[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-dev] [Bug #7] Potential overflow on CVS server command line
From: |
noreply |
Subject: |
[Savannah-dev] [Bug #7] Potential overflow on CVS server command line |
Date: |
Mon, 29 Apr 2002 14:27:08 -0400 |
=================== Bug #7: Latest Modifications ==================
http://savannah.gnu.org/bugs/?func=detailbug&bug_id=7&group_id=11
Changes by: Loic Dachary <address@hidden>
Date: 2002-Apr-29 18:27 (GMT)
What | Removed | Added
---------------------------------------------------------------------------
Resolution | None | Fixed
Status | Open | Closed
------------------ Additional Follow-up Comments ----------------------------
The patch was applied and tested for a while. It is now
activated by default for all pserver sessions. The
documentation http://savannah.gnu.org/savannah.html was updated to reflect the
change. The old cvs server was backed up in /usr/bin/cvs-2002-04-20 in case
something really bad happens.
=================== Bug #7: Full Bug Snapshot ===================
Submitted by: ljulliar Project: savannah
Submitted on: 2002-Apr-19 14:15
Category: CVS Severity: 9 - Blocker
Priority: Low Bug Group: None
Resolution: Fixed Assigned to: loic
Status: Closed Effort: 5.00
Summary: Potential overflow on CVS server command line
Original Submission: Savannah currently uses a standard cvs server. All the
allowed root files are therefore passed as a lonmg series of "--allow-root
/cvsroot/foo" options.
On Linux the size limit for a command line is 64 KBytes so at about say 40
chars per option, the command overflow will show up when we'll approach 1600
projects.
Follow-up Comments
*******************
-------------------------------------------------------
Date: 2002-Apr-29 18:27 By: loic
The patch was applied and tested for a while. It is now
activated by default for all pserver sessions. The
documentation http://savannah.gnu.org/savannah.html was updated to reflect the
change. The old cvs server was backed up in /usr/bin/cvs-2002-04-20 in case
something really bad happens.
-------------------------------------------------------
Date: 2002-Apr-22 07:21 By: lo-lan-do
You could also check out a patch I submitted to the upstream maintainers of
CVS. This patch adds a "--allow-root-regexp" command line option, allowing you
to specify, for instance, "/var/lib/savannah/cvsroot/.*" as allowed cvsroots.
I can't remember the URL offhand, but it seemed to work, and it should be
included in the next release of CVS.
-------------------------------------------------------
Date: 2002-Apr-20 22:20 By: loic
Applied the patch. A test server is available on port 2402.
cvs -d :pserver:address@hidden:/cvsroot/uri co uri
-------------------------------------------------------
Date: 2002-Apr-19 14:22 By: ljulliar
I have already fixed this problem for CodeX at Xerox. We just need to apply a
little patch to cvs (see attachement) which creates a new option called
"--allow-root-file filename" where the file contains a list of allowed cvs root.
This file of allowed cvs roots will be generated by the Savannah background
daemon.
For detailed info, follow this link:
http://savannah.gnu.org/bugs/?func=detailbug&bug_id=7&group_id=11