Re: Unnecessary path encoding in svnserve

On Tue, 2004-08-03 at 18:17, Peter N. Lundblad wrote:
> I was looking at this. The problem is how to detect encoding errors.
> Currently, we just return the APR error wrapped on recoding errors. Should
> we introduce a special error code for recoding errors and wrap the APR
> status in such an error?

Maybe. That would have ramifications for essentially every
failure-to-encode situation; we might start producing overly-verbose
error messages for those cases.

An alternative is to make svn_repos_find_root_path() perform a trial
encoding of the path, chopping off components until it succeeds, and
only then start calling check_repos_path().

> > * Making svnserve's find_repos() use svn_path_join() instead of
> > apr_filepath_merge(). To prevent the client from escaping from the
> > repository root, we'd have to check for ".." path elements separately.

> Would it be enough to check the URL path for "too many .. segments", i.e.
> "foo/../bar" would be ok, but "foo/../.." would fail?

I don't think we're currently allowing any .. segments in URLs, so it
seems simplest to just blow out if you find any path segment equal to
"..".

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Aug 4 04:37:37 2004