Re: Segfault in mod_dav_svn with repositories on /

From: Ben Reser <ben_at_reser.org>
Date: Sun, 12 Jan 2014 15:43:39 -0800

On 1/10/14, 11:22 PM, Ben Reser wrote:
> On 1/10/14, 4:19 AM, Philip Martin wrote:
>> It is not fixed. If you look a few lines down we pass a NULL path:
>>
>> apr_text_append(resource->pool, option,
>> dav_svn__build_uri(resource->info->repos,
>> DAV_SVN__BUILD_URI_ACT_COLLECTION,
>> SVN_INVALID_REVNUM, NULL,
>> 1 /* add_href */,
>> resource->pool));
>>
>> Program received signal SIGSEGV, Segmentation fault.
>> [Switching to Thread 0x7f318b7fe700 (LWP 21796)]
>> 0x00007f319a42a391 in dav_svn__build_uri (repos=0x7f3196f682b0,
>> what=DAV_SVN__BUILD_URI_ACT_COLLECTION, revision=-1, path=0x0, add_href=1,
>> pool=0x7f3196f6c028) at ../src/subversion/mod_dav_svn/util.c:244
>> 244 if (root_path[0] == '/' && root_path[1] == '\0')
>> (gdb) p root_path
>> $1 = 0x0
>> (gdb) up
>> #1 0x00007f319a42bc2f in get_option (resource=0x7f3196f68330,
>> elem=0x7f3196f68728, option=0x7f318b7fdb00)
>> at ../src/subversion/mod_dav_svn/version.c:188
>> 188 apr_text_append(resource->pool, option,
>
> I reverted Bert's fix and applied a better one in r1557320.

This issue has been assigned CVE-2014-0032
Received on 2014-01-13 00:44:33 CET

This message: [ Message body ]
Next message: Mojca Miklavec: "Failure when committing with svn client from trunk (E235000)"
Previous message: Branko Čibej: "Re: svn cleanup and unreferenced pristines"
In reply to: Ben Reser: "Re: Segfault in mod_dav_svn with repositories on /"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]