/[packages]/updates/3/couchdb/current/SOURCES/apache-couchdb-1.2.0-CVE-2014-2668.patch
ViewVC logotype

Contents of /updates/3/couchdb/current/SOURCES/apache-couchdb-1.2.0-CVE-2014-2668.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 617320 - (show annotations) (download)
Mon Apr 21 20:59:46 2014 UTC (6 years, 3 months ago) by luigiwalser
File size: 2110 byte(s)
add patch from opensuse to fix CVE-2014-2668
1 From: Robert Newson <rnewson@apache.org>
2 Date: Tue, 25 Mar 2014 15:02:50 +0000 (+0000)
3 Subject: Configurable upper bound to _uuids count parameter
4 X-Git-Url: http://git-wip-us.apache.org/repos/asf?p=couchdb.git;a=commitdiff_plain;h=0fb5aa9e67bd291ca2638dba961f4ddd3f6ccb3e;hp=198bea3479dfecac13ab1a3e95f902b8eba02f7d
5
6 Configurable upper bound to _uuids count parameter
7 ---
8
9 diff --git a/etc/couchdb/default.ini.tpl.in b/etc/couchdb/default.ini.tpl.in
10 index fd953c2..32537e0 100644
11 --- a/etc/couchdb/default.ini.tpl.in
12 +++ b/etc/couchdb/default.ini.tpl.in
13 @@ -169,6 +169,8 @@ algorithm = sequential
14 ; utc_random - Time since Jan 1, 1970 UTC with microseconds
15 ; First 14 characters are the time in hex. Last 18 are random.
16 algorithm = sequential
17 +# Maximum number of UUIDs retrievable from /_uuids in a single request
18 +max_count = 1000
19
20 [stats]
21 ; rate is in milliseconds
22 diff --git a/share/www/script/test/uuids.js b/share/www/script/test/uuids.js
23 index 6f5d223..0f141a9 100644
24 --- a/share/www/script/test/uuids.js
25 +++ b/share/www/script/test/uuids.js
26 @@ -80,6 +80,10 @@ couchTests.uuids = function(debug) {
27 }
28 };
29
30 + // test max_uuid_count
31 + var xhr = CouchDB.request("GET", "/_uuids?count=1001");
32 + TEquals(401, xhr.status, "should error when count > max_count");
33 +
34 run_on_modified_server([{
35 "section": "uuids",
36 "key": "algorithm",
37 diff --git a/src/couchdb/couch_httpd_misc_handlers.erl b/src/couchdb/couch_httpd_misc_handlers.erl
38 index 96a05c6..67e3a12 100644
39 --- a/src/couchdb/couch_httpd_misc_handlers.erl
40 +++ b/src/couchdb/couch_httpd_misc_handlers.erl
41 @@ -105,7 +105,12 @@ handle_restart_req(Req) ->
42
43
44 handle_uuids_req(#httpd{method='GET'}=Req) ->
45 + Max = list_to_integer(couch_config:get("uuids","max","1000")),
46 Count = list_to_integer(couch_httpd:qs_value(Req, "count", "1")),
47 + case Count > Max of
48 + true -> throw({forbidden, <<"count parameter too large">>});
49 + false -> ok
50 + end,
51 UUIDs = [couch_uuids:new() || _ <- lists:seq(1, Count)],
52 Etag = couch_httpd:make_etag(UUIDs),
53 couch_httpd:etag_respond(Req, Etag, fun() ->

  ViewVC Help
Powered by ViewVC 1.1.28