Re: svn commit: r19520 - trunk/subversion/mod_dav_svn

From: Malcolm Rowe <malcolm-svn-dev_at_farside.org.uk>
Date: 2006-05-05 10:52:22 CEST

On Thu, May 04, 2006 at 11:37:34PM -0700, lundblad@tigris.org wrote:
> Author: lundblad
> Date: Thu May 4 23:37:34 2006
> New Revision: 19520
>
> Modified:
> trunk/subversion/mod_dav_svn/version.c
>
> Log:
> * subversion/mod_dav_svn/version.c
> (dav_svn__build_lock_hash): Don't crash if there were elements in our
> namespace, but still no lock-token-list element.
> (This doesn't happen with our current client.)

But it could be caused by a malicious client.

I'm not too familiar with how Apache modules work - what's the effect
of a segfault in mod_dav_svn in practice?

This is nominated for backport for 1.3.2 - do we need to expedite
that release to get this fix out, or are we happy to just get it out
as-and-when we decide to do a release?

>
> Found by: Coverity <http://scan.coverity.com>
> (CID: 18)
>

Regards,
Malcolm

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri May 5 10:53:04 2006

This message: [ Message body ]
Next message: Peter N. Lundblad: "Re: Starting Apache as a Service - Error?"
Previous message: Michael Mott: "Starting Apache as a Service - Error?"
Next in thread: Peter N. Lundblad: "Re: svn commit: r19520 - trunk/subversion/mod_dav_svn"
Reply: Peter N. Lundblad: "Re: svn commit: r19520 - trunk/subversion/mod_dav_svn"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]