r1921181 | stsp | 2024-10-08 09:16:50 +0000 (Tue, 08 Oct 2024)
Fix CVE-2024-45720 (Subversion command line argument injection on
Windows platforms).
On Windows platforms, a "best fit" character encoding conversion of
command line arguments to Subversion's executables (e.g., svn.exe,
etc.) may lead to unexpected command line argument interpretation,
including argument injection and execution of other programs, if a
specially crafted command line argument string is processed.
To fix the issue, we start using wmain() in the executables and perform
the character conversion manually without the "best fit" mapping.
See the security advisory for details:
https://subversion.apache.org/security/CVE-2024-45720-advisory.txt
* build.conf
(svn, svnadmin): Update `msvc-libs` to link `wsetargv.obj` instead of
`setargv.obj`.
* subversion/include/private/svn_cmdline_private.h
(svn_cmdline__win32_get_cstring_argv,
svn_cmdline__default_get_cstring_argv,
svn_cmdline__argv_char_t,
SVN_CMDLINE__MAIN,
svn_cmdline__get_cstring_argv): New definitions.
* subversion/libsvn_subr/cmdline.c
(svn_cmdline__win32_get_cstring_argv): Implement this new function that
normalizes Windows-specific command line arguments to the environment-
specific code page.
(svn_cmdline__default_get_cstring_argv): Implement this new function that
normalizes command line arguments to the environment-specific code page
in a platform-agnostic way. Currently a no-op.
* subversion/svn/svn.c,
subversion/svnadmin/svnadmin.c,
subversion/svnbench/svnbench.c,
subversion/svndumpfilter/svndumpfilter.c,
subversion/svnfsfs/svnfsfs.c,
subversion/svnlook/svnlook.c,
subversion/svnmucc/svnmucc.c,
subversion/svnrdump/svnrdump.c,
subversion/svnserve/svnserve.c,
subversion/svnsync/svnsync.c,
subversion/svnversion/svnversion.c,
tools/client-side/svn-mergeinfo-normalizer/svn-mergeinfo-normalizer.c,
tools/client-side/svnconflict/svnconflict.c,
tools/dev/svnraisetreeconflict/svnraisetreeconflict.c,
tools/dev/wc-ng/svn-wc-db-tester.c,
trunk/tools/server-side/svnauthz.c:
(main): Switch to SVN_CMDLINE__MAIN.
(sub_main): Invoke svn_cmdline__get_cstring_argv() to normalize arguments.
Patch by: kotkov, jun66j5, rinrab