https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3580

http://subversion.apache.org/security/CVE-2014-3580-advisory.txt

--- subversion-1.7.14/subversion/mod_dav_svn/reports/deleted-rev.c.cve3580

+++ subversion-1.7.14/subversion/mod_dav_svn/reports/deleted-rev.c

@@ -56,6 +56,9 @@ dav_svn__get_deleted_rev_report(const da

   dav_error *derr = NULL;

   /* Sanity check. */

+  if (!resource->info->repos_path)

+    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,

+                              "The request does not specify a repository path");

   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);

   if (ns == -1)

     return dav_svn__new_error_tag(resource->pool, HTTP_BAD_REQUEST, 0,

--- subversion-1.7.14/subversion/mod_dav_svn/reports/file-revs.c.cve3580

+++ subversion-1.7.14/subversion/mod_dav_svn/reports/file-revs.c

@@ -251,6 +251,9 @@ dav_svn__file_revs_report(const dav_reso

   arb.repos = resource->info->repos;

   /* Sanity check. */

+  if (!resource->info->repos_path)

+    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,

+                              "The request does not specify a repository path");

   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);

   /* ### This is done on other places, but the document element is

      in this namespace, so is this necessary at all? */

--- subversion-1.7.14/subversion/mod_dav_svn/reports/get-locations.c.cve3580

+++ subversion-1.7.14/subversion/mod_dav_svn/reports/get-locations.c

@@ -106,6 +106,9 @@ dav_svn__get_locations_report(const dav_

                                       sizeof(svn_revnum_t));

   /* Sanity check. */

+  if (!resource->info->repos_path)

+    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,

+                              "The request does not specify a repository path");

   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);

   if (ns == -1)

     {

--- subversion-1.7.14/subversion/mod_dav_svn/reports/get-location-segments.c.cve3580

+++ subversion-1.7.14/subversion/mod_dav_svn/reports/get-location-segments.c

@@ -123,6 +123,9 @@ dav_svn__get_location_segments_report(co

   struct location_segment_baton location_segment_baton;

   /* Sanity check. */

+  if (!resource->info->repos_path)

+    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,

+                              "The request does not specify a repository path");

   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);

   if (ns == -1)

     {

--- subversion-1.7.14/subversion/mod_dav_svn/reports/log.c.cve3580

+++ subversion-1.7.14/subversion/mod_dav_svn/reports/log.c

@@ -307,6 +307,9 @@ dav_svn__log_report(const dav_resource *

     = apr_array_make(resource->pool, 1, sizeof(const char *));

   /* Sanity check. */

+  if (!resource->info->repos_path)

+    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,

+                              "The request does not specify a repository path");

   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);

   if (ns == -1)

     {

--- subversion-1.7.14/subversion/mod_dav_svn/reports/mergeinfo.c.cve3580

+++ subversion-1.7.14/subversion/mod_dav_svn/reports/mergeinfo.c

@@ -67,6 +67,9 @@ dav_svn__get_mergeinfo_report(const dav_

     = apr_array_make(resource->pool, 0, sizeof(const char *));

   /* Sanity check. */

+  if (!resource->info->repos_path)

+    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,

+                              "The request does not specify a repository path");

   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);

   if (ns == -1)

     {