[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] Don't segfault on bogus URL

From: Stefan Sperling <stsp_at_elego.de>
Date: Wed, 14 May 2008 00:28:57 +0200

On Tue, May 13, 2008 at 03:03:32PM -0700, epg_at_google.com wrote:
> Stefan Sperling <stsp_at_elego.de> writes:
>
> > On Mon, May 12, 2008 at 07:46:24PM -0700, epg_at_google.com wrote:
> > > [[[
> > > Fix segmentation fault in svn_ra_open3 when passed a bogus URL such as
> > > 'bogusURL'.
> > >=20
> > > * subversion/libsvn_ra/ra_loader.c
> > > (svn_ra_open3): Raise SVN_ERR_RA_ILLEGAL_URL if repos_URI.hostname is
> > > NULL rather than passing that NULL to svn_config_find_group().
> > > ]]]
> >
> > +1, please commit. Thanks for catching this (it's in my code).
>
> Heh, don't worry, it's actually glasser's fault, in r25535. You
> just moved it around :).

That code just seemed so strangely familiar :)

> Perhaps the real fix is to add a new
> svn_uri_parse that ensures hostname is not NULL. It may even be
> a bug in apr_uri_parse; maybe that should set hostname to "" as
> it does when parsing file:///foo .

It should probably do that, sounds reasonable.
A zero-length string will probably not cause a crash like NULL does.
No idea if a zero-length string has other bad side effects though.

Stefan

  • application/pgp-signature attachment: stored
Received on 2008-05-14 00:27:18 CEST

This is an archived mail posted to the Subversion Dev mailing list.