diff options
Diffstat (limited to 'meta/recipes-devtools/subversion/subversion/subversion-CVE-2014-3528.patch')
-rw-r--r-- | meta/recipes-devtools/subversion/subversion/subversion-CVE-2014-3528.patch | 29 |
1 files changed, 0 insertions, 29 deletions
diff --git a/meta/recipes-devtools/subversion/subversion/subversion-CVE-2014-3528.patch b/meta/recipes-devtools/subversion/subversion/subversion-CVE-2014-3528.patch deleted file mode 100644 index 23e738e985..0000000000 --- a/meta/recipes-devtools/subversion/subversion/subversion-CVE-2014-3528.patch +++ /dev/null @@ -1,29 +0,0 @@ -Upstream-Status: Backport - -Signed-off-by: Yue Tao <yue.tao@windriver.com> - -diff --git a/subversion/libsvn_subr/config_auth.c.old b/subversion/libsvn_subr/config_auth.c -index ff50270..c511d04 100644 ---- a/subversion/libsvn_subr/config_auth.c.old -+++ b/subversion/libsvn_subr/config_auth.c -@@ -85,6 +85,7 @@ svn_config_read_auth_data(apr_hash_t **hash, - if (kind == svn_node_file) - { - svn_stream_t *stream; -+ svn_string_t *stored_realm; - - SVN_ERR_W(svn_stream_open_readonly(&stream, auth_path, pool, pool), - _("Unable to open auth file for reading")); -@@ -95,6 +96,12 @@ svn_config_read_auth_data(apr_hash_t **hash, - apr_psprintf(pool, _("Error parsing '%s'"), - svn_path_local_style(auth_path, pool))); - -+ stored_realm = apr_hash_get(*hash, SVN_CONFIG_REALMSTRING_KEY, -+ APR_HASH_KEY_STRING); -+ -+ if (!stored_realm || strcmp(stored_realm->data, realmstring) != 0) -+ *hash = NULL; /* Hash collision, or somebody tampering with storage */ -+ - SVN_ERR(svn_stream_close(stream)); - } - |