Re: svn commit: r1476366 - /subversion/trunk/subversion/svn/props.c

From: Julian Foad <julianfoad_at_btopenworld.com>
Date: Sat, 27 Apr 2013 17:25:36 +0100 (BST)

Daniel Shahaf wrote:

>> URL: http://svn.apache.org/r1476366
>> Log:
>> * subversion/svn/props.c
>> (svn_cl__check_svn_prop_name): Eliminate an unsafe printf format string
>> by using svn_error_create() instead of svn_error_createf().
>
> unsafe printf string == heap underflow == potential segfault == backport
> candidate?

I couldn't find a way to trigger it, since putting '%' in a property name leads to the property name being rejected as invalid earlier on.

So I don't think there is an actual security risk here. We might want to backport in order to avoid the compiler warning and avoid fear, uncertainty and doubt when people see this.

I'll nominate it.

- Julian

>> - return svn_error_createf(
>> + return svn_error_create(
>> SVN_ERR_CLIENT_PROPERTY_NAME, NULL,
>> wrong_prop_error_message(prop_use, propname, scratch_pool));
Received on 2013-04-27 18:26:31 CEST

This message: [ Message body ]
Next message: Julian Foad: "Re: [PATCH] Re: svn commit: r1476563 - /subversion/trunk/subversion/svnserve/serve.c"
Previous message: Branko ÄŒibej: "Re: [PATCH] Re: svn commit: r1476563 - /subversion/trunk/subversion/svnserve/serve.c"
In reply to: Daniel Shahaf: "Re: svn commit: r1476366 - /subversion/trunk/subversion/svn/props.c"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]