[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn_xml_is_xml_safe() ... is not so safe?

From: C. Michael Pilato <cmpilato_at_collab.net>
Date: 2005-02-18 18:27:25 CET

Ben Collins-Sussman <sussman@collab.net> writes:

> On Feb 18, 2005, at 10:56 AM, Ben Collins-Sussman wrote:
>
> >
> > kfogel and I are persuaded. The final strategy will be:
> >
> > 1. svn_client_lock() will throw error if it sees a non-xml-safe
> > lock comment.
> > 2. svn_fs_lock() will do the same.
> > 3. svn_ra_dav__lock() will (obviously) xml-escape the lock comment
> > before sending.
> >
> > But... a different problem has come up. See my next mail.
> >
>
> I thought that the function svn_xml_is_xml_safe() was our magic
> ticket, but upon looking at its implementation, it seems to be overly
> restrictive. Look at the bitmask it uses: it won't allow valid UTF8
> through!
>
> This is a pretty old function... are there latent bugs lying around?

Latent bugs would only manifest themselves in over-conservatism. The
function only claims that some things that are safe, aren't. Not the
other way around.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Feb 18 18:31:22 2005

This is an archived mail posted to the Subversion Dev mailing list.