[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [Issue 4584] New - Non-canonical $HOME crashes GPG-agent support code

From: Julian Foad <julianfoad_at_btopenworld.com>
Date: Mon, 20 Jul 2015 15:37:26 +0100

Bert said on IRC: "julianf: I would recommend fixing the api
implementation (to follow our common rule: all passed paths are
canonical, unless documented otherwise) and just backporting the fix."

The minimal fix is committed to trunk in r1691928. Note that this
fixes the *only* caller that exists so far that didn't canonicalize
the resulting path.

A better fix, but one less suitable for back-porting, is committed in
r1691952. That makes svn_user_get_homedir() always return a canonical
path.

I tried writing a unit test for it, and came up with the attached
'test_svn_user_get_homedir.patch'.

I don't like it much: it messes with the 'HOME' variable in the
process's environment, and although it makes some attempt to avoid
parallel execution and tries to reset the variable afterwards, it
doesn't do so in all cases. Notably it errors out if the 'HOME' env
var is unset to start with.

Do we want a unit test something like this, and if so how should I
make it more Good?

I still intend to nominate the minimal fix r1691928 for backport to
1.8.x and 1.9.x.

- Julian

On 20 July 2015 at 14:05, Julian Foad <julianfoad_at_btopenworld.com> wrote:
> I (Julian Foad) wrote:
>> I have a one-line fix for this issue, which I've tested by hand:
>> [...]
>> I don't have an automated regression test. Should I go ahead and commit
>> the fix anyway, and propose for backport to 1.8 and 1.9?
>
> Of course, we would like to have a regression test. Can anyone help
> me write one? I took a quick look in
> subversion/tests/libsvn_subr/auth-test.c for inspiration and am a bit
> lost where to start at that level.
>
> If we go for a 'proper' fix, we could write a unit test for
> svn_user_get_homedir(), which would be much easier than a regression
> test for the authentication scenario with GPG-agent.
>
> - Julian

Received on 2015-07-20 16:41:11 CEST

This is an archived mail posted to the Subversion Dev mailing list.