
-+{
-+ apr_hash_index_t *hi;
-+
-+ for (hi = apr_hash_first(pool, expected); hi; hi = apr_hash_next(hi))
-+ {
-+ const svn_revnum_t *rev = svn__apr_hash_index_key(hi);
-+ const char *path = apr_hash_get(actual, rev, sizeof(svn_revnum_t));
-+
-+ if (!path)
-+ return svn_error_createf(SVN_ERR_TEST_FAILED, NULL,
-+ "expected %s for %d found (null)",
-+ (char*)svn__apr_hash_index_val(hi),
-+ (int)*rev);
-+ else if (strcmp(path, svn__apr_hash_index_val(hi)))
-+ return svn_error_createf(SVN_ERR_TEST_FAILED, NULL,
-+ "expected %s for %d found %s",
-+ (char*)svn__apr_hash_index_val(hi),
-+ (int)*rev, path);
-+
-+ }
-+
-+ for (hi = apr_hash_first(pool, actual); hi; hi = apr_hash_next(hi))
-+ {
-+ const svn_revnum_t *rev = svn__apr_hash_index_key(hi);
-+ const char *path = apr_hash_get(expected, rev, sizeof(svn_revnum_t));
-+
-+ if (!path)
-+ return svn_error_createf(SVN_ERR_TEST_FAILED, NULL,
-+ "found %s for %d expected (null)",
-+ (char*)svn__apr_hash_index_val(hi),
-+ (int)*rev);
-+ else if (strcmp(path, svn__apr_hash_index_val(hi)))
-+ return svn_error_createf(SVN_ERR_TEST_FAILED, NULL,
-+ "found %s for %d expected %s",
-+ (char*)svn__apr_hash_index_val(hi),
-+ (int)*rev, path);
-+
-+ if (!svn_hash_gets(checked, path))
-+ return svn_error_createf(SVN_ERR_TEST_FAILED, NULL,
-+ "did not check %s", path);
-+ }
-+
-+ return SVN_NO_ERROR;
-+}
-+
-+static void
-+set_expected(apr_hash_t *expected,
-+ svn_revnum_t rev,
-+ const char *path,
-+ apr_pool_t *pool)
-+{
-+ svn_revnum_t *rp = apr_palloc(pool, sizeof(svn_revnum_t));
-+ *rp = rev;
-+ apr_hash_set(expected, rp, sizeof(svn_revnum_t), path);
-+}
-+
-+static svn_error_t *
-+trace_node_locations_authz(const svn_test_opts_t *opts,
-+ apr_pool_t *pool)
-+{
-+ svn_repos_t *repos;
-+ svn_fs_t *fs;
-+ svn_revnum_t youngest_rev = 0;
-+ svn_fs_txn_t *txn;
-+ svn_fs_root_t *txn_root;
-+ struct authz_read_baton_t arb;
-+ apr_array_header_t *revs = apr_array_make(pool, 10, sizeof(svn_revnum_t));
-+ apr_hash_t *locations;
-+ apr_hash_t *expected = apr_hash_make(pool);
-+ int i;
-+
-+ /* Create test repository. */
-+ SVN_ERR(svn_test__create_repos(&repos, "test-repo-trace-node-locations-authz",
-+ opts, pool));
-+ fs = svn_repos_fs(repos);
-+
-+ /* r1 create A */
-+ SVN_ERR(svn_fs_begin_txn(&txn, fs, youngest_rev, pool));
-+ SVN_ERR(svn_fs_txn_root(&txn_root, txn, pool));
-+ SVN_ERR(svn_fs_make_dir(txn_root, "A", pool));
-+ SVN_ERR(svn_fs_make_file(txn_root, "A/f", pool));
-+ SVN_ERR(svn_test__set_file_contents(txn_root, "A/f", "foobar", pool));
-+ SVN_ERR(svn_repos_fs_commit_txn(NULL, repos, &youngest_rev, txn, pool));
-+
-+ /* r4 copy A to B */
-+ SVN_ERR(mkdir_delete_copy(repos, "A", "B", pool));
-+
-+ /* r7 copy B to C */
-+ SVN_ERR(mkdir_delete_copy(repos, "B", "C", pool));
-+
-+ /* r10 copy C to D */
-+ SVN_ERR(mkdir_delete_copy(repos, "C", "D", pool));
-+
-+ SVN_ERR(svn_fs_youngest_rev(&youngest_rev, fs, pool));
-+ SVN_ERR_ASSERT(youngest_rev == 10);
-+
-+ arb.paths = apr_hash_make(pool);
-+ arb.pool = pool;
-+ arb.deny = NULL;
-+
-+ apr_array_clear(revs);
-+ for (i = 0; i <= youngest_rev; ++i)
-+ APR_ARRAY_PUSH(revs, svn_revnum_t) = i;
