Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
PUBLIC_REPOS
/
buildroot
zrkadlo git://git.buildroot.net/buildroot
2
1
Fork 0
Súbory
Strom: 2ed19cb1de
Branche Tagy
buildroot
/
package
/
libsoup
/
libsoup-CVE-2011-2054.patch

libsoup-CVE-2011-2054.patch 1.1 KB
História Raw

1234567891011121314151617181920212223242526272829303132 
  1. From 4617b6ef6dd21931a0153070c5b5ff7ef21b46f8 Mon Sep 17 00:00:00 2001
    2. 

  2. From: Dan Winship <danw@gnome.org>
    3. 

  3. Date: Wed, 29 Jun 2011 10:04:06 -0400
    4. 

  4. Subject: [PATCH] SoupServer: fix to not allow smuggling ".." into path
    5. 

  5. 

  6. When SoupServer:raw-paths was set (the default), it was possible to
    7. 

  7. sneak ".." segments into the path passed to the SoupServerHandler,
    8. 

  8. which could then end up tricking some handlers into retrieving
    9. 

  9. arbitrary files from the filesystem. Fix that.
    10. 

  10. 

  11. https://bugzilla.gnome.org/show_bug.cgi?id=653258
    12. 

  12. 

  13. diff --git a/libsoup/soup-server.c b/libsoup/soup-server.c
    14. 

  14. index d56efd1..7225337 100644
    15. 

  15. --- a/libsoup/soup-server.c
    16. 

  16. +++ b/libsoup/soup-server.c
    17. 

  17. @@ -779,6 +779,15 @@ got_headers (SoupMessage *req, SoupClientContext *client)
    18. 

  18.  
    19. 

  19.  		uri = soup_message_get_uri (req);
    20. 

  20.  		decoded_path = soup_uri_decode (uri->path);
    21. 

  21. +
    22. 

  22. +		if (strstr (decoded_path, "/../") ||
    23. 

  23. +		    g_str_has_suffix (decoded_path, "/..")) {
    24. 

  24. +			/* Introducing new ".." segments is not allowed */
    25. 

  25. +			g_free (decoded_path);
    26. 

  26. +			soup_message_set_status (req, SOUP_STATUS_BAD_REQUEST);
    27. 

  27. +			return;
    28. 

  28. +		}
    29. 

  29. +
    30. 

  30.  		soup_uri_set_path (uri, decoded_path);
    31. 

  31.  		g_free (decoded_path);
    32. 

  32.  	}
    33.