diff options
| author | Clement Laforet <clement@FreeBSD.org> | 2004-09-15 20:07:02 +0000 |
|---|---|---|
| committer | Clement Laforet <clement@FreeBSD.org> | 2004-09-15 20:07:02 +0000 |
| commit | b2fdfc4659d4df6f639da6b8baab41c671f6ff6d (patch) | |
| tree | 3be9daa96148f8bc3e931deb9d0d863b32020d28 /www/mod_dav | |
| parent | 60cc4c9b884a26f71901240a9c2aa6874da7e4ec (diff) | |
| download | ports-b2fdfc4659d4df6f639da6b8baab41c671f6ff6d.tar.gz ports-b2fdfc4659d4df6f639da6b8baab41c671f6ff6d.zip | |
- backport security fix from apache2.
*) SECURITY: CAN-2004-0809 (cve.mitre.org)
mod_dav_fs: Fix a segfault in the handling of an indirect lock
refresh. PR 31183. [Joe Orton]
Requested by: nectar
Approved by: portmgr (marcus)
Notes
Notes:
svn path=/head/; revision=118190
Diffstat (limited to 'www/mod_dav')
| -rw-r--r-- | www/mod_dav/Makefile | 2 | ||||
| -rw-r--r-- | www/mod_dav/files/patch-dav_fs_lock.c | 40 |
2 files changed, 41 insertions, 1 deletions
diff --git a/www/mod_dav/Makefile b/www/mod_dav/Makefile index f91c2e4e5bb4..6ce1a8382a99 100644 --- a/www/mod_dav/Makefile +++ b/www/mod_dav/Makefile @@ -7,7 +7,7 @@ PORTNAME= mod_dav PORTVERSION= 1.0.3 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= www MASTER_SITES= http://www.webdav.org/mod_dav/ DISTNAME= mod_dav-${PORTVERSION}-${APACHE_VERSION} diff --git a/www/mod_dav/files/patch-dav_fs_lock.c b/www/mod_dav/files/patch-dav_fs_lock.c new file mode 100644 index 000000000000..5dcd52aa0a3d --- /dev/null +++ b/www/mod_dav/files/patch-dav_fs_lock.c @@ -0,0 +1,40 @@ +--- dav_fs_lock.c.orig Sat Dec 2 00:32:23 2000 ++++ dav_fs_lock.c Wed Sep 15 21:50:09 2004 +@@ -77,7 +77,7 @@ + ** INDIRECT LOCK: [char (DAV_LOCK_INDIRECT), + ** uuid_t locktoken, + ** time_t expires, +-** int key_size, ++** size_t key_size, + ** char[] key] + ** The key is to the collection lock that resulted in this indirect lock + */ +@@ -166,7 +166,7 @@ + /* Stored indirect lock info - lock token and dav_datum */ + #define dav_size_indirect(a) (1 + sizeof(uuid_t) \ + + sizeof(time_t) \ +- + sizeof(int) + (a)->key.dsize) ++ + sizeof((a)->key.dsize) + (a)->key.dsize) + + /* + ** The lockdb structure. +@@ -1456,13 +1456,13 @@ + } + if (dav_fs_do_refresh(dp_scan, ltl, new_time)) { + /* the lock was refreshed. return the lock. */ +- newlock = dav_fs_alloc_lock(lockdb, ip->key, dp->locktoken); ++ newlock = dav_fs_alloc_lock(lockdb, ip->key, dp_scan->locktoken); + newlock->is_locknull = !resource->exists; +- newlock->scope = dp->f.scope; +- newlock->type = dp->f.type; +- newlock->depth = dp->f.depth; +- newlock->timeout = dp->f.timeout; +- newlock->owner = dp->owner; ++ newlock->scope = dp_scan->f.scope; ++ newlock->type = dp_scan->f.type; ++ newlock->depth = dp_scan->f.depth; ++ newlock->timeout = dp_scan->f.timeout; ++ newlock->owner = dp_scan->owner; + newlock->auth_user = dp_scan->auth_user; + + newlock->next = *locks; |