bug-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bug#148038: cvs: add a file named `--foo', and CVS stops working


From: Zooko
Subject: Bug#148038: cvs: add a file named `--foo', and CVS stops working
Date: Fri, 24 May 2002 07:55:11 -0700

Subject: cvs: add a file named `--foo', and CVS stops working
Package: cvs
Version: 1.11.2-1
Severity: normal

Thanks for CVS and the Debian package thereof!

If you add a file named `--foo', then cvs subsequently passes it as an 
argument to `diff' (cvs's internal diff, I believe), and gets an error from 
diff since diff interprets that argument as an option instead of an 
argument.

This is a potential security issue (but I am not aware of any exploit) 
inasmuch as it allows end users to pass arbitrary options to CVS's internal 
diff, which they are not necessarily supposed to do.

The right way to fix this is just to insert a '--' argument into the argument 
vector before the filename argument(s).  I poked around in the cvs source code 
a bit but didn't see exactly where to do it (there's a global/static variable 
named `argument_vector'...).

Regards,

Zooko

-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux imp 2.4.17 #1 Wed Jan 9 06:14:31 PST 2002 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages cvs depends on:
ii  debconf                       1.1.7      Debian configuration management sy
hi  libc6                         2.2.5-4    GNU C Library: Shared libraries an
ii  zlib1g                        1:1.1.4-1  compression library - runtime

-- debconf information:
* cvs/repositories: /var/cvs
* cvs/badrepositories: create
* cvs/rotatehistory: no
  cvs/rotatekeep_nondefault: no
  cvs/pserver_repos: all
  cvs/rotatekeep_individual: 7
  cvs/pserver_spawnlimit: 400
  cvs/read_cvsconf: false
* cvs/pserver: false
  cvs/pserver_warning: 
  cvs/pserver_repos_individual: yes
  cvs/rotate_individual: true
  cvs/cvs_conf_is_dead: 
  cvs/pserver_setspawnlimit: yes
  cvs/rotatekeep: 7




reply via email to

[Prev in Thread] Current Thread [Next in Thread]