|
|
fe6059 |
|
|
|
fe6059 |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0032
|
|
|
fe6059 |
|
|
|
fe6059 |
http://svn.apache.org/viewvc?view=revision&revision=1558692
|
|
|
fe6059 |
|
|
|
fe6059 |
--- subversion-1.7.14/subversion/mod_dav_svn/repos.c.cve0032
|
|
|
fe6059 |
+++ subversion-1.7.14/subversion/mod_dav_svn/repos.c
|
|
|
fe6059 |
@@ -1959,6 +1959,25 @@ get_resource(request_rec *r,
|
|
|
fe6059 |
of private resource, iff the SVNListParentPath directive is 'on'. */
|
|
|
fe6059 |
if (dav_svn__is_parentpath_list(r))
|
|
|
fe6059 |
{
|
|
|
fe6059 |
+ /* Only allow GET and HEAD on the parentpath resource
|
|
|
fe6059 |
+ * httpd uses the same method_number for HEAD as GET */
|
|
|
fe6059 |
+ if (r->method_number != M_GET)
|
|
|
fe6059 |
+ {
|
|
|
fe6059 |
+ int status;
|
|
|
fe6059 |
+
|
|
|
fe6059 |
+ /* Marshall the error back to the client by generating by
|
|
|
fe6059 |
+ * way of the dav_svn__error_response_tag trick. */
|
|
|
fe6059 |
+ err = dav_svn__new_error(r->pool, HTTP_METHOD_NOT_ALLOWED,
|
|
|
fe6059 |
+ SVN_ERR_APMOD_MALFORMED_URI,
|
|
|
fe6059 |
+ "The URI does not contain the name "
|
|
|
fe6059 |
+ "of a repository.");
|
|
|
fe6059 |
+ /* can't use r->allowed since the default handler isn't called */
|
|
|
fe6059 |
+ apr_table_setn(r->headers_out, "Allow", "GET,HEAD");
|
|
|
fe6059 |
+ status = dav_svn__error_response_tag(r, err);
|
|
|
fe6059 |
+
|
|
|
fe6059 |
+ return dav_push_error(r->pool, status, err->error_id, NULL, err);
|
|
|
fe6059 |
+ }
|
|
|
fe6059 |
+
|
|
|
fe6059 |
err = get_parentpath_resource(r, resource);
|
|
|
fe6059 |
if (err)
|
|
|
fe6059 |
return err;
|