diff options
| author | Jacques Vidrine <nectar@FreeBSD.org> | 2003-02-04 18:08:27 +0000 |
|---|---|---|
| committer | Jacques Vidrine <nectar@FreeBSD.org> | 2003-02-04 18:08:27 +0000 |
| commit | f9ed240692690069fb33b086fb2222b0a7137c1e (patch) | |
| tree | f996694cd46a5b8ff3932e56a6856015532e7ae4 | |
| parent | f100518920998ffa67fa29760ac9b460abf4196d (diff) | |
| download | src-f9ed240692690069fb33b086fb2222b0a7137c1e.tar.gz src-f9ed240692690069fb33b086fb2222b0a7137c1e.zip | |
Correct a double-free bug and disable a dangerous feature in
cvs.
See <URL:http://online.securityfocus.com/archive/1/72584>,
<URL:http://security.e-matters.de/advisories/012003.html>,
and the soon-to-be-released FreeBSD-SA-03:01.cvs for details.
Notes
Notes:
svn path=/releng/4.6/; revision=110341
| -rw-r--r-- | UPDATING | 4 | ||||
| -rw-r--r-- | contrib/cvs/src/server.c | 10 | ||||
| -rw-r--r-- | sys/conf/newvers.sh | 2 |
3 files changed, 10 insertions, 6 deletions
@@ -17,6 +17,10 @@ minimal number of processes, if possible, for that patch. For those updates that don't have an advisory, or to be safe, you can do a full build and install as described in the COMMON ITEMS section. +20030204: p7 FreeBSD-SA-03:01.cvs + Correct a double-free bug and disable a dangerous feature in + cvs. + 20030106: p6 FreeBSD-SA-02:44.filedesc Correct a reference counting bug in fpathconf(2). diff --git a/contrib/cvs/src/server.c b/contrib/cvs/src/server.c index 525d1ce027f6..16210ddaad09 100644 --- a/contrib/cvs/src/server.c +++ b/contrib/cvs/src/server.c @@ -984,9 +984,6 @@ dirswitch (dir, repos) return; } - if (dir_name != NULL) - free (dir_name); - dir_len = strlen (dir); /* Check for a trailing '/'. This is not ISDIRSEP because \ in the @@ -1002,6 +999,9 @@ dirswitch (dir, repos) return; } + if (dir_name != NULL) + free (dir_name); + dir_name = malloc (strlen (server_temp_dir) + dir_len + 40); if (dir_name == NULL) { @@ -4738,8 +4738,8 @@ struct request requests[] = REQ_LINE("Max-dotdot", serve_max_dotdot, 0), REQ_LINE("Static-directory", serve_static_directory, 0), REQ_LINE("Sticky", serve_sticky, 0), - REQ_LINE("Checkin-prog", serve_checkin_prog, 0), - REQ_LINE("Update-prog", serve_update_prog, 0), + REQ_LINE("Checkin-prog", serve_noop, 0), + REQ_LINE("Update-prog", serve_noop, 0), REQ_LINE("Entry", serve_entry, RQ_ESSENTIAL), REQ_LINE("Kopt", serve_kopt, 0), REQ_LINE("Checkin-time", serve_checkin_time, 0), diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index b0890ecb98e4..088f4cb7dbbd 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -36,7 +36,7 @@ TYPE="FreeBSD" REVISION="4.6.2" -BRANCH="RELEASE-p6" +BRANCH="RELEASE-p7" RELEASE="${REVISION}-${BRANCH}" VERSION="${TYPE} ${RELEASE}" |