[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svncpp crash in ssl_server_trust_file_save_credentials

From: Tobias Ringstrom <tobias_at_ringstrom.mine.nu>
Date: 2004-01-19 17:26:38 CET

Barry Scott wrote:
> I'm testing SSL callbacks for the pysvn python extension and I'm seeing a
> reproducible crash with 0.36.0.
> Pysvn uses the svncpp library from rapidsvn patched to support 0.36.0.
> I don't know if its the svncpp code or the svn code that is in
> error here. Can an SSL auth export comment on where a fix needs
> to be made please?
> The crash occurs in svn_config_write_auth_data that is passed the
> realmstring as NULL from ssl_server_trust_file_save_credentials
> (ssl_server_providers.c).
> This is because pb->realmstring is NULL in
> ssl_server_trust_file_save_credential.
> With the subversion client pb->realmstring will be setup by the code in
> ssl_server_trust_file_first_credentials.
> But the svncpp code has its own provider that implements the
> first_credentials callback but not the save_credentials callback.

Interesting. Yes, this is a horrible (and quite old) misuse of the
provider baton. I can see two ways to fix this: We can either add the
realmstring to all credential structs, or we can add a realmstring to
the next and save providers functions. The cred_kind/realmstring pair is
the key when you search for credentials, so it makes a lot of sense to
go for the second alternative, i.e. to add a realmstring parameter to
the next and save functions.

Any objections?


To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Jan 19 17:27:10 2004

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.