[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] Re: Is mod_dav_svn safe for use in a threaded MPM?

From: Malcolm Rowe <malcolm-svn-dev_at_farside.org.uk>
Date: 2007-04-12 20:06:16 CEST

On Thu, Apr 12, 2007 at 09:52:35AM -0700, Eric Gillespie wrote:
> "Ben Collins-Sussman" <sussman@red-bean.com> writes:
> > Your latest patch looks reasonable to me.
> >
> > Also, the client *does* choose the activity name. It does a PROPFIND
> > asking the server where activities should be stored, and gets back an
> > opaque URI. The client then sends a request: "MKACTIVITY
> > URI/someactivityname". It could be anything.
> >
> > libsvn_ra_dav is set up to use an apr_uuid as an activity name, but a
> > malicious client could send "../../blah" or an activity named AUX or
> > COM or something. We need to put in some server-side checking.
> Great, thanks. I'll be asking for review again after i add the
> checks. Probably not today, though.

Here's an idea: rather than do complex auditing to make sure the path is
safe, or blacklisting or whatever, why not just use MD5(activity id) as
the filename and rely on hash collisions being extremely unlikely?


  • application/pgp-signature attachment: stored
Received on Thu Apr 12 20:07:47 2007

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.