path: root/patches/source/subversion/subversion.CVE-2015-5343.diff

--- ./subversion/mod_dav_svn/util.c.orig	2013-11-14 15:11:33.000000000 -0600
+++ ./subversion/mod_dav_svn/util.c	2016-04-05 13:02:22.610756129 -0500
@@ -753,7 +753,12 @@
 
   if (content_length)
     {
-      buf = svn_stringbuf_create_ensure(content_length, pool);
+      /* Do not allocate more than 1 MB until we receive request body. */
+      apr_size_t alloc_len = 1 * 1024 *1024;
+      if (content_length < alloc_len)
+        alloc_len = (apr_size_t) content_length;
+
+      buf = svn_stringbuf_create_ensure(alloc_len, pool);
     }
   else
     {