[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn commit: r19520 - trunk/subversion/mod_dav_svn

From: Peter N. Lundblad <peter_at_famlundblad.se>
Date: 2006-05-05 11:10:05 CEST

Malcolm Rowe writes:
> On Thu, May 04, 2006 at 11:37:34PM -0700, lundblad@tigris.org wrote:
> > Author: lundblad
> > Date: Thu May 4 23:37:34 2006
> > New Revision: 19520
> >
> > Modified:
> > trunk/subversion/mod_dav_svn/version.c
> >
> > Log:
> > * subversion/mod_dav_svn/version.c
> > (dav_svn__build_lock_hash): Don't crash if there were elements in our
> > namespace, but still no lock-token-list element.
> > (This doesn't happen with our current client.)
>
> But it could be caused by a malicious client.

That's the reason for the backport nomination.

> I'm not too familiar with how Apache modules work - what's the effect
> of a segfault in mod_dav_svn in practice?

It crashes the process...

> This is nominated for backport for 1.3.2 - do we need to expedite
> that release to get this fix out, or are we happy to just get it out
> as-and-when we decide to do a release?
>
We don't need to rush it out, but we should start thinking of 1.3.2 in the near
future IMO.

Thanks,
//Peter

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri May 5 11:10:34 2006

This is an archived mail posted to the Subversion Dev mailing list.