Greg Hudson wrote:
>The case I am most concerned about is svndiff.c, because, unlike hash
>dumps and FSFS files, we accept svndiffs over the network. It seems
>like one way to DOS a server would be to send an svndiff window with a
>huge instruction or new data length, and then get the server to buffer
>some large amount of data. You'd need commit access to do that, so it's
>not so bad, but I have thought about proposing a "maximum reasonable
>window size" constant to address the issue.
>
>
We have such a constant, it's callsd SVN_MAX_OBJECT_SIZE. All we have to
do is agree on its value; right now it't the maximum allocatable size,
which is not very useful.
-- Brane
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon May 3 11:36:28 2004