Branko Čibej wrote:
> [...]
>
>> ### 1947: possible data corruption bug. Already has a patch. Has no
>> milestone currently; worth putting into 1.1 this week? Does
>> someone want to review/apply the patch?
>
> I think the patch is incomplete. It should _also_ be checking that the
> two characters following the '%' are actually hex digits. [...]
Thank you for the review, here is the new patch. The change is still
quite local, although it brought in another include.
/Klaus
<><>[[[
Check that the two characters following the % escape are valid hex
digits. This serves to check for premature end of input as well.
<>* subversion/libsvn_subr/path.c
<> (svn_path_uri_decode): Check syntax of % escape.
* subversion/tests/libsvn_subr/path-test.c
(test_uri_decode): New test function.
(test_funcs): Added test_uri_decode.
]]]
Index: D:/kre/workspace/svn/subversion/libsvn_subr/path.c
===================================================================
--- D:/kre/workspace/svn/subversion/libsvn_subr/path.c (revision 10145)
+++ D:/kre/workspace/svn/subversion/libsvn_subr/path.c (working copy)
@@ -20,6 +20,7 @@
�
#include <string.h>
#include <assert.h>
+#include <ctype.h> /* for svn_path_uri_decode() */
#include <apr_file_info.h>
@@ -871,7 +872,7 @@
* RFC 2396, section 3.3 */
c = ' ';
}
- else if (c == '%')
+ else if (c == '%' && isxdigit (path[i + 1]) && isxdigit (path[i + 2]))
{
char digitz[3];
digitz[0] = path[++i];
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Jul 7 06:22:14 2004