summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch')
-rw-r--r--meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch67
1 files changed, 67 insertions, 0 deletions
diff --git a/meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch b/meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch
new file mode 100644
index 0000000000..32dfbaedbe
--- /dev/null
+++ b/meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch
@@ -0,0 +1,67 @@
+From b258116462399b318c86165c61a5c7123043cfd4 Mon Sep 17 00:00:00 2001
+From: Blake Burkhart <bburky@bburky.com>
+Date: Tue, 22 Sep 2015 18:06:20 -0400
+Subject: [PATCH] http: limit redirection depth
+
+By default, libcurl will follow circular http redirects
+forever. Let's put a cap on this so that somebody who can
+trigger an automated fetch of an arbitrary repository (e.g.,
+for CI) cannot convince git to loop infinitely.
+
+The value chosen is 20, which is the same default that
+Firefox uses.
+
+Signed-off-by: Jeff King <peff@peff.net>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+
+Upstream-Status: Backport
+https://kernel.googlesource.com/pub/scm/git/git/+/b258116462399b318c86165c61a5c7123043cfd4%5E%21/
+CVE: CVE-2015-7545 patch #1
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+---
+ http.c | 1 +
+ t/lib-httpd/apache.conf | 3 +++
+ t/t5812-proto-disable-http.sh | 4 ++++
+ 3 files changed, 8 insertions(+)
+
+Index: git-2.3.0/http.c
+===================================================================
+--- git-2.3.0.orig/http.c
++++ git-2.3.0/http.c
+@@ -349,6 +349,7 @@ static CURL *get_curl_handle(void)
+ }
+
+ curl_easy_setopt(result, CURLOPT_FOLLOWLOCATION, 1);
++ curl_easy_setopt(result, CURLOPT_MAXREDIRS, 20);
+ #if LIBCURL_VERSION_NUM >= 0x071301
+ curl_easy_setopt(result, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL);
+ #elif LIBCURL_VERSION_NUM >= 0x071101
+Index: git-2.3.0/t/lib-httpd/apache.conf
+===================================================================
+--- git-2.3.0.orig/t/lib-httpd/apache.conf
++++ git-2.3.0/t/lib-httpd/apache.conf
+@@ -120,6 +120,9 @@ RewriteRule ^/smart-redir-auth/(.*)$ /au
+ RewriteRule ^/smart-redir-limited/(.*)/info/refs$ /smart/$1/info/refs [R=301]
+ RewriteRule ^/ftp-redir/(.*)$ ftp://localhost:1000/$1 [R=302]
+
++RewriteRule ^/loop-redir/x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-(.*) /$1 [R=302]
++RewriteRule ^/loop-redir/(.*)$ /loop-redir/x-$1 [R=302]
++
+ <IfDefine SSL>
+ LoadModule ssl_module modules/mod_ssl.so
+
+Index: git-2.3.0/t/t5812-proto-disable-http.sh
+===================================================================
+--- git-2.3.0.orig/t/t5812-proto-disable-http.sh
++++ git-2.3.0/t/t5812-proto-disable-http.sh
+@@ -25,5 +25,9 @@ test_expect_success 'curl redirects resp
+ }
+ '
+
++test_expect_success 'curl limits redirects' '
++ test_must_fail git clone "$HTTPD_URL/loop-redir/smart/repo.git"
++'
++
+ stop_httpd
+ test_done