add patch from upstream to fix a directory traversal problem which

could allow information disclosure  by servers (CVE-2011-2524, does not
affect client applications)
This commit is contained in:
drochner 2011-07-29 10:27:29 +00:00
parent b5703cf078
commit 9d55275760
3 changed files with 26 additions and 2 deletions

View file

@ -1,7 +1,8 @@
# $NetBSD: Makefile,v 1.32 2011/07/08 18:35:37 drochner Exp $
# $NetBSD: Makefile,v 1.33 2011/07/29 10:27:29 drochner Exp $
DISTNAME= libsoup-2.34.2
PKGNAME= ${DISTNAME:S/libsoup/libsoup24/}
PKGREVISION= 1
CATEGORIES= net gnome
MASTER_SITES= ${MASTER_SITE_GNOME:=sources/libsoup/2.34/}
EXTRACT_SUFX= .tar.bz2

View file

@ -1,5 +1,6 @@
$NetBSD: distinfo,v 1.22 2011/06/10 09:33:53 drochner Exp $
$NetBSD: distinfo,v 1.23 2011/07/29 10:27:29 drochner Exp $
SHA1 (libsoup-2.34.2.tar.bz2) = 1812b3c78778b37d55ea2904b9763b6dd8266a1c
RMD160 (libsoup-2.34.2.tar.bz2) = a3a94ca9dd6a49a3ee15efda6cf8e4ba96a66338
Size (libsoup-2.34.2.tar.bz2) = 683331 bytes
SHA1 (patch-aa) = 02d26d3f70954f1bb2d2014aab84a58d5ce14469

View file

@ -0,0 +1,22 @@
$NetBSD: patch-aa,v 1.3 2011/07/29 10:27:29 drochner Exp $
CVE-2011-2524
--- libsoup/soup-server.c.orig 2011-04-07 13:29:03.000000000 +0000
+++ libsoup/soup-server.c
@@ -779,6 +779,15 @@ got_headers (SoupMessage *req, SoupClien
uri = soup_message_get_uri (req);
decoded_path = soup_uri_decode (uri->path);
+
+ if (strstr (decoded_path, "/../") ||
+ g_str_has_suffix (decoded_path, "/..")) {
+ /* Introducing new ".." segments is not allowed */
+ g_free (decoded_path);
+ soup_message_set_status (req, SOUP_STATUS_BAD_REQUEST);
+ return;
+ }
+
soup_uri_set_path (uri, decoded_path);
g_free (decoded_path);
}