Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian....@packages.debian.org
Usertags: pu
I'd like to propose the following update (+ s/UNRELEASED/jessie/) to fix a
crash when running svn and using kwallet to store credentials.
$ debdiff subversion_1.8.10-6+deb8u{2,3}.dsc
diffstat for subversion_1.8.10-6+deb8u2 subversion_1.8.10-6+deb8u3
debian/patches/r1701440-kwallet-segfault | 145 +++++++++++++++++++++++++++++++
subversion-1.8.10/debian/changelog | 7 +
subversion-1.8.10/debian/patches/series | 1
3 files changed, 153 insertions(+)
diff -u subversion-1.8.10/debian/changelog subversion-1.8.10/debian/changelog
--- subversion-1.8.10/debian/changelog
+++ subversion-1.8.10/debian/changelog
@@ -1,3 +1,10 @@
+subversion (1.8.10-6+deb8u3) UNRELEASED; urgency=medium
+
+ * patches/r1701440-kwallet-segfault: Fix segfault when using kwallet to
+ store authentication information. (Closes: #736879)
+
+ -- James McCoy <james...@debian.org> Sat, 27 Feb 2016 14:08:40 -0500
+
subversion (1.8.10-6+deb8u2) jessie-security; urgency=high
* patches/r1708699-mod_auth_ntlm-kerb-fix: Fix regression interacting with
diff -u subversion-1.8.10/debian/patches/series
subversion-1.8.10/debian/patches/series
--- subversion-1.8.10/debian/patches/series
+++ subversion-1.8.10/debian/patches/series
@@ -28,0 +29 @@
+r1701440-kwallet-segfault
only in patch2:
unchanged:
--- subversion-1.8.10.orig/debian/patches/r1701440-kwallet-segfault
+++ subversion-1.8.10/debian/patches/r1701440-kwallet-segfault
@@ -0,0 +1,145 @@
+------------------------------------------------------------------------
+r1701440 | svn-role | 2015-09-06 00:00:12 -0400 (Sun, 06 Sep 2015) | 9 lines
+
+Merge the r1700740 group from trunk:
+
+ * r1700740, r1700951
+ Fix registration of kwallet to avoid double free on close
+ Justification:
+ Fixes segfault on kwallet close. User reported problem.
+ Votes:
+ +1: rhuijben, stsp, brane
+
+
+Index: 1.9.x/subversion/libsvn_auth_kwallet/kwallet.cpp
+===================================================================
+--- 1.9.x/subversion/libsvn_auth_kwallet/kwallet.cpp (revision 1701439)
++++ 1.9.x/subversion/libsvn_auth_kwallet/kwallet.cpp (revision 1701440)
+@@ -47,6 +47,7 @@
+ #include "svn_auth.h"
+ #include "svn_config.h"
+ #include "svn_error.h"
++#include "svn_hash.h"
+ #include "svn_io.h"
+ #include "svn_pools.h"
+ #include "svn_string.h"
+@@ -135,35 +136,37 @@
+ return wid;
+ }
+
++/* Forward definition */
++static apr_status_t
++kwallet_terminate(void *data);
++
+ static KWallet::Wallet *
+ get_wallet(QString wallet_name,
+ apr_hash_t *parameters)
+ {
+ KWallet::Wallet *wallet =
+- static_cast<KWallet::Wallet *> (apr_hash_get(parameters,
+- "kwallet-wallet",
+- APR_HASH_KEY_STRING));
+- if (! wallet && ! apr_hash_get(parameters,
+- "kwallet-opening-failed",
+- APR_HASH_KEY_STRING))
++ static_cast<KWallet::Wallet *> (svn_hash_gets(parameters,
++ "kwallet-wallet"));
++ if (! wallet && ! svn_hash_gets(parameters, "kwallet-opening-failed"))
+ {
+ wallet = KWallet::Wallet::openWallet(wallet_name, get_wid(),
+ KWallet::Wallet::Synchronous);
++
++ if (wallet)
++ {
++ svn_hash_sets(parameters, "kwallet-wallet", wallet);
++
++ apr_pool_cleanup_register(apr_hash_pool_get(parameters),
++ parameters, kwallet_terminate,
++ apr_pool_cleanup_null);
++
++ svn_hash_sets(parameters, "kwallet-initialized", "");
++ }
++ else
++ {
++ svn_hash_sets(parameters, "kwallet-opening-failed", "");
++ }
+ }
+- if (wallet)
+- {
+- apr_hash_set(parameters,
+- "kwallet-wallet",
+- APR_HASH_KEY_STRING,
+- wallet);
+- }
+- else
+- {
+- apr_hash_set(parameters,
+- "kwallet-opening-failed",
+- APR_HASH_KEY_STRING,
+- "");
+- }
+ return wallet;
+ }
+
+@@ -171,14 +174,12 @@
+ kwallet_terminate(void *data)
+ {
+ apr_hash_t *parameters = static_cast<apr_hash_t *> (data);
+- if (apr_hash_get(parameters, "kwallet-initialized", APR_HASH_KEY_STRING))
++ if (svn_hash_gets(parameters, "kwallet-initialized"))
+ {
+ KWallet::Wallet *wallet = get_wallet(NULL, parameters);
+ delete wallet;
+- apr_hash_set(parameters,
+- "kwallet-initialized",
+- APR_HASH_KEY_STRING,
+- NULL);
++ svn_hash_sets(parameters, "kwallet-wallet", NULL);
++ svn_hash_sets(parameters, "kwallet-initialized", NULL);
+ }
+ return APR_SUCCESS;
+ }
+@@ -236,10 +237,6 @@
+ KWallet::Wallet *wallet = get_wallet(wallet_name, parameters);
+ if (wallet)
+ {
+- apr_hash_set(parameters,
+- "kwallet-initialized",
+- APR_HASH_KEY_STRING,
+- "");
+ if (wallet->setFolder(folder))
+ {
+ QString q_password;
+@@ -254,9 +251,6 @@
+ }
+ }
+
+- apr_pool_cleanup_register(pool, parameters, kwallet_terminate,
+- apr_pool_cleanup_null);
+-
+ return SVN_NO_ERROR;
+ }
+
+@@ -310,10 +304,6 @@
+ KWallet::Wallet *wallet = get_wallet(wallet_name, parameters);
+ if (wallet)
+ {
+- apr_hash_set(parameters,
+- "kwallet-initialized",
+- APR_HASH_KEY_STRING,
+- "");
+ if (! wallet->hasFolder(folder))
+ {
+ wallet->createFolder(folder);
+@@ -329,9 +319,6 @@
+ }
+ }
+
+- apr_pool_cleanup_register(pool, parameters, kwallet_terminate,
+- apr_pool_cleanup_null);
+-
+ return SVN_NO_ERROR;
+ }
+
+
+------------------------------------------------------------------------
-- System Information:
Debian Release: stretch/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1,
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64
Kernel: Linux 4.4.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
