[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Unnecessary path encoding in svnserve

From: Peter N. Lundblad <peter_at_famlundblad.se>
Date: 2004-08-04 15:14:31 CEST

On Tue, 3 Aug 2004, Greg Hudson wrote:

> On Tue, 2004-08-03 at 18:17, Peter N. Lundblad wrote:
> > I was looking at this. The problem is how to detect encoding errors.
> > Currently, we just return the APR error wrapped on recoding errors. Should
> > we introduce a special error code for recoding errors and wrap the APR
> > status in such an error?
>
> An alternative is to make svn_repos_find_root_path() perform a trial
> encoding of the path, chopping off components until it succeeds, and
> only then start calling check_repos_path().
>
Seems a little hackish to me, but it is a simpler change.

> > Would it be enough to check the URL path for "too many .. segments", i.e.
> > "foo/../bar" would be ok, but "foo/../.." would fail?
>
> I don't think we're currently allowing any .. segments in URLs, so it
> seems simplest to just blow out if you find any path segment equal to
> "..".
>
Yep.

Thanks,
//Peter

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Aug 4 18:45:56 2004

This is an archived mail posted to the Subversion Dev mailing list.