[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

[PATCH] stricter parsing of values in authz files

From: Garrett Rooney <rooneg_at_electricjellyfish.net>
Date: 2006-04-28 02:23:18 CEST

Ok, so since we can't modify the config parser, here's a patch that
makes us a bit stricter about the parsing of the values in
authorization config files.

I'm not overly thrilled with this, since it doesn't actually error out
when an unexpected character is found (it just stops parsing). The
enumeration functions don't actually allow you to return an error, so
currently the only way to do so is to stash an error in the baton and
look at it later, which seems kind of hacky. Plus, I'm not positive
if we'd want to explicitly error out, although silently accepting
invalid input seems bad as well.

-garrett

[[[
Make authz parsing more strict, stopping once it sees characters that are
not valid directives.

* subversion/libsvn_repos/authz.c
  (authz_parse_line): Instead of doing a simple strchr to find r and w
   characters in the value use a more strict approach that stops us from
   running off into comments.
]]]

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Fri Apr 28 02:23:40 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.