SOURCES: cvs-acl-fixes.patch (NEW) - fix SEGV on stat of non-exist...

Mon Oct 24 13:28:15 CEST 2005

Author: qboosh                       Date: Mon Oct 24 11:28:15 2005 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- fix SEGV on stat of non-existing dir, kill some memory leaks and possible
  buffer overflow in access_allowed() function
- add missing prototypes in acl.c

---- Files affected:
SOURCES:
   cvs-acl-fixes.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/cvs-acl-fixes.patch
diff -u /dev/null SOURCES/cvs-acl-fixes.patch:1.1

--- /dev/null	Mon Oct 24 13:28:15 2005
+++ SOURCES/cvs-acl-fixes.patch	Mon Oct 24 13:28:10 2005
@@ -0,0 +1,116 @@
+--- cvs-1.11.21/src/acl.c.orig	2005-10-24 08:48:45.000000000 +0000
++++ cvs-1.11.21/src/acl.c	2005-10-24 10:34:02.000000000 +0000
+@@ -83,6 +83,11 @@
+ char *get_perms (char *xperms);
+ char *make_perms (char *xperms, char *xfounduserpart, char **xerrmsg);
+ 
++int valid_tag(char *part_tag, char *tag);
++int valid_perm(char *par_perms, int perm);
++int given_perms_valid(char *cperms);
++int write_perms(char *user, char *perms, char *founduserpart, int foundline, char *otheruserpart, char *part_type, char *part_object, char *part_tag, int pos, char *arepos);
++
+ static char *cache_repository;
+ static int cache_retval;
+ static int founddeniedfile;
+@@ -116,8 +121,6 @@
+ int userfound;
+ int groupfound;
+ 
+-char *dirs[25];
+-
+ int aclconfig_default_used;
+ 
+ static const char *const acl_usage[] =
+@@ -175,6 +178,8 @@
+ 	char *tempc;
+ 	size_t tempsize;
+ 	int intcount;
++	char **dirs;
++	int dirssize = 25;
+ 
+ 	int oneaccessfile = 0;
+ 	int accessfilecount;
+@@ -193,7 +198,7 @@
+ 
+ 	if (defaultperms)
+ 	{
+-		repository = xstrdup ("ALL");
++		repository = "ALL";
+ 	}
+ 	else
+ 		repository = Short_Repository (repos);
+@@ -227,11 +232,13 @@
+ 	iline = xstrdup(repository);
+ 
+ 	tempv = strtok(iline, "/\t");
++	if (tempv != NULL) {
+ 	tempc = xstrdup(tempv);
+ 	tempsize = strlen(tempc);
+ 
+ 	intcount = 0;
+ 
++	dirs = xmalloc (dirssize * sizeof (char*));
+ 	dirs[intcount] = xstrdup(tempc);
+ 
+ 	while ((tempv = strtok(NULL, "/\t")) != NULL)
+@@ -241,6 +248,11 @@
+ 		xrealloc_and_strcat(&tempc, &tempsize, "/");
+ 		xrealloc_and_strcat(&tempc, &tempsize, tempv);
+ 
++		if (intcount >= dirssize)
++		{
++			dirssize *= 2;
++			dirs = xrealloc (dirs, dirssize * sizeof (char*));
++		}
+ 		dirs[intcount] = xstrdup(tempc);
+ 	}
+ 
+@@ -252,7 +264,7 @@
+ 		dirs[intcount] = xstrdup(filefullname);
+ 	}
+ 
+-	for (accessfilecount; accessfilecount >= 0 && !oneaccessfile; accessfilecount--)
++	for (; accessfilecount >= 0 && !oneaccessfile; accessfilecount--)
+ 	{
+ 		if (!use_separate_acl_file_for_each_dir)
+ 			oneaccessfile = 1;
+@@ -351,7 +363,7 @@
+ 							retval = 0;
+ 					}
+ 				}
+-
++				free (xline);
+ 			}
+ 			if (fclose (accessfp) == EOF)
+ 				error (1, errno, "cannot close 'access' file");
+@@ -375,6 +387,14 @@
+ 
+ 	cache_retval = retval;
+ 
++	for (; intcount >= 0; intcount--)
++		free (dirs[intcount]);
++	free (dirs);
++	free (tempc);
++	} else
++		retval = 1; /* XXX: non-existing directory - allow to show message instead of "Permission denied" */
++	free (iline);
++	if (file != NULL)
+ 	free (filefullname);
+ 
+ 	return (retval);
+@@ -486,6 +506,7 @@
+ 	/* no defined acl, no default acl in access file,
+ 	or no access file at all */
+ 	if (part_perms == NULL)
++	{
+ 		if (cvs_acl_default_permissions)
+ 		{
+ 			aclconfig_default_used = 1;
+@@ -493,6 +514,7 @@
+ 		}
+ 		else
+ 			return (xperms);
++	}
+ 
+ check_default:
+ 	founduser = strstr (part_perms, username);
================================================================

