diff options
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/usr.bin/Makefile | 6 | ||||
-rw-r--r-- | gnu/usr.bin/cvs/cvs/Makefile | 15 | ||||
-rw-r--r-- | gnu/usr.bin/cvs/cvs/client.patch | 30 | ||||
-rw-r--r-- | gnu/usr.bin/cvs/cvs/modules.patch | 25 |
4 files changed, 7 insertions, 69 deletions
diff --git a/gnu/usr.bin/Makefile b/gnu/usr.bin/Makefile index d57c497..b6a7cbd 100644 --- a/gnu/usr.bin/Makefile +++ b/gnu/usr.bin/Makefile @@ -15,8 +15,8 @@ _gperf=gperf SUBDIR+=groff .endif -#.if !defined(NO_CVS) -#SUBDIR+=cvs -#.endif +.if !defined(NO_CVS) +SUBDIR+=cvs +.endif .include <bsd.subdir.mk> diff --git a/gnu/usr.bin/cvs/cvs/Makefile b/gnu/usr.bin/cvs/cvs/Makefile index 2e79c22..f683009 100644 --- a/gnu/usr.bin/cvs/cvs/Makefile +++ b/gnu/usr.bin/cvs/cvs/Makefile @@ -13,15 +13,16 @@ PROG= cvs MAN= cvs.1 cvs.5 SRCS= add.c admin.c annotate.c buffer.c \ - checkin.c checkout.c classify.c client_P.c \ + checkin.c checkout.c classify.c client.c \ commit.c create_adm.c cvsrc.c diff.c edit.c entries.c error.c \ expand_path.c fileattr.c filesubr.c find_names.c \ hardlink.c hash.c history.c \ ignore.c import.c lock.c log.c login.c logmsg.c main.c mkmodules.c \ - modules_P.c myndbm.c no_diff.c parseinfo.c patch.c prepend_args.c \ + modules.c myndbm.c no_diff.c parseinfo.c patch.c prepend_args.c \ rcs.c rcscmds.c \ recurse.c release.c remove.c repos.c root.c run.c scramble.c \ - server.c status.c subr.c tag.c update.c vers_ts.c version.c watch.c \ + server.c stack.c status.c subr.c \ + tag.c update.c vers_ts.c version.c watch.c \ wrapper.c zlib.c # gnu must be before lib to pick correct regex.h @@ -62,12 +63,4 @@ regress: .endif .endif -# XXX Temporary until next CVS import: patch security issues -.for f in client modules -CLEANFILES+= ${f}_P.c - -${f}_P.c: ${f}.c ${f}.patch - patch -t -s -p3 -o ${.TARGET} ${.ALLSRC:M*.c} ${.ALLSRC:M*.patch} -.endfor - .include <bsd.prog.mk> diff --git a/gnu/usr.bin/cvs/cvs/client.patch b/gnu/usr.bin/cvs/cvs/client.patch deleted file mode 100644 index c5599c8..0000000 --- a/gnu/usr.bin/cvs/cvs/client.patch +++ /dev/null @@ -1,30 +0,0 @@ -$FreeBSD$ -Index: contrib/cvs/src/client.c -=================================================================== -RCS file: /home/ncvs/src/contrib/cvs/src/client.c,v -retrieving revision 1.10 -diff -c -r1.10 client.c -*** contrib/cvs/src/client.c 21 Jan 2003 22:01:38 -0000 1.10 ---- contrib/cvs/src/client.c 14 Apr 2004 15:51:51 -0000 -*************** -*** 1054,1059 **** ---- 1054,1072 ---- - char *rdirp; - int reposdirname_absolute; - -+ /* For security reasons, if PATHNAME is absolute or attemps to ascend -+ * outside of the current sanbbox, we abort. The server should not send us -+ * anything but relative paths which remain inside the sandbox here. -+ * Anything less means a trojan CVS server could create and edit arbitrary -+ * files on the client. -+ */ -+ if (isabsolute (pathname) || pathname_levels (pathname) > 0) -+ { -+ error (0, 0, -+ "Server attempted to update a file via an invalid pathname:"); -+ error (1, 0, "`%s'.", pathname); -+ } -+ - reposname = NULL; - read_line (&reposname); - assert (reposname != NULL); diff --git a/gnu/usr.bin/cvs/cvs/modules.patch b/gnu/usr.bin/cvs/cvs/modules.patch deleted file mode 100644 index 99a34fd..0000000 --- a/gnu/usr.bin/cvs/cvs/modules.patch +++ /dev/null @@ -1,25 +0,0 @@ -$FreeBSD$ -Index: contrib/cvs/src/modules.c -=================================================================== -RCS file: /home/ncvs/src/contrib/cvs/src/modules.c,v -retrieving revision 1.1.1.9 -diff -c -r1.1.1.9 modules.c -*** contrib/cvs/src/modules.c 21 Jan 2004 16:27:56 -0000 1.1.1.9 ---- contrib/cvs/src/modules.c 14 Apr 2004 15:54:51 -0000 -*************** -*** 170,175 **** ---- 170,183 ---- - if (isabsolute (mname)) - error (1, 0, "Absolute module reference invalid: `%s'", mname); - -+ /* Similarly for directories that attempt to step above the root of the -+ * repository. -+ */ -+ if (pathname_levels (mname) > 0) -+ error (1, 0, "up-level in module reference (`..') invalid: `%s'.", -+ mname); -+ -+ - /* if this is a directory to ignore, add it to that list */ - if (mname[0] == '!' && mname[1] != '\0') - { |