Overview

File CVE-2011-0715.txt of Package subversion

--- subversion/mod_dav_svn/version.c
+++ subversion/mod_dav_svn/version.c
@@ -1172,11 +1172,13 @@ dav_svn__push_locks(dav_resource *resource,
   svn_error_t *serr;
 
   serr = svn_fs_get_access(&fsaccess, resource->info->repos->fs);
-  if (serr)
+  if (serr || !fsaccess)
     {
       /* If an authenticated user name was attached to the request,
          then dav_svn_get_resource() should have already noticed and
          created an fs_access_t in the filesystem.  */
+      if (serr == NULL)
+        serr = svn_error_create(SVN_ERR_FS_LOCK_OWNER_MISMATCH, NULL, NULL);
       return dav_svn__sanitize_error(serr, "Lock token(s) in request, but "
                                      "missing an user name", HTTP_BAD_REQUEST,
                                      resource->info->r);
openSUSE Build Service is sponsored by
Places