[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Lack of validation in svn_repos_open()

From: Michael Pilato <cmpilato_at_collab.net>
Date: 2005-12-06 18:43:28 CET

On Tue, 2005-12-06 at 17:31 +0000, Malcolm Rowe wrote:
> On Tue, Dec 06, 2005 at 05:37:23PM +0100, Mathias Weinert wrote:
> > 1. The script is not very robust against wrong command line
> > arguments. You get for example an assertion if you call it with
> > a repos path with a trailing slash (like bash completion
> > provides it):
> > assertion "is_canonical (base, blen)" failed: file "subversion/libsvn_subr/path.c", line 114
> > Aborted (core dumped)
> >
>
> This is a bug in the Subversion libraries - we should never abort()
> if a caller supplies a path with a trailing slash by mistake.
>
> See attached testcase: it looks like svn_repos_open() (at least) needs
> to validate (or massage) its input better.
>
> $ ./svn_repos_open_assert
> svn_repos_open_assert: subversion/libsvn_subr/path.c:114: svn_path_join: Assertion `is_canonical (base, blen)' failed.
> Aborted

On the contrary -- the Subversion public APIs declare that callers must
provide canonicalized paths as input, and even provide functions for
doing said canonicalization. The assertion exists to notify callers (in
perhaps the harshest way possible) that they've violated the function's
contract.

-- 
C. Michael Pilato <cmpilato@collab.net> 
CollabNet   <>   www.collab.net   <>   Distributed Development On Demand

Received on Tue Dec 6 19:10:58 2005

This is an archived mail posted to the Subversion Dev mailing list.