mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-25 19:09:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
7fe17a2942ff03e2ec47d566fd5393f52b2eb736
poky/meta/recipes-devtools/git/git-2.5.0/0012-CVE-2015-7545-5.patch
Armin Kuster e8c96131d9 git: Security fix CVE-2015-7545 
CVE-2015-7545 git: arbitrary code execution via crafted URLs

(From OE-Core rev: 1e0780427bad448c5b3644134b581ecf1d53af84)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-02-04 23:20:17 +00:00

70 lines
2.4 KiB
Diff
Raw Blame History

From b258116462399b318c86165c61a5c7123043cfd4 Mon Sep 17 00:00:00 2001
From: Blake Burkhart <bburky@bburky.com>
Date: Tue, 22 Sep 2015 18:06:20 -0400
Subject: [PATCH] http: limit redirection depth
By default, libcurl will follow circular http redirects
forever. Let's put a cap on this so that somebody who can
trigger an automated fetch of an arbitrary repository (e.g.,
for CI) cannot convince git to loop infinitely.
The value chosen is 20, which is the same default that
Firefox uses.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Upstream-Status: Backport
http://archive.ubuntu.com/ubuntu/pool/main/g/git/git_2.5.0-1ubuntu0.1.debian.tar.xz
CVE: CVE-2015-7545 #5
Singed-off-by: Armin Kuster <akuster@mvista.com>
---
http.c | 1 +
t/lib-httpd/apache.conf | 3 +++
t/t5812-proto-disable-http.sh | 4 ++++
3 files changed, 8 insertions(+)
Index: git-2.5.0/http.c
===================================================================
--- git-2.5.0.orig/http.c 2015-12-11 12:48:02.900163824 -0500
+++ git-2.5.0/http.c 2015-12-11 12:48:02.896163796 -0500
@@ -396,6 +396,7 @@
}
curl_easy_setopt(result, CURLOPT_FOLLOWLOCATION, 1);
+ curl_easy_setopt(result, CURLOPT_MAXREDIRS, 20);
#if LIBCURL_VERSION_NUM >= 0x071301
curl_easy_setopt(result, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL);
#elif LIBCURL_VERSION_NUM >= 0x071101
Index: git-2.5.0/t/lib-httpd/apache.conf
===================================================================
--- git-2.5.0.orig/t/lib-httpd/apache.conf 2015-12-11 12:48:02.900163824 -0500
+++ git-2.5.0/t/lib-httpd/apache.conf 2015-12-11 12:48:02.896163796 -0500
@@ -121,6 +121,9 @@
RewriteRule ^/smart-redir-limited/(.*)/info/refs$ /smart/$1/info/refs [R=301]
RewriteRule ^/ftp-redir/(.*)$ ftp://localhost:1000/$1 [R=302]
+RewriteRule ^/loop-redir/x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-(.*) /$1 [R=302]
+RewriteRule ^/loop-redir/(.*)$ /loop-redir/x-$1 [R=302]
+
<IfDefine SSL>
LoadModule ssl_module modules/mod_ssl.so
Index: git-2.5.0/t/t5812-proto-disable-http.sh
===================================================================
--- git-2.5.0.orig/t/t5812-proto-disable-http.sh 2015-12-11 12:48:02.900163824 -0500
+++ git-2.5.0/t/t5812-proto-disable-http.sh 2015-12-11 12:48:02.896163796 -0500
@@ -25,5 +25,9 @@
}
'
+test_expect_success 'curl limits redirects' '
+ test_must_fail git clone "$HTTPD_URL/loop-redir/smart/repo.git"
+'
+
stop_httpd
test_done
Reference in New Issue View Git Blame Copy Permalink