[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn commit: r1242608 - /subversion/branches/1.7.x/STATUS

From: Daniel Shahaf <danielsh_at_elego.de>
Date: Fri, 10 Feb 2012 05:39:00 +0200

Old code allows malicious servers to abort() the process libsvn is
linked to, new code doesn't.

Greg Stein wrote on Thu, Feb 09, 2012 at 22:14:39 -0500:
> DoS? With the old code: the client died. With the new code: the client
> dies. No change that I'm aware of, other than a nicer error message.
>
> It seems the justification would be, "nicer error message" rather than
> anything about DoS.
>
> Cheers,
> -g
> On Feb 9, 2012 6:46 PM, <danielsh_at_apache.org> wrote:
>
> > Author: danielsh
> > Date: Thu Feb 9 23:46:06 2012
> > New Revision: 1242608
> >
> > URL: http://svn.apache.org/viewvc?rev=1242608&view=rev
> > Log:
> > Nominate r1242607.
> >
> > Modified:
> > subversion/branches/1.7.x/STATUS
> >
> > Modified: subversion/branches/1.7.x/STATUS
> > URL:
> > http://svn.apache.org/viewvc/subversion/branches/1.7.x/STATUS?rev=1242608&r1=1242607&r2=1242608&view=diff
> >
> > ==============================================================================
> > --- subversion/branches/1.7.x/STATUS (original)
> > +++ subversion/branches/1.7.x/STATUS Thu Feb 9 23:46:06 2012
> > @@ -85,6 +85,13 @@ Candidate changes:
> > Votes:
> > +1: philip
> >
> > + * r1242607
> > + Convert ra_serf assertions to errors.
> > + Justification:
> > + Malicious server can DoS clients.
> > + Votes:
> > + +1: danielsh
> > +
> > Veto-blocked changes:
> > =====================
> >
> >
> >
> >
Received on 2012-02-10 04:39:52 CET

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.