Ok, so since we can't modify the config parser, here's a patch that
makes us a bit stricter about the parsing of the values in
authorization config files.
I'm not overly thrilled with this, since it doesn't actually error out
when an unexpected character is found (it just stops parsing). The
enumeration functions don't actually allow you to return an error, so
currently the only way to do so is to stash an error in the baton and
look at it later, which seems kind of hacky. Plus, I'm not positive
if we'd want to explicitly error out, although silently accepting
invalid input seems bad as well.
-garrett
[[[
Make authz parsing more strict, stopping once it sees characters that are
not valid directives.
* subversion/libsvn_repos/authz.c
(authz_parse_line): Instead of doing a simple strchr to find r and w
characters in the value use a more strict approach that stops us from
running off into comments.
]]]
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Apr 28 02:23:40 2006