1 diff -urN cvs-nserver-1.11.1.52.org/src/modules.c cvs-nserver-1.11.1.52/src/modules.c
2 --- cvs-nserver-1.11.1.52.org/src/modules.c 2004-05-23 02:51:33.243861768 +0200
3 +++ cvs-nserver-1.11.1.52/src/modules.c 2004-05-23 03:11:37.243825952 +0200
8 + /* Don't process absolute directories. Anything else could be a security
9 + * problem. Before this check was put in place:
11 + * $ cvs -d:fork:/cvsroot co /foo
12 + * cvs server: warning: cannot make directory CVS in /: Permission denied
13 + * cvs [server aborted]: cannot make directory /foo: Permission denied
16 + if (isabsolute (mname))
17 + error (1, 0, "Absolute module reference invalid: `%s'", mname);
19 + /* Similarly for directories that attempt to step above the root of the
22 + if (pathname_levels (mname) > 0)
23 + error (1, 0, "up-level in module reference (`..') invalid: `%s'.",
26 /* if this is a directory to ignore, add it to that list */
27 if (mname[0] == '!' && mname[1] != '\0')
29 diff -urN cvs-nserver-1.11.1.52.org/src/client.c cvs-nserver-1.11.1.52/src/client.c
30 --- cvs-nserver-1.11.1.52.org/src/client.c 2004-05-23 02:51:33.285855384 +0200
31 +++ cvs-nserver-1.11.1.52/src/client.c 2004-05-23 03:18:06.134705552 +0200
34 int reposdirname_absolute;
36 + /* For security reasons, if PATHNAME is absolute or attemps to ascend
37 + * outside of the current sanbbox, we abort. The server should not send us
38 + * anything but relative paths which remain inside the sandbox here.
39 + * Anything less means a trojan CVS server could create and edit arbitrary
40 + * files on the client.
42 + if (isabsolute (pathname) || pathname_levels (pathname) > 0)
44 + error (0, 0, "Server attempted to update a file via an invalid pathname:");
45 + error (1, 0, "`%s'.", pathname);
49 read_line (&reposname);
50 assert (reposname != NULL);