"Bert Huijben" <bert_at_qqmail.nl> writes:
>> --- subversion/trunk/subversion/libsvn_ra_svn/client.c (original)
>> +++ subversion/trunk/subversion/libsvn_ra_svn/client.c Fri Oct 18 11:22:21
>> @@ -1340,7 +1340,7 @@ static svn_error_t *ra_svn_get_dir(svn_r
>> SVN_ERR(svn_ra_svn__parse_tuple(elt->u.list, pool, "cwnbr(?c)(?c)",
>> &name, &kind, &size, &has_props,
>> &crev, &cdate, &cauthor));
>> - name = svn_relpath_canonicalize(name, pool);
> Then most likely there is a difference between implementation and
> svn ls -R path
> will use this function with deeper names.
> See list.c get_dir_contents(), which calls itself recursively with
> longer and longer components.
> And I'm pretty sure there are also third party clients that use this
> feature via their own usage of the ra layer.
Even if the docs and current implementation always provide a single
component we should still either canonicalize, or check and raise an
error, to defend against against misbehaving or malicious servers.
Philip Martin | Subversion Committer
WANdisco // *Non-Stop Data*
Received on 2013-10-18 18:39:59 CEST