[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn commit: r924201 - in /subversion/trunk/subversion: libsvn_client/mergeinfo.c libsvn_subr/mergeinfo.c tests/libsvn_subr/mergeinfo-test.c

From: Julian Foad <julian.foad_at_wandisco.com>
Date: Fri, 19 Mar 2010 00:44:55 +0000

On Thu, 2010-03-18 at 17:34 -0400, Greg Stein wrote:
> On Wed, Mar 17, 2010 at 05:37, <julianfoad_at_apache.org> wrote:
> >...
> > +++ subversion/trunk/subversion/libsvn_subr/mergeinfo.c Wed Mar 17 09:37:11 2010
> >...
> > @@ -763,20 +765,31 @@ svn_rangelist_merge(apr_array_header_t *
> > return SVN_NO_ERROR;
> > }
> >
> > +/* Return TRUE iff the forward revision ranges FIRST and SECOND overlap and
> > + * (if CONSIDER_INHERITANCE is TRUE) have the same inheritability. */
> > static svn_boolean_t
> > range_intersect(const svn_merge_range_t *first, const svn_merge_range_t *second,
> > svn_boolean_t consider_inheritance)
> > {
> > + SVN_ERR_ASSERT_NO_RETURN(IS_VALID_FORWARD_RANGE(first));
> > + SVN_ERR_ASSERT_NO_RETURN(IS_VALID_FORWARD_RANGE(second));
>
> If somebody manually tweaks an svn:mergeinfo property to include 0,
> then is our library going to dump core?
>
> (I imagine props are checked much earlier, but a new core dump is
> always something to question :-P )

Good question. Let's see where the mergeinfo prop values are parsed
into svn_merge_range_t's.

Paul, do you think I should add a check like the following to
svn_mergeinfo_parse()?

[[[
Index: subversion/libsvn_subr/mergeinfo.c
===================================================================
--- subversion/libsvn_subr/mergeinfo.c (revision 924839)
+++ subversion/libsvn_subr/mergeinfo.c (working copy)
@@ -611,10 +611,19 @@ parse_revision_line(const char **input,
       qsort(rangelist->elts, rangelist->nelts, rangelist->elt_size,
             svn_sort_compare_ranges);
       lastrange = APR_ARRAY_IDX(rangelist, 0, svn_merge_range_t *);
+ if (! IS_VALID_FORWARD_RANGE(lastrange))
+ return svn_error_createf(SVN_ERR_MERGEINFO_PARSE_ERROR, NULL,
+ _("Bad range in mergeinfo: '%s'"),
+ range_to_string(lastrange, pool));
 
       for (i = 1; i < rangelist->nelts; i++)
         {
           range = APR_ARRAY_IDX(rangelist, i, svn_merge_range_t *);
+ if (! IS_VALID_FORWARD_RANGE(range))
+ return svn_error_createf(SVN_ERR_MERGEINFO_PARSE_ERROR, NULL,
+ _("Bad range in mergeinfo: '%s'"),
+ range_to_string(range, pool));
+
           if (lastrange->start <= range->end
               && range->start <= lastrange->end)
             {
]]]

- Julian
Received on 2010-03-19 01:45:26 CET

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.