File CVE-2010-4539.diff of Package subversion

------------------------------------------------------------------------
r1033166 | stsp | 2010-11-09 20:23:35 +0100 (Di, 09. Nov 2010) | 9 Zeilen

* subversion/mod_dav_svn/repos.c
  (walk): Do not attempt to walk SVNParentPath collections as this makes
   no sense and will ultimately lead to crashes further down the code path.

Found by: Rob Kooper

Patch by: philip
          me

------------------------------------------------------------------------
Index: subversion/mod_dav_svn/repos.c
===================================================================
--- subversion/mod_dav_svn/repos.c	(Revision 1033165)
+++ subversion/mod_dav_svn/repos.c	(Revision 1033166)
@@ -4119,6 +4119,12 @@ walk(const dav_walk_params *params, int
   walker_ctx_t ctx = { 0 };
   dav_error *err;
 
+  if (params->root->info->restype == DAV_SVN_RESTYPE_PARENTPATH_COLLECTION)
+    {
+      /* Cannot walk an SVNParentPath collection, there is no repository. */
+      return NULL;
+    }
+
   ctx.params = params;
 
   ctx.wres.walk_ctx = params->walk_ctx;