a05ea92118
Approved by: lev@ (explicit) Security: f8a913cc-1322-11e3-8ffa-20cf30e32f6d CVE-2013-4277
14 lines
708 B
C
14 lines
708 B
C
--- ./subversion/svnserve/main.c.orig 2013-09-02 21:08:27.000000000 +0200
|
|
+++ ./subversion/svnserve/main.c 2013-09-02 21:11:37.000000000 +0200
|
|
@@ -317,8 +317,10 @@
|
|
const char *contents = apr_psprintf(pool, "%" APR_PID_T_FMT "\n",
|
|
getpid());
|
|
|
|
+/* CVE-2013-4277 fix */
|
|
+ SVN_ERR(svn_io_remove_file(filename, pool));
|
|
SVN_ERR(svn_io_file_open(&file, filename,
|
|
- APR_WRITE | APR_CREATE | APR_TRUNCATE,
|
|
+ APR_WRITE | APR_CREATE | APR_EXCL,
|
|
APR_OS_DEFAULT, pool));
|
|
SVN_ERR(svn_io_file_write_full(file, contents, strlen(contents), NULL,
|
|
pool));
|