Lock message not xml escaped

From: <kmradke_at_rockwellcollins.com>
Date: Thu, 2 Apr 2009 17:18:25 -0500

After posting on users, I have now verified that lock messages
are not correctly xml escaped over neon in both svn 1.5 and 1.6.

svn lock http://server/repo/path/to/file.txt -m"Lock & load"

fails with error:

svn: Server sent unexpected return value (400 Bad Request) in response to
LOCK request for '/repo/path/to/file.txt'

Looking at the xml sent from the client to the server it is obviously not
escaped:

<?xml version="1.0" encoding="utf-8" ?><D:lockinfo xmlns:D="DAV:">
<D:lockscope><D:exclusive /></D:lockscope> <D:locktype><D:write
/></D:locktype> <D:owner>Lock & load</D:owner></D:lockinfo>

"&" should be replaced with "&"

Line 411 of libsvn_client/locking_commands.c is checking to make
sure the comment doesn't contain non-xml escapable characters, but
isn't escaping the string. I'm not sure if it should (since not
all ra layers will probably need the comment xml escaped.)

Is the proper place to xml escape this around line 274
of libsvn_ra_neon/lock.c? (And possibly somewhere in the other
ra layers?)

(This seems like a trivial fix, so I'm not offended if someone
else beats me to a patch...)

Thanks!
Kevin R.

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=1525355
Received on 2009-04-03 00:18:40 CEST

This message: [ Message body ]
Next message: Bert Huijben: "RE: Windows buildbot failures"
Previous message: Stefan Sperling: "Re: [PATCH] Modified message in libsvn_client/delete.c"
Next in thread: Daniel Shahaf: "Re: Lock message not xml escaped"
Reply: Daniel Shahaf: "Re: Lock message not xml escaped"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]