summaryrefslogtreecommitdiff
path: root/debian/patches/CVE-2014-3580
blob: 58288dbb9e03efb3f315ed4cf0cf875f119b9853 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102

Subject: Correctly reject requests with missing repo paths
Origin: upstream, r1643454
Bug: CVE-2014-3850
Bug-Debian: https://bugs.debian.org/773263
Index: subversion/mod_dav_svn/reports/deleted-rev.c
===================================================================
--- a/subversion/mod_dav_svn/reports/deleted-rev.c	(revision 1624477)
+++ b/subversion/mod_dav_svn/reports/deleted-rev.c	(working copy)
@@ -56,6 +56,9 @@ dav_svn__get_deleted_rev_report(const dav_resource
   dav_error *derr = NULL;
 
   /* Sanity check. */
+  if (!resource->info->repos_path)
+    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,
+                              "The request does not specify a repository path");
   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
   if (ns == -1)
     return dav_svn__new_error_tag(resource->pool, HTTP_BAD_REQUEST, 0,
Index: subversion/mod_dav_svn/reports/file-revs.c
===================================================================
--- a/subversion/mod_dav_svn/reports/file-revs.c	(revision 1624477)
+++ b/subversion/mod_dav_svn/reports/file-revs.c	(working copy)
@@ -254,6 +254,9 @@ dav_svn__file_revs_report(const dav_resource *reso
   arb.repos = resource->info->repos;
 
   /* Sanity check. */
+  if (!resource->info->repos_path)
+    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,
+                              "The request does not specify a repository path");
   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
   /* ### This is done on other places, but the document element is
      in this namespace, so is this necessary at all? */
Index: subversion/mod_dav_svn/reports/get-location-segments.c
===================================================================
--- a/subversion/mod_dav_svn/reports/get-location-segments.c	(revision 1624477)
+++ b/subversion/mod_dav_svn/reports/get-location-segments.c	(working copy)
@@ -123,6 +123,9 @@ dav_svn__get_location_segments_report(const dav_re
   struct location_segment_baton location_segment_baton;
 
   /* Sanity check. */
+  if (!resource->info->repos_path)
+    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,
+                              "The request does not specify a repository path");
   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
   if (ns == -1)
     {
Index: subversion/mod_dav_svn/reports/get-locations.c
===================================================================
--- a/subversion/mod_dav_svn/reports/get-locations.c	(revision 1624477)
+++ b/subversion/mod_dav_svn/reports/get-locations.c	(working copy)
@@ -106,6 +106,9 @@ dav_svn__get_locations_report(const dav_resource *
                                       sizeof(svn_revnum_t));
 
   /* Sanity check. */
+  if (!resource->info->repos_path)
+    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,
+                              "The request does not specify a repository path");
   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
   if (ns == -1)
     {
Index: subversion/mod_dav_svn/reports/inherited-props.c
===================================================================
--- a/subversion/mod_dav_svn/reports/inherited-props.c	(revision 1624477)
+++ b/subversion/mod_dav_svn/reports/inherited-props.c	(working copy)
@@ -63,6 +63,9 @@ dav_svn__get_inherited_props_report(const dav_reso
   apr_pool_t *iterpool;
 
   /* Sanity check. */
+  if (!resource->info->repos_path)
+    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,
+                              "The request does not specify a repository path");
   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
   if (ns == -1)
     {
Index: subversion/mod_dav_svn/reports/log.c
===================================================================
--- a/subversion/mod_dav_svn/reports/log.c	(revision 1624477)
+++ b/subversion/mod_dav_svn/reports/log.c	(working copy)
@@ -307,6 +307,9 @@ dav_svn__log_report(const dav_resource *resource,
     = apr_array_make(resource->pool, 1, sizeof(const char *));
 
   /* Sanity check. */
+  if (!resource->info->repos_path)
+    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,
+                              "The request does not specify a repository path");
   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
   if (ns == -1)
     {
Index: subversion/mod_dav_svn/reports/mergeinfo.c
===================================================================
--- a/subversion/mod_dav_svn/reports/mergeinfo.c	(revision 1624477)
+++ b/subversion/mod_dav_svn/reports/mergeinfo.c	(working copy)
@@ -67,6 +67,9 @@ dav_svn__get_mergeinfo_report(const dav_resource *
     = apr_array_make(resource->pool, 0, sizeof(const char *));
 
   /* Sanity check. */
+  if (!resource->info->repos_path)
+    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,
+                              "The request does not specify a repository path");
   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
   if (ns == -1)
     {
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-14 23:03:28 +0000