-+ set_expected(expected, 10, "/D/f", pool);
-+ set_expected(expected, 8, "/C/f", pool);
-+ set_expected(expected, 7, "/C/f", pool);
-+ set_expected(expected, 5, "/B/f", pool);
-+ set_expected(expected, 4, "/B/f", pool);
-+ set_expected(expected, 2, "/A/f", pool);
-+ set_expected(expected, 1, "/A/f", pool);
-+ apr_hash_clear(arb.paths);
-+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
-+ authz_read_func, &arb, pool));
-+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
-+
-+ apr_array_clear(revs);
-+ for (i = 1; i <= youngest_rev; ++i)
-+ APR_ARRAY_PUSH(revs, svn_revnum_t) = i;
-+ apr_hash_clear(arb.paths);
-+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
-+ authz_read_func, &arb, pool));
-+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
-+
-+ apr_array_clear(revs);
-+ for (i = 2; i <= youngest_rev; ++i)
-+ APR_ARRAY_PUSH(revs, svn_revnum_t) = i;
-+ set_expected(expected, 1, NULL, pool);
-+ apr_hash_clear(arb.paths);
-+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
-+ authz_read_func, &arb, pool));
-+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
-+
-+ apr_array_clear(revs);
-+ for (i = 3; i <= youngest_rev; ++i)
-+ APR_ARRAY_PUSH(revs, svn_revnum_t) = i;
-+ set_expected(expected, 2, NULL, pool);
-+ apr_hash_clear(arb.paths);
-+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
-+ authz_read_func, &arb, pool));
-+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
-+
-+ apr_array_clear(revs);
-+ for (i = 6; i <= youngest_rev; ++i)
-+ APR_ARRAY_PUSH(revs, svn_revnum_t) = i;
-+ set_expected(expected, 5, NULL, pool);
-+ set_expected(expected, 4, NULL, pool);
-+ apr_hash_clear(arb.paths);
-+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
-+ authz_read_func, &arb, pool));
-+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
-+
-+ arb.deny = "/B/f";
-+ apr_array_clear(revs);
-+ for (i = 0; i <= youngest_rev; ++i)
-+ APR_ARRAY_PUSH(revs, svn_revnum_t) = i;
-+ apr_hash_clear(arb.paths);
-+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
-+ authz_read_func, &arb, pool));
-+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
-+
-+ apr_array_clear(revs);
-+ for (i = 6; i <= youngest_rev; ++i)
-+ APR_ARRAY_PUSH(revs, svn_revnum_t) = i;
-+ apr_hash_clear(arb.paths);
-+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
-+ authz_read_func, &arb, pool));
-+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
-+
-+ APR_ARRAY_PUSH(revs, svn_revnum_t) = 0;
-+ apr_hash_clear(arb.paths);
-+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
-+ authz_read_func, &arb, pool));
-+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
-+
-+ return SVN_NO_ERROR;
-+}
-+
- /* The test table. */
-
- struct svn_test_descriptor_t test_funcs[] =
-@@ -3573,5 +3812,7 @@ struct svn_test_descriptor_t test_funcs[] =
- "test dumping with r0 mergeinfo"),
- SVN_TEST_OPTS_PASS(test_load_r0_mergeinfo,
- "test loading with r0 mergeinfo"),
-+ SVN_TEST_OPTS_PASS(trace_node_locations_authz,
-+ "authz for svn_repos_trace_node_locations"),
- SVN_TEST_NULL
- };
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-14 10:31:57 +0000