[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: abort or assert?

From: Mark Phippard <MarkP_at_softlanding.com>
Date: 2004-11-09 22:20:55 CET

Branko ibej <brane@xbc.nu> wrote on 11/09/2004 04:13:47 PM:

> Mark Phippard wrote:
> >I just ran into this issue in our port of Subversion to OS/400, because
we
> >were not defining NDEBUG when we compiled, so we had the assert's in
our
> >code.
> >
> >I was testing our port of svnserve, and was using Subclipse (which uses

> >JavaHL) from Windows. When I take the option to checkout a project,
> >Subclipse sends a list command to the server with a trailing slash on
the
> >end of the path name. On the server, the request would get into
> >svn_path_remove_component which does this as its first line.
> >
> >assert (is_canonical (path->data, path->len));
> >
> >The assert fails because of the trailing slash and the server aborts. A

> >Windows debug build of svnserve does the same thing.
> >
> >So where does this problem lie? Subclipse shouldn't be sending this
> >request, but apparently the JavaHL layer lets it. It doesn't seem like
a
> >server ought to abort over something like this, but I do not want to
> >damage my repository either. In researching this, we realized that we
> >need to define NDEBUG on
> >
> It's better for the the server to abort than to corrupt your data. So
> the assert should remain enabled, IMHO. Of course, in this case you also

> found a bug in either the Eclipse plug-in, or JavaHL, depending on
> whether JavaHL documents that its input paths should be canonical or
not.
>
> > our compile to remove the assert(). Is this the
> >wrong thing to be doing?
> >
> >
> I'd say so, yes.

I think it is a pretty tough decision. I do not like the idea that anyone
could so easily just bring down a server. How is that different than a
DoS? Would it be outside the realm of possibility for the server to just
terminate the conversation in this situation, as opposed to aborting? Is
the error just too deep in the Subversion library to percolate back up to
the level that would need to do that?

FWIW, the latest Subclipse version does not do this, but the older
version, which you have to use with IBM's WSAD 5.x, does.

Mark

_____________________________________________________________________________
Scanned for SoftLanding Systems, Inc. by IBM Email Security Management Services powered by MessageLabs.
_____________________________________________________________________________

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Nov 9 22:22:22 2004

This is an archived mail posted to the Subversion Dev mailing list.