[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: crash with incomplete url

From: Stefan Küng <tortoisesvn_at_gmail.com>
Date: 2006-05-23 08:34:05 CEST

On 5/22/06, Garrett Rooney <rooneg@electricjellyfish.net> wrote:
> On 5/21/06, Stefan Küng <tortoisesvn@gmail.com> wrote:
> > Hi,
> >
> > Had some time to go through all the crashreports I got for TSVN:
> >
> > If a valid (but not very usable, I admit) url is passed to some (or
> > all?) Subversion API's, it will crash.
> > Unfortunately, I can't reproduce this with the CL client, I guess it's
> > because it parses the URL first for peg revisions and that function
> > errors out for such urls. But the API should error out too if it can't
> > do anything with the url - most other clients don't have the pegrev
> > syntax as the CL client and therefore don't use that checking function.
> >
> > For example, passing "svn+ssh:" as the URL to svn_client_ls() will crash
> > in svn_path_uri_decode(), because the path is NULL. That's because in
> > the outer function find_tunnel_agent(), the hostinfo string is NULL
> > (which is of course correct, because there is no hostinfo in that url).
> >
> > This applies to Subversion 1.3.1, the 1.4.x branch and trunk.
>
> There's an interesting question here. We generally require that
> arguments passed to our functions be valid, and if they aren't we tend
> to die quickly and brutally. For example, if you pass non-cannonical
> paths to a svn function you're likely to hit an assert rather quickly.
> Are URLs like this considered valid or not?

I'd say that a library always should check (and reject if necessary)
all inputs and not crash.
But in this case, I think this is more important than usual. Because
an url like 'svn+ssh://' is a valid url according to the specs, but
not for Subversion. So how can you expect clients using your library
to know what urls are valid for Subversion and which ones are not?
Since only Subversion knows what it considers valid, it should also do
the checking.
Or at least provide another API function to check the url for validity.
Otherwise, clients using the API will have a hard time figuring out
all the possible cases which Subversion doesn't like in an url and
which ones it considers valid.

Stefan 

-- 
       ___
  oo  // \\      "De Chelonian Mobile"
 (_,\/ \_/ \     TortoiseSVN
   \ \_/_\_/>    The coolest Interface to (Sub)Version Control
   /_/   \_\     http://tortoisesvn.tigris.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue May 23 08:34:31 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.